From 6478c1f359e6b0ea2046d9e2801830753e53c06a Mon Sep 17 00:00:00 2001
From: Gert Doering <gert@greenie.muc.de>
Date: Sun, 24 May 2015 15:02:34 +0200
Subject: Disallow usage of --server-poll-timeout in --secret key mode.

The internal machinery wants TLS for this to work, so just add this
to the (long) list of options not allowed unless either --tls-client
or --tls-server is active.  For added sanity, add an ASSERT() call
to the place where this combination caused a NULL ptr reference, and
document the restriction.

Fix trac #373

Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1432472554-24666-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9736
---
 doc/openvpn.8 | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'doc')

diff --git a/doc/openvpn.8 b/doc/openvpn.8
index b1c2fab..3fff3f2 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -3783,6 +3783,10 @@ when polling possible remote servers to connect to
 in a round-robin fashion, spend no more than
 .B n
 seconds waiting for a response before trying the next server.
+As this only makes sense in client-to-server setups, it cannot
+be used in point-to-point setups using
+.B \-\-secret
+symmetrical key mode.
 .\"*********************************************************
 .TP
 .B \-\-explicit\-exit\-notify [n]
-- 
cgit