Menu
▾
▴
[Openvpn-devel] [PATCH 1/7] simplify condition detecting pure P2P mode
|
From: Antonio Q. <a...@un...> - 2021-09-04 09:56:40
|
The new condition is equivalent to the old one, but easier to grasp.
Also add message to inform uset that cipher negotiation, in this case,
it indeed disabled.
Signed-off-by: Arne Schwabe <ar...@rf...>
Signed-off-by: Antonio Quartulli <a...@un...>
---
src/openvpn/options.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 00ba6044..0d6b85cf 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -3076,8 +3076,12 @@ options_postprocess_verify(const struct options *o)
static void
options_postprocess_cipher(struct options *o)
{
- if (!o->pull && !(o->mode == MODE_SERVER))
+ if (!o->tls_server && !o->tls_client)
{
+ /* we are in the classic P2P mode */
+ msg(M_WARN, "Cipher negotiation is disabled since TLS "
+ "mode is not enabled");
+
/* If the cipher is not set, use the old default of BF-CBC. We will
* warn that this is deprecated on cipher initialisation, no need
* to warn here as well */
--
2.32.0
|
