ACK -Steffan
On 06-12-14 14:22, Arne Schwabe wrote: > --- > doc/openvpn.8 | 5 +++-- > src/openvpn/crypto.c | 1 + > 2 files changed, 4 insertions(+), 2 deletions(-) > > diff --git a/doc/openvpn.8 b/doc/openvpn.8 > index 1fd53b0..3472778 100644 > --- a/doc/openvpn.8 > +++ b/doc/openvpn.8 > @@ -4580,14 +4580,15 @@ An OpenVPN static key file generated by > .B direction > parameter is used). > > -.B (2) > +.B (2) DEPRECATED > A freeform passphrase file. In this case the HMAC key will > be derived by taking a secure hash of this file, similar to > the > .BR md5sum (1) > or > .BR sha1sum (1) > -commands. > +commands. This option is deprecated and will stop working in OpenVPN 2.4 and > +newer releases. > > OpenVPN will first try format (1), and if the file fails to parse as > a static key file, format (2) will be used. > diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c > index 0a5e83f..475c253 100644 > --- a/src/openvpn/crypto.c > +++ b/src/openvpn/crypto.c > @@ -787,6 +787,7 @@ get_tls_handshake_key (const struct key_type *key_type, > msg (M_INFO, > "Control Channel Authentication: using '%s' as a free-form > passphrase file", > passphrase_file); > + msg (M_WARN, "DEPRECATED OPTION: Using freeform files for tls-auth > is deprecated and is not supported in OpenVPN 2.4 or newer versions"); > } > } > /* handle key direction */ >
