diff options
author | Jörg Frings-Fürst <debian@jff.email> | 2022-02-09 16:35:02 +0100 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff.email> | 2022-02-09 16:35:02 +0100 |
commit | 8e924e2c919e6fbeae0045b67ac54b9697306d7d (patch) | |
tree | 2ddb2a40fd70018ada5fbab576002199771f67c5 /doc/man-sections/client-options.rst | |
parent | f2b3dda12a731c2e0971cb7889728edaf23f6cb0 (diff) |
New upstream version 2.5.5upstream/2.5.5upstream
Diffstat (limited to 'doc/man-sections/client-options.rst')
-rw-r--r-- | doc/man-sections/client-options.rst | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst index c5b7ad9..92a02e2 100644 --- a/doc/man-sections/client-options.rst +++ b/doc/man-sections/client-options.rst @@ -251,6 +251,75 @@ configuration. next remote succeeds. To silently ignore an option pushed by the server, use :code:`ignore`. +--push-peer-info + Push additional information about the client to server. The following + data is always pushed to the server: + + :code:`IV_VER=<version>` + The client OpenVPN version + + :code:`IV_PLAT=[linux|solaris|openbsd|mac|netbsd|freebsd|win]` + The client OS platform + + :code:`IV_LZO_STUB=1` + If client was built with LZO stub capability + + :code:`IV_LZ4=1` + If the client supports LZ4 compressions. + + :code:`IV_PROTO` + Details about protocol extensions that the peer supports. The + variable is a bitfield and the bits are defined as follows + (starting a bit 0 for the first (unused) bit: + + - bit 1: The peer supports peer-id floating mechanism + - bit 2: The client expects a push-reply and the server may + send this reply without waiting for a push-request first. + - bit 3: The client is capable of doing key derivation using + RFC5705 key material exporter. + - bit 4: The client is capable of accepting additional arguments + to the `AUTH_PENDING` message. + + :code:`IV_NCP=2` + Negotiable ciphers, client supports ``--cipher`` pushed by + the server, a value of 2 or greater indicates client supports + *AES-GCM-128* and *AES-GCM-256*. + + :code:`IV_CIPHERS=<ncp-ciphers>` + The client announces the list of supported ciphers configured with the + ``--data-ciphers`` option to the server. + + :code:`IV_GUI_VER=<gui_id> <version>` + The UI version of a UI if one is running, for example + :code:`de.blinkt.openvpn 0.5.47` for the Android app. + + :code:`IV_SSO=[crtext,][openurl,][proxy_url]` + Additional authentication methods supported by the client. + This may be set by the client UI/GUI using ``--setenv`` + + When ``--push-peer-info`` is enabled the additional information consists + of the following data: + + :code:`IV_HWADDR=<string>` + This is intended to be a unique and persistent ID of the client. + The string value can be any readable ASCII string up to 64 bytes. + OpenVPN 2.x and some other implementations use the MAC address of + the client's interface used to reach the default gateway. If this + string is generated by the client, it should be consistent and + preserved across independent session and preferably + re-installations and upgrades. + + :code:`IV_SSL=<version string>` + The ssl version used by the client, e.g. + :code:`OpenSSL 1.0.2f 28 Jan 2016`. + + :code:`IV_PLAT_VER=x.y` + The version of the operating system, e.g. 6.1 for Windows 7. + + :code:`UV_<name>=<value>` + Client environment variables whose names start with + :code:`UV_` + --remote args Remote host name or IP address, port and protocol. |