From 3a94f66677fe7b5ae3ecd5743462318d322010e4 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Sun, 18 Aug 2013 17:53:34 +0200 Subject: Rebase OpenVPN to -master --HG-- extra : rebase_source : 37025b323cf5e6497cbc92744a32b0b69e397af8 --- openvpn/doc/openvpn.8 | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'openvpn/doc') diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8 index 868fb841..573d6a80 100644 --- a/openvpn/doc/openvpn.8 +++ b/openvpn/doc/openvpn.8 @@ -1895,6 +1895,13 @@ It is also possible to tag a single directive so as not to trigger a fatal error if the directive isn't recognized. To do this, prepend the following before the directive: .B setenv opt + +Versions prior to OpenVPN 2.3.3 will always ignore options set with the +.B setenv opt +directive. + +See also +.B \-\-ignore-unknown-option .\"********************************************************* .TP .B \-\-setenv-safe name value @@ -1908,6 +1915,25 @@ is a safety precaution to prevent a LD_PRELOAD style attack from a malicious or compromised server. .\"********************************************************* .TP +.B \-\-ignore-unknown-option opt1 opt2 opt3 ... optN +When one of options +.B opt1 ... optN +is encountered in the configuration file the configuration +file parsing does not fail if this OpenVPN version does not +support the option. Multiple +.B \-\-ignore-unknown-option +options can be given to support a larger number of options to ignore. + +This option should be used with caution, as there are good security +reasons for having OpenVPN fail if it detects problems in a +config file. Having said that, there are valid reasons for wanting +new software features to gracefully degrade when encountered by +older software versions. + +.B \-\-ignore-unknown-option +is available since OpenVPN 2.3.3. +.\"********************************************************* +.TP .B \-\-script-security level This directive offers policy-level control over OpenVPN's usage of external programs and scripts. Lower -- cgit v1.2.3