diff mbox series

[Openvpn-devel,v1] Remove remainders of --no-name-remaping option

Message ID 20251127115737.3598-1-gert@greenie.muc.de
State New
Headers show
Series [Openvpn-devel,v1] Remove remainders of --no-name-remaping option | expand

Commit Message

Gert Doering Nov. 27, 2025, 11:57 a.m. UTC 
This option was removed in 2.5 (commit c3f565f059) but still showed
up in the ``openvpn --help`` text and in a Q&A section of the man page.

Change-Id: Ib15bd4148872db39a4c8291796a5da211bb20a87
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1411
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1411
This mail reflects revision 1 of this Change.

Acked-by according to Gerrit (reflected above):
Frank Lichtenheld <frank@lichtenheld.com>

Comments

Gert Doering Nov. 27, 2025, 12:04 p.m. UTC | #1 
Not much to test here - the option is long gone, and for the help text,
as long as it compiles, nothing got broken (BB confirmed that :-) ).

Your patch has been applied to the master branch.

commit 0effd6cae392bc42bb5106170661ba520e344fbe
Author: Gert Doering
Date:   Thu Nov 27 12:57:32 2025 +0100

     Remove remainders of --no-name-remapping option

     Signed-off-by: Gert Doering <gert@greenie.muc.de>
     Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1411
     Message-Id: <20251127115737.3598-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34754.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/doc/man-sections/script-options.rst b/doc/man-sections/script-options.rst
index 670cd33..cadd464 100644
--- a/doc/man-sections/script-options.rst
+++ b/doc/man-sections/script-options.rst
@@ -571,8 +571,8 @@ 
     a filename, etc.
 
 *Q: Can string remapping be disabled?*
-    Yes, by using the ``--no-name-remapping`` option, however this
-    should be considered an advanced option.
+    No.  The options ``--no-name-remapping`` and ``--compat-names`` have
+    been removed in 2.5 because they were considered too insecure.
 
 Here is a brief rundown of OpenVPN's current string types and the
 permitted character class for each string:
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 4794315..0257418f 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -474,8 +474,6 @@ 
     "                  for generated tokens can be set.\n"
     "--auth-user-pass-optional : Allow connections by clients that don't\n"
     "                  specify a username/password.\n"
-    "--no-name-remapping : (DEPRECATED) Allow Common Name and X509 Subject to include\n"
-    "                      any printable character.\n"
     "--client-to-client : Internally route client-to-client traffic.\n"
     "--duplicate-cn  : Allow multiple clients with the same common name to\n"
     "                  concurrently connect.\n"