summaryrefslogtreecommitdiff
path: root/src/conf_mode/interfaces_openvpn.py
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2024-06-13 16:56:33 +0200
committerGitHub <noreply@github.com>2024-06-13 16:56:33 +0200
commit1abf323d378bb565236f21d8a0cfbf6b1b00a08c (patch)
treefb8dde71098944b4084ea29597a8fb00702415db /src/conf_mode/interfaces_openvpn.py
parente1916a16627f34cd25aa8768446a0758de281ba6 (diff)
parent0f669a22615a18c3cd8da2f65f3ed79686992320 (diff)
downloadvyos-1x-1abf323d378bb565236f21d8a0cfbf6b1b00a08c.tar.gz
vyos-1x-1abf323d378bb565236f21d8a0cfbf6b1b00a08c.zip
Merge pull request #3639 from natali-rs1985/T5487-current
openvpn: T5487: Remove deprecated option --cipher for server and client mode
Diffstat (limited to 'src/conf_mode/interfaces_openvpn.py')
-rwxr-xr-xsrc/conf_mode/interfaces_openvpn.py4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/conf_mode/interfaces_openvpn.py b/src/conf_mode/interfaces_openvpn.py
index 627cc90ba..017010a61 100755
--- a/src/conf_mode/interfaces_openvpn.py
+++ b/src/conf_mode/interfaces_openvpn.py
@@ -515,6 +515,10 @@ def verify(openvpn):
print('Warning: using dh-params and EC keys simultaneously will ' \
'lead to DH ciphers being used instead of ECDH')
+ if dict_search('encryption.cipher', openvpn):
+ raise ConfigError('"encryption cipher" option is deprecated for TLS mode. '
+ 'Use "encryption ncp-ciphers" instead')
+
if dict_search('encryption.cipher', openvpn) == 'none':
print('Warning: "encryption none" was specified!')
print('No encryption will be performed and data is transmitted in ' \