:code:`IV_PLAT=[linux|solaris|openbsd|mac|netbsd|freebsd|win]`
The client OS platform
- :code:`IV_LZO_STUB=1`
- If client was built with LZO stub capability
-
- :code:`IV_LZ4=1`
- If the client supports LZ4 compressions.
-
:code:`IV_PROTO`
Details about protocol extensions that the peer supports. The
- variable is a bitfield and the bits are defined as follows
- (starting a bit 0 for the first (unused) bit:
+ variable is a bitfield and the bits are defined as follows:
+ - bit 0: Reserved, should always be zero
- bit 1: The peer supports peer-id floating mechanism
- bit 2: The client expects a push-reply and the server may
send this reply without waiting for a push-request first.
- bit 3: The client is capable of doing key derivation using
RFC5705 key material exporter.
- bit 4: The client is capable of accepting additional arguments
- to the `AUTH_PENDING` message.
+ to the ``AUTH_PENDING`` message.
+ - bit 5: The client supports doing feature negotiation in P2P mode
+ - bit 6: The client is capable of parsing and receiving the ``--dns`` pushed option
+ - bit 7: The client is capable of sending exit notification via control channel using ``EXIT`` message. Also, the client is accepting the protocol-flags pushed option for the EKM capability
+ - bit 8: The client is capable of accepting ``AUTH_FAILED,TEMP`` messages
+ - bit 9: The client is capable of dynamic tls-crypt
:code:`IV_NCP=2`
Negotiable ciphers, client supports ``--cipher`` pushed by
the server, a value of 2 or greater indicates client supports
- *AES-GCM-128* and *AES-GCM-256*.
+ *AES-GCM-128* and *AES-GCM-256*. IV_NCP is *deprecated* in
+ favor of ``IV_CIPHERS``.
- :code:`IV_CIPHERS=<ncp-ciphers>`
+ :code:`IV_CIPHERS=<data-ciphers>`
The client announces the list of supported ciphers configured with the
``--data-ciphers`` option to the server.
Additional authentication methods supported by the client.
This may be set by the client UI/GUI using ``--setenv``
+ The following flags depend on which compression formats are compiled in
+ and whether compression is allowed by options. See `Protocol options`_
+ for more details.
+
+ :code:`IV_LZO=1`
+ If client supports LZO compression.
+
+ :code:`IV_LZO_STUB=1`
+ If client was built with LZO stub capability. This is only sent if
+ ``IV_LZO=1`` is not sent.
+
+ :code:`IV_LZ4=1` and :code:`IV_LZ4v2=1`
+ If the client supports LZ4 compression.
+
+ :code:`IV_COMP_STUB=1` and :code:`IV_COMP_STUBv2=1`
+ If the client supports stub compression.
+
When ``--push-peer-info`` is enabled the additional information consists
of the following data:
OpenVPN 2.x and some other implementations use the MAC address of
the client's interface used to reach the default gateway. If this
string is generated by the client, it should be consistent and
- preserved across independent session and preferably
+ preserved across independent sessions and preferably
re-installations and upgrades.
:code:`IV_SSL=<version string>`
- The ssl version used by the client, e.g.
+ The ssl library version used by the client, e.g.
:code:`OpenSSL 1.0.2f 28 Jan 2016`.
:code:`IV_PLAT_VER=x.y`
The version of the operating system, e.g. 6.1 for Windows 7.
+ This is only sent on Windows operating systems.
:code:`UV_<name>=<value>`
Client environment variables whose names start with
projects / thirdparty / openvpn.git / commitdiff
