]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 84f88ca) | patch
Deprecate --no-iv
authorSteffan Karger <steffan@karger.me>
Wed, 7 Dec 2016 19:20:47 +0000 (20:20 +0100)
committerGert Doering <gert@greenie.muc.de>
Wed, 7 Dec 2016 21:06:18 +0000 (22:06 +0100)
commit4969f0d6bba8a82d411f0700c2e8e4efbeccb6c8
treeaa0802e34d003e4692995bc719a0a8a1369d5f93tree
parent84f88ca4d57cd0dc40fd945e09ab1cea1b2cd0b7commit | diff
Deprecate --no-iv

This fixes the bug of supporting --no-iv (since we're only accepting
bugfixes in the current release phase ;) ).

The --no-iv function decreases security if used (CBC *requires*
unpredictable IVs, other modes don't allow --no-iv at all), and even
marginally decreases other user's security by adding unwanted
complexity to our code.

Let's get rid of this.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1481138447-6292-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13430.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Changes.rst diff | blob | blame | history
doc/openvpn.8 diff | blob | blame | history
src/openvpn/options.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git