Todo #12981
closed
Warn about OpenVPN shared key deprecation
100%
Description
See #12980 for more info. OpenVPN shared key is being deprecated. It isn't being removed yet, but will be in the near future. Users should be discouraged from creating new shared key servers or clients, but not prevented. Users of existing instances should be warned to migrate away from shared key ASAP.
We should at least display a highly visible warning in the GUI if a user selects shared key for an OpenVPN client or server. Maybe also show a similar warning on the server and client lists.
We may also want to trigger a warning of some sort on the first boot post upgrade if any shared key tunnels are configured on the firewall, but that may be overkill for this release.
Updated by Jim Pingle over 2 years ago
- Status changed from In Progress to Feedback
Warning added to tunnel list and when editing an instance for both clients and servers. Warning is only printed when there are shared key instances present or when the user selects a shared key mode.
https://github.com/pfsense/pfsense/commit/209ad2e3f59f6e5a11802298b397dfaadfb04921
Not doing to the notification as it seems like overkill at this point in time.
Updated by Jim Pingle over 2 years ago
- Subject changed from Add warnings about OpenVPN shared key deprecation to Warn about OpenVPN shared key deprecation
Updating subject for release notes.
Updated by Jim Pingle over 2 years ago
- % Done changed from 0 to 100
Applied in changeset 209ad2e3f59f6e5a11802298b397dfaadfb04921.
Updated by Christopher Cope over 2 years ago
Tested on
22.05-DEVELOPMENT (amd64) built on Fri Apr 08 06:19:17 UTC 2022 FreeBSD 12.3-STABLE
Warning message displayed as expected.