Commits 7d48d31b, 39619b7f added support for inlining username
and, optionally, password.
Add a description of its usage in the man page.
Github: resolvesOpenVPN/openvpn#370
Change-Id: I7a1765661f7676eeba8016024080fd1026220ced
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20240220175215.2731491-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28284.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
OpenVPN 2.6 already warned about this feature being removed. OpenVPN
2.7 will with this change no longer accept these configurations without
having a --allow-deprecated-insecure-static-crypto added to the command
line or the configuration itself. This will serve as a last and final
warning for people who missed the warning message in OpenVPN 2.6.
This commit also removes the documentation for --secret and the static key
mode.
Change-Id: I4f29953b91cf8e8daf2c9503da44073ad96d0ff5
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20231009105832.34762-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27194.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This option allows to pin one or more more peer certificates. It also
prepares for doing TLS authentication without a CA and just
self-signed certificates.
Patch V2: Allow peer-fingerprint to be specified multiple times
to allow multiple peers without needing to use inline
syntax. (e.g. on command line).
Patch V3: rebase on v3 of 1/4, reword message of verify-hash and
peer-fingerpring incompatibility
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20210321143353.2677-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20210321143353.2677-1-arne@rfc2549.org
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This patch introduces support for verify-hash inlining.
When inlined, this options now allows to specify multiple fingerprints,
one per line.
Since this is a new syntax, there is no backwards compatibility to take
care of, therefore we can drop support for SHA1. Inlined fingerprints
are assumed be to SHA-256 only.
Also print a warning about SHA1 hash being deprecated to verify
certificates as it is not "industry standard" anymore.
Patch v2: fix/clarify various comments, fix a few minor problems, allow
the option to be specified multiple times and have that
added to the list.
Patch v3: Remove leftover variable, always call
parse_hash_fingerprint_multiline, add comments clarifying list
appending
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20210321142538.1656-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20210321142538.1656-1-arne@rfc2549.org
Signed-off-by: Gert Doering <gert@greenie.muc.de>
To avoid keeping around a full-size openvpn.rst file which is never
needed but will take space in the repo forever, patches 01...04
of the big documentation overhaul projects were squashed togehter,
keeping the individual commit logs and URL references below.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
* This is a combination of 4 commits.
* This is the 1st commit message:
doc/man: Add an .rst formatted version of the man page
This is the first step to move away from a manually editing g/nroff
encoded man page.
Some modifications was needed to ensure formatting was consistent and
rendered reasonably okay in GitHub and that the generated man page
(using rst2man) is looking as a proper man page. Unsupported options
has also been moved into its own section. HTML rendering directly
using rst2html has also been used to validate the conversion.
The rst2man and rst2html utilities comes from the python-docutils
project: https://docutils.sourceforge.io/
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200716225338.611-2-davids@openvpn.net>
URL: https://sourceforge.net/p/openvpn/mailman/message/37063370/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
* This is the commit message #2:
doc/man: Replace old man page with generated man page
The doc/openvpn.8 and doc/openvpn.8.html files are now being removed
from the git tree, as it will be generated from the doc/openvpn.8.rst
file using python-docutils.
An additional dist-hook is added so these files are generated
automatically when source tarballs are generated for releases. This
means users compiling directly from the source tarball will not need
python-docutils installed.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200716225338.611-3-davids@openvpn.net>
URL: https://sourceforge.net/p/openvpn/mailman/message/37063373/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
* This is the commit message #3:
doc/man: Split up and reorganize main man page
The openvpn.8.rst file is quite long and hard to edit, as it covers
several hundred options. Some options were even documented multiple
places. The example has also received some attention, cleaning up
old and outdated infomration.
In this commit the main man page is split up into multiple sections
and options are sorted into each of the corresponding section.
Inside each category, each option is for now sorted alphabetically.
The main openvpn.8.rst file is currently kept unchanged and will be
handled in the next commit.
Many language improvements contributed by Richard Bonhomme has also
been incorproated.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200716225338.611-4-davids@openvpn.net>
URL: https://sourceforge.net/p/openvpn/mailman/message/37063376/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
* This is the commit message #4:
doc/man: Complete openvpn.8.rst splitting
This rebuilds the openvpn.8.rst content by using the text which was
split out in the previous commit by using RST ..include statements.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200716225338.611-5-davids@openvpn.net>
URL: https://sourceforge.net/p/openvpn/mailman/message/37063377/
Signed-off-by: Gert Doering <gert@greenie.muc.de>
