diff options
author | Daniil Baturin <daniil@vyos.io> | 2024-06-13 16:56:33 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-06-13 16:56:33 +0200 |
commit | 1abf323d378bb565236f21d8a0cfbf6b1b00a08c (patch) | |
tree | fb8dde71098944b4084ea29597a8fb00702415db /src/conf_mode/interfaces_openvpn.py | |
parent | e1916a16627f34cd25aa8768446a0758de281ba6 (diff) | |
parent | 0f669a22615a18c3cd8da2f65f3ed79686992320 (diff) | |
download | vyos-1x-1abf323d378bb565236f21d8a0cfbf6b1b00a08c.tar.gz vyos-1x-1abf323d378bb565236f21d8a0cfbf6b1b00a08c.zip |
Merge pull request #3639 from natali-rs1985/T5487-current
openvpn: T5487: Remove deprecated option --cipher for server and client mode
Diffstat (limited to 'src/conf_mode/interfaces_openvpn.py')
-rwxr-xr-x | src/conf_mode/interfaces_openvpn.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces_openvpn.py b/src/conf_mode/interfaces_openvpn.py index 627cc90ba..017010a61 100755 --- a/src/conf_mode/interfaces_openvpn.py +++ b/src/conf_mode/interfaces_openvpn.py @@ -515,6 +515,10 @@ def verify(openvpn): print('Warning: using dh-params and EC keys simultaneously will ' \ 'lead to DH ciphers being used instead of ECDH') + if dict_search('encryption.cipher', openvpn): + raise ConfigError('"encryption cipher" option is deprecated for TLS mode. ' + 'Use "encryption ncp-ciphers" instead') + if dict_search('encryption.cipher', openvpn) == 'none': print('Warning: "encryption none" was specified!') print('No encryption will be performed and data is transmitted in ' \ |