Make --ca and --cipher non-optional in .ovpn

Dodge those annoying scenarios where server cipher is not set
and defaults to BF-CBC, whereas default TunnelKit cipher
is AES-128-CBC. And data channel stalls.
This commit is contained in:
Davide De Rosa 2019-11-20 01:03:50 +01:00
parent 5f05d888f8
commit b1c11e3e56
2 changed files with 13 additions and 0 deletions

View File

@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## Unreleased
### Changed
- Require explicit `--ca` and `--cipher` in .ovpn configuration file.
## 2.1.0 (2019-11-03)
### Added

View File

@ -587,6 +587,13 @@ extension OpenVPN {
}
}
guard let _ = optCA else {
throw ConfigurationError.missingConfiguration(option: "ca")
}
guard let _ = optCipher else {
throw ConfigurationError.missingConfiguration(option: "cipher")
}
//
var sessionBuilder = ConfigurationBuilder()