From 3baae9ba52187166b7d0b05901732666477a2acb Mon Sep 17 00:00:00 2001 From: Steffan Karger Date: Sun, 7 Oct 2018 19:52:15 +0200 Subject: [PATCH] Don't print OCC warnings about 'key-method', 'keydir' and 'tls-auth' Like 'proto', a mismatch in key-method, keydir or tls-auth would fail before we ever get to the point where we can print this warning. This prepares for removing these from the occ string later on, but also prepares for tls-crypt-v2, which allows a server to support tls-auth and tls-crypt-v2 connections in parallel. Such a server will send 'keydir' and 'tls-auth' in the occ string. This change removes the spurious warnings about that in the client log. Signed-off-by: Steffan Karger Acked-by: Gert Doering Message-Id: <20181007175215.25009-1-steffan@karger.me> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17618.html Signed-off-by: Gert Doering --- src/openvpn/options.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 2199af530..e42029c58 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3788,11 +3788,15 @@ options_warning_safe_scan2(const int msglevel, const char *b1_name, const char *b2_name) { - /* we will stop sending 'proto xxx' in OCC in a future version - * (because it's not useful), and to reduce questions when - * interoperating, we start not-printing a warning about it today + /* We will stop sending 'key-method', 'keydir', 'proto' and 'tls-auth' in + * OCC in a future version (because it's not useful). To reduce questions + * when interoperating, we no longer printing a warning about it. */ - if (strncmp(p1, "proto ", 6) == 0) + if (strprefix(p1, "key-method ") + || strprefix(p1, "keydir ") + || strprefix(p1, "proto ") + || strprefix(p1, "tls-auth ") + || strprefix(p1, "tun-ipv6")) { return; } -- 2.47.2