Add support for OpenVPN's --data-ciphers (!46) · Merge requests · GNOME / NetworkManager-openvpn

Gard Spreemann requested to merge gspr/NetworkManager-openvpn:gspr/data-ciphers into main Jun 21, 2022

It used to be the case that OpenVPN added the cipher from --cipher to the ones provided by --data-ciphers. As of OpenVPN 2.6, that is no longer the case.

This patch adds rudamentary support for OpenVPN's --data-ciphers. The argument is treated exactly like the "cipher" field in a connection's .data, and thus passes a "data-ciphers" field in .data directly on to OpenVPN's --data-ciphers. This may not be appropriate in a GUI/TUI, as --data-ciphers is a colon-separated list, but is here treated as an opaque string.

The patch has only been lightly tested: It compiles and works with a connection that needed "data-ciphers = AES-128-CBC", and that was broken with only "cipher = AES-128-CBC" when upgrading to OpenVPN 2.6.

Add support for OpenVPN's --data-ciphers

Merge request reports