git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Steffan Karger <steffan@karger.me>
	Sat, 1 Jul 2017 11:29:51 +0000 (13:29 +0200)
committer	David Sommerseth <davids@openvpn.net>
	Tue, 15 Aug 2017 13:45:58 +0000 (15:45 +0200)
commit	e2ab4958528a352c3ddad02446c10814afe68f6b
tree	8f6a92891b8c3db8da572780f587c18f6b4cada9	tree
parent	5ed5030c349326c5448fd87424c1a2283ccee18f	commit \| diff

Deprecate --keysize

The --keysize option can only be used with already deprecated ciphers,
such as CAST5, RC2 or BF. Deviating from the default keysize is
generally not a good idea (see man page text), and otherwise only
complicates our code.

Since we will also remove the support for weak ciphers (ciphers with
cipher block length less than 128 bits) in OpenVPN 2.6 as well, we
start the deprecation of this option instantly.

[DS: Slightly amended the patch, referencing OpenVPN 2.6 and added
a few more details to Changes.rst and the commit message]

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20170701112951.19119-1-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15004.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
(cherry picked from commit ad178f01444d61e48fca83c4f0bc5d82270cee87)

Changes.rst		diff \| blob \| blame \| history
doc/openvpn.8		diff \| blob \| blame \| history
src/openvpn/options.c		diff \| blob \| blame \| history