For compatibility with OpenVPN older than 2.4.0, the
'--data-cipher-fallback' argument is automatically added with the same
value as specified by '--cipher'.
This happens only when the user specifies compat-mode with a version
older than 2.4.0.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <
20210904095629.6273-6-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22798.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
to the configuration if no other compression options are present.
- 2.4.x or lower: The cipher in ``--cipher`` is appended to
``--data-ciphers``
+ - 2.3.x or lower: ``--data-cipher-fallback`` is automatically added with
+ the same cipher as ``--cipher``
--config file
Load additional config options from ``file`` where each line corresponds
append_cipher_to_ncp_list(o, o->ciphername);
}
+ /* Versions < 2.4.0 additionally might be compiled with --enable-small and
+ * not have OCC strings required for "poor man's NCP" */
+ if (o->ciphername && need_compatibility_before(o, 20400))
+ {
+ o->enable_ncp_fallback = true;
+ }
+
/* Compression is deprecated and we do not want to announce support for it
* by default anymore, additionally DCO breaks with compression.
*
projects / thirdparty / openvpn.git / commitdiff
