From 8e924e2c919e6fbeae0045b67ac54b9697306d7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Wed, 9 Feb 2022 16:35:02 +0100 Subject: New upstream version 2.5.5 --- doc/man-sections/client-options.rst | 69 +++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) (limited to 'doc/man-sections/client-options.rst') diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst index c5b7ad9..92a02e2 100644 --- a/doc/man-sections/client-options.rst +++ b/doc/man-sections/client-options.rst @@ -251,6 +251,75 @@ configuration. next remote succeeds. To silently ignore an option pushed by the server, use :code:`ignore`. +--push-peer-info + Push additional information about the client to server. The following + data is always pushed to the server: + + :code:`IV_VER=` + The client OpenVPN version + + :code:`IV_PLAT=[linux|solaris|openbsd|mac|netbsd|freebsd|win]` + The client OS platform + + :code:`IV_LZO_STUB=1` + If client was built with LZO stub capability + + :code:`IV_LZ4=1` + If the client supports LZ4 compressions. + + :code:`IV_PROTO` + Details about protocol extensions that the peer supports. The + variable is a bitfield and the bits are defined as follows + (starting a bit 0 for the first (unused) bit: + + - bit 1: The peer supports peer-id floating mechanism + - bit 2: The client expects a push-reply and the server may + send this reply without waiting for a push-request first. + - bit 3: The client is capable of doing key derivation using + RFC5705 key material exporter. + - bit 4: The client is capable of accepting additional arguments + to the `AUTH_PENDING` message. + + :code:`IV_NCP=2` + Negotiable ciphers, client supports ``--cipher`` pushed by + the server, a value of 2 or greater indicates client supports + *AES-GCM-128* and *AES-GCM-256*. + + :code:`IV_CIPHERS=` + The client announces the list of supported ciphers configured with the + ``--data-ciphers`` option to the server. + + :code:`IV_GUI_VER= ` + The UI version of a UI if one is running, for example + :code:`de.blinkt.openvpn 0.5.47` for the Android app. + + :code:`IV_SSO=[crtext,][openurl,][proxy_url]` + Additional authentication methods supported by the client. + This may be set by the client UI/GUI using ``--setenv`` + + When ``--push-peer-info`` is enabled the additional information consists + of the following data: + + :code:`IV_HWADDR=` + This is intended to be a unique and persistent ID of the client. + The string value can be any readable ASCII string up to 64 bytes. + OpenVPN 2.x and some other implementations use the MAC address of + the client's interface used to reach the default gateway. If this + string is generated by the client, it should be consistent and + preserved across independent session and preferably + re-installations and upgrades. + + :code:`IV_SSL=` + The ssl version used by the client, e.g. + :code:`OpenSSL 1.0.2f 28 Jan 2016`. + + :code:`IV_PLAT_VER=x.y` + The version of the operating system, e.g. 6.1 for Windows 7. + + :code:`UV_=` + Client environment variables whose names start with + :code:`UV_` + --remote args Remote host name or IP address, port and protocol. -- cgit v1.2.3