git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Fri, 27 Dec 2024 12:46:32 +0000 (13:46 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Tue, 31 Dec 2024 16:42:52 +0000 (17:42 +0100)
commit	6a7931a4a89cb35be7b799942e7fa03fde2cdc63
tree	3511173cd42ebc7b7884258af482561b98a5dcdf	tree
parent	1452625bc364cb5847daedaad238c7a5eb3eff5e	commit \| diff

Allow DEFAULT in data-ciphers and report both expanded and user set option

This adds support for parsing DEFAULT in data-ciphers, the idea is that people
can modify the default without repeating the default ciphers.

In the past we have seem that people will use data-ciphers BF-CBC or
data-ciphers AES-128-CBC when getting the warning that the cipher is not
supported by the server. This commit aims to provide a better way for
these situation as we still want people to rely on default cipher selection
from OpenVPN when possible.

Change-Id: Ia1c5209022d3ab4c0dac6438c41891c7d059f812
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20241227124632.110920-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30245.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

Changes.rst		diff \| blob \| blame \| history
doc/man-sections/protocol-options.rst		diff \| blob \| blame \| history
src/openvpn/multi.c		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history
src/openvpn/options.h		diff \| blob \| blame \| history
src/openvpn/ssl_ncp.c		diff \| blob \| blame \| history
src/openvpn/ssl_ncp.h		diff \| blob \| blame \| history
tests/unit_tests/openvpn/test_ncp.c		diff \| blob \| blame \| history