This entry is more or less a reminder of potential upcoming work for the next bigger OpenVPN update…
New test with with
OpenVPN 2.5_git [git:master/a7d6977e6e14c512+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul 25 2020
two new warnings appear meanwhile.
The first:
DEPRECATED OPTION: ncp-disable. Disabling dynamic cipher negotiation is a deprecated debug feature that will be removed in OpenVPN 2.6
may there is time for that but ’ –ncp-disable’ needs to be replaced with ’ –ncp-ciphers cipher_list’ by time. Since version 2.5 deliver a new cipher (see above) may some other changes in the crypto world will arrive by time, let´s see…
and the second
WARNING: --topology net30 support for server configs with IPv4 pools will be removed in a future release. Please migrate to --topology subnet as soon as possible.
‘–topology net30’ is indeed out of time even it was only for Windows systems useful to my knowledge. Since i do not use any kind of Bill Gates products the question arises for me how ‘–topology subnet’ operates now with Windows systems also in backwards compatibility.
A test with ‘–tls-crypt-v2’ might be worth too ?
Otherwise, the current DEV version works smooth and well.