From e02616d82105aeb77f8f811c94fd595ca1a96eae Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Tue, 11 Aug 2020 13:02:48 +0200 Subject: [PATCH] Document comp-lzo no and compress being incompatible Most of the new compress but not v2 version do use swap operation. For 'compress lzo' the swap option is not used for backwards compatibility. For lz4 the swap option is also not a problem since there is no version without swap. Unfortunately, compress introduced a second stub format with swap, contrary to the one in 'comp-lzo no' that does not use swap. Document this weirdness to let not others fall into this trap. v2: redo patch for rst man pages Acked-by: Gert Doering Message-Id: <20200811110248.3396-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20708.html Signed-off-by: Gert Doering --- doc/man-sections/protocol-options.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/man-sections/protocol-options.rst b/doc/man-sections/protocol-options.rst index 240d0edf8..82e4b2bde 100644 --- a/doc/man-sections/protocol-options.rst +++ b/doc/man-sections/protocol-options.rst @@ -103,6 +103,9 @@ configured in a compatible way between both the local and remote side. ``lzo`` and ``lz4`` compression support via *IV_* variables to the server. + Note: the :code:`stub` (or empty) option is NOT compatible with the older + option ``--comp-lzo no``. + ***Security Considerations*** Compression and encryption is a tricky combination. If an attacker knows -- 2.47.2