From patchwork Sat Mar 31 20:30:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 276 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net (Dovecot) with LMTP id YzUIHF6AwFqzJAAAIUCqbw for ; Sun, 01 Apr 2018 02:46:54 -0400 Received: from proxy11.mail.ord1d.rsapps.net ([172.30.191.6]) by director10.mail.ord1d.rsapps.net (Dovecot) with LMTP id E0vPG16AwFotRgAApN4f7A ; Sun, 01 Apr 2018 02:46:54 -0400 Received: from smtp11.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy11.mail.ord1d.rsapps.net with LMTP id 2MauG16AwFqiHQAAgKDEHA ; Sun, 01 Apr 2018 02:46:54 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp11.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=greenie.muc.de X-Suspicious-Flag: YES X-Classification-ID: 765574aa-3578-11e8-bc15-5254005f837b-1-1 Received: from [216.105.38.7] ([216.105.38.7:34678] helo=lists.sourceforge.net) by smtp11.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id A8/25-03820-D5080CA5; Sun, 01 Apr 2018 02:46:53 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1f2WkS-00045n-FM; Sun, 01 Apr 2018 06:45:52 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1f2WkQ-00045f-Nr for openvpn-devel@lists.sourceforge.net; Sun, 01 Apr 2018 06:45:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc: MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=do1y7YAQUe0wf6oGMozf9DTjXL32W+u6hOLzyM7fkcg=; b=iPxW51FP09YQeb2lfBXMpXI90c dzo6zLzCf1xsMLQzSOghTTfhpG1xhIej2Eo8e3oT0jsYmlRDB5ekSePShkxjAUxYxunHMGtsAXlx5 fhXuQhSpsmvFX/U4QmXDIqf45QzUNGY1qRAqbOM4dr02fVD8U9i14tsFweiurKQmbG0Q=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=do1y7YAQUe0wf6oGMozf9DTjXL32W+u6hOLzyM7fkcg=; b=C0ytopk+02h/qdGGX+2A6848GF g9TSLV41FXMtcAKSzXHloj+YMi22TjR55XIDh+NTFz65OfniB13oUSrCT5F2uoCR3nclWQdXsV74l EhGGoS5AyuzBG9v6HHN9UlO28kEAhC/+YuffWJAyAUXCC0zXXJirZ4pmBgU6an6HdGdc=; Received: from chekov.greenie.muc.de ([193.149.48.178]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1f2WkN-004YUo-Pg for openvpn-devel@lists.sourceforge.net; Sun, 01 Apr 2018 06:45:50 +0000 Received: from chekov.greenie.muc.de (localhost [127.0.0.1]) by chekov.greenie.muc.de (8.15.2/8.15.2) with ESMTPS id w316UxBX023955 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Sun, 1 Apr 2018 08:30:59 +0200 (CEST) (envelope-from gert@chekov.greenie.muc.de) Received: (from gert@localhost) by chekov.greenie.muc.de (8.15.2/8.15.2/Submit) id w316UwbW023954 for openvpn-devel@lists.sourceforge.net; Sun, 1 Apr 2018 08:30:58 +0200 (CEST) (envelope-from gert) From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Sun, 1 Apr 2018 08:30:58 +0200 Message-Id: <20180401063058.23913-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.16.3 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1f2WkN-004YUo-Pg Subject: [Openvpn-devel] [PATCH] Depreciate IPv4-related options. X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox As discussed in trac #208 and on IRC with Antonio, OpenVPN 2.5 will be IPv6-only. Removal of IPv4-related code and options will dramatically reduce code complexity, confusing options, bugs and user questions. Add deprecation warnings for IPv4-related config options to 2.4 branch, so users have enough time to move their setups to work on IPv6-only before 2.5 will be released. This affects: --ifconfig --route --server --proto udp4/tcp4 --ifconfig-pool More IPv4-related options will be identified and depreciated later. Trac: #208 Signed-off-by: Gert Doering --- src/openvpn/options.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 9fef3945..46d33c0b 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -5258,6 +5258,7 @@ add_option(struct options *options, msg(msglevel, "ifconfig parms '%s' and '%s' must be valid addresses", p[1], p[2]); goto err; } + msg(M_WARN, "DEPRECATED OPTION: --ifconfig, please update your configuration to use IPv6 (--ifconfig-ipv6). IPv4 support will be removed in OpenVPN v2.5."); } else if (streq(p[0], "ifconfig-ipv6") && p[1] && p[2] && !p[3]) { @@ -5928,6 +5929,10 @@ add_option(struct options *options, } options->ce.proto = proto; options->ce.af = af; + if (af == AF_INET) + { + msg(M_WARN, "DEPRECATED OPTION: --proto %s, please update your configuration to use IPv6. IPv4 support will be removed in OpenVPN v2.5.", p[1]); + } } else if (streq(p[0], "proto-force") && p[1] && !p[2]) { @@ -6151,6 +6156,7 @@ add_option(struct options *options, } else if (streq(p[0], "route") && p[1] && !p[5]) { + static int route_warning_printed = 0; VERIFY_PERMISSION(OPT_P_ROUTE); rol_check_alloc(options); if (pull_mode) @@ -6172,6 +6178,10 @@ add_option(struct options *options, } } add_route_to_option_list(options->routes, p[1], p[2], p[3], p[4]); + if (route_warning_printed++ < 1) + { + msg(M_WARN, "DEPRECATED OPTION: --route, please update your configuration to use IPv6 (--route-ipv6). IPv4 support will be removed in OpenVPN v2.5."); + } } else if (streq(p[0], "route-ipv6") && p[1] && !p[4]) { @@ -6459,6 +6469,7 @@ add_option(struct options *options, goto err; } } + msg(M_WARN, "DEPRECATED OPTION: --server, please update your configuration to use IPv6 (--server-ipv6). IPv4 support will be removed in OpenVPN v2.5."); } else if (streq(p[0], "server-ipv6") && p[1] && !p[3]) { @@ -6566,6 +6577,7 @@ add_option(struct options *options, { options->ifconfig_pool_netmask = netmask; } + msg(M_WARN, "DEPRECATED OPTION: --ifconfig-pool, please update your configuration to use IPv6 (--ifconfig-ipv6-pool). IPv4 support will be removed in OpenVPN v2.5."); } else if (streq(p[0], "ifconfig-pool-persist") && p[1] && !p[3]) {