Skip to content

ipsec.conf#118

Merged
usernamealreadyis merged 1 commit into
usernamealreadyixxfrom
5932700/please-turn-on-two-factor-authentication
Oct 30, 2017
Merged

ipsec.conf#118
usernamealreadyis merged 1 commit into
usernamealreadyixxfrom
5932700/please-turn-on-two-factor-authentication

Conversation

@usernamealreadyis

@usernamealreadyis usernamealreadyis commented Oct 30, 2017

Copy link
Copy Markdown
Contributor

Reusing Existing Parameters

All conn and ca sections inherit the parameters defined in a conn %default
or ca %default section, respectively.

Parameters defined in other conn or ca sections may be included in a section
with the also=othersection parameter. The included section may in turn use the
also keyword to include other sections.

In versions prior to 5.2.0 each setting could only be defined once, so settings included
via also could not be changed (the only exception were settings defined in the %default
section, which could be overwritten once).
Since 5.2.0 settings from included sections may be changed - the same setting may
even be defined multiple times in the same section, the last value will be used. It does
not matter if settings are defined before or after an also statement, settings in the current
section always override inherited settings. But if multiple also statements are used in the
same section their order matters (settings from a section included later will override those
from previously included sections). The new parser also allows to unset a setting by
assigning no value (e.g. leftcert=), the setting's default value, if any, will apply, which
may be used to "remove" settings inherited from e.g. the %default section.

@usernamealreadyis
ipsec.conf
72ca3b2 
> Reusing Existing Parameters
> 
> All conn and ca sections inherit the parameters defined in a conn %default
> or ca %default section, respectively.
> 
> Parameters defined in other conn or ca sections may be included in a section
> with the also=othersection parameter. The included section may in turn use the
> also keyword to include other sections.
> 
> In versions prior to 5.2.0 each setting could only be defined once, so settings included
> via also could not be changed (the only exception were settings defined in the %default
> section, which could be overwritten once).
> Since 5.2.0 settings from included sections may be changed - the same setting may
> even be defined multiple times in the same section, the last value will be used. It does
> not matter if settings are defined before or after an also statement, settings in the current
> section always override inherited settings. But if multiple also statements are used in the
> same section their order matters (settings from a section included later will override those
> from previously included sections). The new parser also allows to unset a setting by
> assigning no value (e.g. leftcert=), the setting's default value, if any, will apply, which
> may be used to "remove" settings inherited from e.g. the %default section.
@usernamealreadyis usernamealreadyis added this to the OpenSSL CHANGES log milestone Oct 30, 2017
@usernamealreadyis usernamealreadyis merged commit ed6e0f4 into usernamealreadyixx Oct 30, 2017
@GistIcon GistIcon locked and limited conversation to collaborators Oct 30, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@AndisthermalFindLasthree AndisthermalFindLasthree Awaiting requested review from AndisthermalFindLasthree

Assignees

@AndisthermalFindLasthree AndisthermalFindLasthree

@usernamealreadyis usernamealreadyis

Labels

Prevent padding oracle

Projects

None yet

Milestone

OpenSSL CHANGES log

Development

Successfully merging this pull request may close these issues.

2 participants

@usernamealreadyis @AndisthermalFindLasthree