return false;
}
+ /* Print a warning if we detect the client being in P2P mode and will
+ * not accept our pushed ciphers */
+ if (proto & IV_PROTO_NCP_P2P)
+ {
+ msg(M_WARN, "Note: peer reports running in P2P mode (no --pull/--client"
+ "option). It will not negotiate ciphers with this server. "
+ "Expect this connection to fail.");
+ }
+
if (proto & IV_PROTO_REQUEST_PUSH)
{
c->c2.push_request_received = true;
*/
/**
- * @file Control Channel SSL/Data dynamic negotion Module
+ * @file Control Channel SSL/Data dynamic negotiation Module
* This file is split from ssl.c to be able to unit test it.
*/
const char *peer_ncp_list = tls_peer_ncp_list(peer_info, &gc_tmp);
- /* non-NCP client without OCC? "assume nothing" */
- /* For client doing the newer version of NCP (that send IV_CIPHER)
+ /* non-NCP clients without OCC? "assume nothing" */
+ /* For client doing the newer version of NCP (that send IV_CIPHERS)
* we cannot assume that they will accept remote_cipher */
if (remote_cipher == NULL
|| (peer_info && strstr(peer_info, "IV_CIPHERS=")))
*/
/**
- * @file Control Channel SSL/Data dynamic negotion Module
+ * @file Control Channel SSL/Data dynamic negotiation Module
* This file is split from ssl.h to be able to unit test it.
*/
projects / thirdparty / openvpn.git / commitdiff
