directive that follows is recognized, it will be processed
as if the "setenv opt" prefix was absent. If present and if
the directive that follows is not recognized, the directive
will be ignored rather than cause a fatal error.
For example, suppose you are distributing a client
configuration file and want to set the minimum TLS version
that the client requires from the server to 1.2.
By using the following directive,
setenv opt tls-version-min 1.2 or-highest
only newer clients that understand the tls-version-min directive
would process it, while older clients would ignore it.
(cherry picked from commit
27713761e4110bb92f1c6dfe85db291e8c6e0f56)
Signed-off-by: James Yonan <james@openvpn.net>
URL: http://thread.gmane.org/gmane.network.openvpn.devel/7771
URL: http://thread.gmane.org/gmane.network.openvpn.devel/7744
URL: https://github.com/jamesyonan/openvpn/commit/
27713761e4110bb92f1c6dfe85db291e8c6e0f56
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
config file. Having said that, there are valid reasons for wanting
new software features to gracefully degrade when encountered by
older software versions.
+
+It is also possible to tag a single directive so as not to trigger
+a fatal error if the directive isn't recognized. To do this,
+prepend the following before the directive:
+.B setenv opt
.\"*********************************************************
.TP
.B \-\-setenv-safe name value
const bool pull_mode = BOOL_CAST (permission_mask & OPT_P_PULL_MODE);
int msglevel_fc = msglevel_forward_compatible (options, msglevel);
- ASSERT (MAX_PARMS >= 5);
+ ASSERT (MAX_PARMS >= 7);
+
+ /*
+ * If directive begins with "setenv opt" prefix, don't raise an error if
+ * directive is unrecognized.
+ */
+ if (streq (p[0], "setenv") && p[1] && streq (p[1], "opt") && !(permission_mask & OPT_P_PULL_MODE))
+ {
+ p += 2;
+ msglevel_fc = M_WARN;
+ }
+
if (!file)
{
file = "[CMD-LINE]";
projects / thirdparty / openvpn.git / commitdiff
