Re: [Openvpn-devel] make --persist-key always-on and remove "off" code path

Am 09.04.2021 um 18:28 schrieb Gert Doering: Hi, there was a big discussion on the IRC channel today about interactions between "--chroot" and "--persist-key" and how and when stuff is reloaded or not. Now, we all seem to agree that OpenVPN has way too many obscure options, so I propose to ge

Re: [Openvpn-devel] make --persist-key always-on and remove "off" code path

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, ‐‐‐ Original Message ‐‐‐ On Friday, 9 April 2021 17:28, Gert Doering wrote: > I do not use --persist-key, but I still restart my services after fiddling > with configs... > Same. To add weight here, I would estimate 95%+ of all pos

[Openvpn-devel] make --persist-key always-on and remove "off" code path

Hi, there was a big discussion on the IRC channel today about interactions between "--chroot" and "--persist-key" and how and when stuff is reloaded or not. Now, we all seem to agree that OpenVPN has way too many obscure options, so I propose to get rid of another one, namely --persist-key - and

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

Hi, On Fri, Apr 09, 2021 at 11:24:01AM +0200, Jan Just Keijser wrote: > On 08/04/21 17:52, Gert Doering wrote: > > On Thu, Apr 08, 2021 at 05:30:52PM +0200, Jan Just Keijser wrote: > >> I don't have any evidence with 2.5 right now but this is just a matter > >> of use/principle to me: I can very w

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, ‐‐‐ Original Message ‐‐‐ On Friday, 9 April 2021 10:53, Arne Schwabe wrote: > > I am not sure how you came to that conclusion. I have written a fairly > comprehensible documentation how NCP in 2.5 works for our manpage: > https://git

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

>>> and I was hoping that this would be resolved before removing something >>> like --ncp-disable. Having said that, I now see that with openvpn 2.5, >>> the server mtu is still 1379 in my setup, regardless of whether I use >>> --ncp-disable or not  - seems to me that is still too low. >>> >> >> Ye

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

Hi Arne, Antonio, On 09/04/21 11:53, Arne Schwabe wrote: Am 09.04.21 um 11:24 schrieb Jan Just Keijser: On 08/04/21 17:52, Gert Doering wrote: On Thu, Apr 08, 2021 at 05:30:52PM +0200, Jan Just Keijser wrote: I don't have any evidence with 2.5 right now but this is just a matter of use/princi

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

Am 09.04.21 um 11:24 schrieb Jan Just Keijser: > Hi, > > On 08/04/21 17:52, Gert Doering wrote: >> Hi, >> >> On Thu, Apr 08, 2021 at 05:30:52PM +0200, Jan Just Keijser wrote: >>> I don't have any evidence with 2.5 right now but this is just a matter >>> of use/principle to me: I can very well see

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

Hi Jan Just, On 09/04/2021 11:24, Jan Just Keijser wrote: > Hi, > > On 08/04/21 17:52, Gert Doering wrote: >> Hi, >> >> On Thu, Apr 08, 2021 at 05:30:52PM +0200, Jan Just Keijser wrote: >>> I don't have any evidence with 2.5 right now but this is just a matter >>> of use/principle to me: I can v

Re: [Openvpn-devel] [PATCH 2/3] Remove --ncp-disable option

Hi, On 08/04/21 17:52, Gert Doering wrote: Hi, On Thu, Apr 08, 2021 at 05:30:52PM +0200, Jan Just Keijser wrote: I don't have any evidence with 2.5 right now but this is just a matter of use/principle to me: I can very well see that I would like to have a setup *without* NCP as I simply do not