[Openvpn-devel] documentation: update "unsupported options" section

Message ID 20230111125242.21025-1-frank@lichtenheld.com
State Accepted
Headers show
Series [Openvpn-devel] documentation: update "unsupported options" section | expand

Commit Message

Frank Lichtenheld Jan. 11, 2023, 12:52 p.m. UTC
We listed those in Changes, but did not update the documentation.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
 doc/man-sections/unsupported-options.rst | 11 +++++++++++
 1 file changed, 11 insertions(+)


Gert Doering Jan. 11, 2023, 1:53 p.m. UTC | #1
Acked-by: Gert Doering <gert@greenie.muc.de>

"Seems to match my memories" :)

Your patch has been applied to the master and release/2.6 branch.

commit ee0a6026af9c47fe21217f57ab04b9cc2cc193f1 (master)
commit 4674d69c630e92d2f5ae1537ab63f8e6b9bca041 (release/2.6)
Author: Frank Lichtenheld
Date:   Wed Jan 11 13:52:42 2023 +0100

     documentation: update 'unsupported options' section

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20230111125242.21025-1-frank@lichtenheld.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25968.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>

kind regards,

Gert Doering


diff --git a/doc/man-sections/unsupported-options.rst b/doc/man-sections/unsupported-options.rst
index 05ba3ca2..5c4e3a0e 100644
--- a/doc/man-sections/unsupported-options.rst
+++ b/doc/man-sections/unsupported-options.rst
@@ -17,6 +17,14 @@  longer supported
   ``key-method`` weakens the VPN tunnel security.  The old ``key-method``
   was also only needed when the remote side was older than OpenVPN 2.0.
+  Removed in OpenVPN 2.6.  The built-in packet filtering (pf) functionality
+  has been removed.
+  Removed in OpenVPN 2.6.  This option mainly served a role as debug option
+  when NCP was first introduced.  It should no longer be necessary.
   Removed in OpenVPN 2.5.  This option should not be used as it weakens the
   VPN tunnel security.  This has been a NOOP option since OpenVPN 2.4.
@@ -30,3 +38,6 @@  longer supported
   in recent SSL/TLS libraries.  If your certificates does not include *key
   usage* and *extended key usage* fields, they must be upgraded and the
   ``--remote-cert-tls`` option should be used instead.
+  Removed in OpenVPN 2.6.  We now always use the PRNG of the SSL library.