Add a note that ncp-ciphers is replaced by data-ciphers

This patch adds a message that informs the user that the ncp-cipher is renamed to data-ciphers. This should address the following concerns: - Users being confused by old options. - Nudge users to use the modern variant of an option The man page already documents ncp-ciphers as an old name for data-ciphers, so looking it up in the man page will also work. Note that I did not add "deprecated old option" to this message since I still think that eventually removing the option will only break configs and we gain almost nothing from that. Also still accepting the option even though we do not recommend usage of it also follows the robustness principle of: "be strict in what you send and tolerant in what you receive" Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20200724142557.25204-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20573.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
OpenVPN · Jul 27, 2020 · 342f9b7 · 342f9b7
1 parent 30d19c6
commit 342f9b7
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
@@ -7867,6 +7867,11 @@ add_option(struct options *options,
             && p[1] && !p[2])
     {
         VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_INSTANCE);
+        if (streq(p[0], "ncp-ciphers"))
+        {
+            msg(M_INFO, "Note: Treating option '--ncp-ciphers' as "
+                        " '--data-ciphers' (renamed in OpenVPN 2.5).");
+        }
         options->ncp_ciphers = p[1];
     }
     else if (streq(p[0], "ncp-disable") && !p[1])