@@ -10,6 +10,10 @@
``--allow-deprecated-insecure-static-crypto`` but will be removed in
OpenVPN 2.8.
+```tls-exit``` has been deprecated since it is unclear what the use case
+ for this option is. If you have a valid use case, please reach out since
+ the will otherwise be removed in the future.
+
Overview of changes in 2.6
==========================
@@ -553,7 +553,7 @@
code.
--tls-exit
- Exit on TLS negotiation failure.
+ **DEPRECATED** Exit on TLS negotiation failure.
--tls-export-cert directory
Store the certificates the clients use upon connection to this
@@ -608,7 +608,7 @@
"--tran-window n : Transition window -- old key can live this many seconds\n"
" after new key renegotiation begins (default=%d).\n"
"--single-session: Allow only one session (reset state on restart).\n"
- "--tls-exit : Exit on TLS negotiation failure.\n"
+ "--tls-exit : (DEPRECATED) Exit on TLS negotiation failure.\n"
"--tls-auth f [d]: Add an additional layer of authentication on top of the TLS\n"
" control channel to protect against attacks on the TLS stack\n"
" and DoS attacks.\n"
@@ -8960,6 +8960,7 @@
}
else if (streq(p[0], "tls-exit") && !p[1])
{
+ msg(M_WARN, "DEPRECATED OPTION: The option --tls-exit is deprecated.");
VERIFY_PERMISSION(OPT_P_GENERAL);
options->tls_exit = true;
}