| Message ID | 20221228171314.133115-1-frank@lichtenheld.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [Openvpn-devel] options.c: update usage description of --cipher | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> "makes sense" and I can confirm the ((null))... now it's --cipher alg : Encrypt packets with cipher algorithm alg. You should usually use --data-ciphers instead. Set alg=none to disable encryption. Your patch has been applied to the master and release/2.6 branch. commit 4410daac5af8be778cb2dd2d45a44b5e67938496 (master) commit f45c2c595857b40e2648f2542962cfe2e82e9b44 (release/2.6) Author: Frank Lichtenheld Date: Wed Dec 28 18:13:14 2022 +0100 options.c: update usage description of --cipher Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20221228171314.133115-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25851.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 7395019e..ee378304 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -543,8 +543,8 @@ static const char usage_message[] = " digest algorithm alg (default=%s).\n" " (usually adds 16 or 20 bytes per packet)\n" " Set alg=none to disable authentication.\n" - "--cipher alg : Encrypt packets with cipher algorithm alg\n" - " (default=%s).\n" + "--cipher alg : Encrypt packets with cipher algorithm alg.\n" + " You should usually use --data-ciphers instead.\n" " Set alg=none to disable encryption.\n" "--data-ciphers list : List of ciphers that are allowed to be negotiated.\n" #ifndef ENABLE_CRYPTO_MBEDTLS @@ -4779,7 +4779,7 @@ usage(void) o.ce.local_port, o.ce.remote_port, TUN_MTU_DEFAULT, TAP_MTU_EXTRA_DEFAULT, o.verbosity, - o.authname, o.ciphername, + o.authname, o.replay_window, o.replay_time, o.tls_timeout, o.renegotiate_seconds, o.handshake_window, o.transition_window);
GCC with -O3 complains: warning: ā%sā directive argument is null [-Wformat-overflow=] And indeed: --cipher alg : Encrypt packets with cipher algorithm alg (default=(null)). Since there is no real default anymore, remove it. While here also indicate the somewhat-deprecated status of the option. Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> --- src/openvpn/options.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)