Opened 6 years ago

Closed 5 years ago

#463 closed Feature Wish (fixed)

Small note about --cipher and --tls-cipher

Reported by: krzee king Owned by: Gert Döring
Priority: trivial Milestone: release 2.3.7
Component: Documentation Version: OpenVPN 2.3.5 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

After seeing a question in #openvpn I think the manual could use a small note in --cipher that it is for the data channel, and a note in --tls-ciphers that it is for the control channel.

Change History (5)

comment:1 Changed 6 years ago by Gert Döring

Owner: set to krzee king
Status: newassigned
Version: 2.2.22.3.5

I agree. Please send patch (or "new text" which I can turn into a patch)

comment:2 Changed 6 years ago by krzee king

in --cipher the first sentence is: "Encrypt packets with cipher algorithm alg."
could change that to "Encrypt data channel packets with cipher algorithm alg."

in --tls-ciphers i think it should simply have an additional sentence at the end: "This is for the control channel."

comment:3 Changed 5 years ago by Gert Döring

Syzzer already improved --tls-cipher in commit 5f66f907, so that one now reads:

This setting can be used to ensure that certain cipher suites
are used (or not used) for the TLS connection. OpenVPN uses TLS
to secure the control channel, over which the keys that are used
to protect the actual VPN traffic are exchanged.

I'll send a patch for --cipher.

comment:4 Changed 5 years ago by Gert Döring

Milestone: release 2.3.7
Owner: changed from krzee king to Gert Döring

comment:5 Changed 5 years ago by Gert Döring

Resolution: fixed
Status: assignedclosed

commit 0fe2498ef9326e301869c9e8a9e622a3996ae579 (master)
commit 7327e46c922e3cfe6b797b1f20ea9cffd6e6b522 (release/2.3)

Author: Gert Doering
Date: Tue May 26 23:01:03 2015 +0200

slightly enhance documentation about --cipher

Note: See TracTickets for help on using tickets.