plaisthos has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/1369?usp=email )
Change subject: Fix dco with null cipher being enabled without auth none ...................................................................... Fix dco with null cipher being enabled without auth none This is a corner case and only the FreeBSD DCO module support the none encryption but as long as it supports it, we should only enable it when the configuration actually allows to enable it. Change-Id: I1104044701145fa37cea857e2e0e0fcac7a2bee3 Signed-off-by: Arne Schwabe <[email protected]> --- M src/openvpn/dco.c 1 file changed, 10 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/69/1369/1 diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index 7abdad3..a0a990f 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -474,6 +474,16 @@ gc_free(&gc); return false; } + /* FreeBSD supports none as cipher type but requires auth none to be + * be also enabled */ + if (strcmp(token, "none") == 0 && strcmp(o->authname, "none") != 0) + { + msg(msglevel, + "Note: cipher '%s' in --data-ciphers is only supported " + "with --auth=none by ovpn-dco, disabling data channel " + "offload.", + token); + } } gc_free(&gc); -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1369?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: newchange Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I1104044701145fa37cea857e2e0e0fcac7a2bee3 Gerrit-Change-Number: 1369 Gerrit-PatchSet: 1 Gerrit-Owner: plaisthos <[email protected]> Gerrit-CC: openvpn-devel <[email protected]>
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
