change(openvpn): Openvpn 2.4 no longer supported

internal/configuration/settings/openvpn.go

@@ -17,7 +17,7 @@ import (
 // OpenVPN contains settings to configure the OpenVPN client.
 type OpenVPN struct {
 	// Version is the OpenVPN version to run.
-	// It can only be "2.4" or "2.5".
+	// It can only be "2.5".
 	Version string
 	// User is the OpenVPN authentication username.
 	// It cannot be nil in the internal state if OpenVPN is used.
@@ -88,7 +88,7 @@ var ivpnAccountID = regexp.MustCompile(`^(i|ivpn)\-[a-zA-Z0-9]{4}\-[a-zA-Z0-9]{4
 
 func (o OpenVPN) validate(vpnProvider string) (err error) {
 	// Validate version
-	validVersions := []string{openvpn.Openvpn24, openvpn.Openvpn25}
+	validVersions := []string{openvpn.Openvpn25}
 	if !helpers.IsOneOf(o.Version, validVersions...) {
 		return fmt.Errorf("%w: %q can only be one of %s",
 			ErrOpenVPNVersionIsNotValid, o.Version, strings.Join(validVersions, ", "))

internal/configuration/settings/settings.go

@@ -4,7 +4,6 @@ import (
 	"fmt"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings/helpers"
-	"github.com/qdm12/gluetun/internal/constants/openvpn"
 	"github.com/qdm12/gluetun/internal/constants/providers"
 	"github.com/qdm12/gluetun/internal/constants/vpn"
 	"github.com/qdm12/gluetun/internal/models"
@@ -170,27 +169,14 @@ func (s Settings) Warnings() (warnings []string) {
 
 	if helpers.IsOneOf(*s.VPN.Provider.Name, providers.SlickVPN) &&
 		s.VPN.Type == vpn.OpenVPN {
-		if s.VPN.OpenVPN.Version == openvpn.Openvpn24 {
-			warnings = append(warnings, "OpenVPN 2.4 uses OpenSSL 1.1.1 "+
-				"which allows the usage of weak security in today's standards. "+
-				"This can be ok if good security is enforced by the VPN provider. "+
-				"However, "+*s.VPN.Provider.Name+" uses weak security so you should use "+
-				"OpenVPN 2.5 to enforce good security practices.")
-		} else {
-			warnings = append(warnings, "OpenVPN 2.5 uses OpenSSL 3 "+
-				"which prohibits the usage of weak security in today's standards. "+
-				*s.VPN.Provider.Name+" uses weak security which is out "+
-				"of Gluetun's control so the only workaround is to allow such weaknesses "+
-				`using the OpenVPN option tls-cipher "DEFAULT:@SECLEVEL=0". `+
-				"You might want to reach to your provider so they upgrade their certificates. "+
-				"Once this is done, you will have to let the Gluetun maintainers know "+
-				"by creating an issue, attaching the new certificate and we will update Gluetun.")
-		}
-	}
-
-	if s.VPN.OpenVPN.Version == openvpn.Openvpn24 {
-		warnings = append(warnings, "OpenVPN 2.4 will be removed in release v3.34.0 (around June 2023). "+
-			"Please create an issue if you have a compelling reason to keep it.")
+		warnings = append(warnings, "OpenVPN 2.5 uses OpenSSL 3 "+
+			"which prohibits the usage of weak security in today's standards. "+
+			*s.VPN.Provider.Name+" uses weak security which is out "+
+			"of Gluetun's control so the only workaround is to allow such weaknesses "+
+			`using the OpenVPN option tls-cipher "DEFAULT:@SECLEVEL=0". `+
+			"You might want to reach to your provider so they upgrade their certificates. "+
+			"Once this is done, you will have to let the Gluetun maintainers know "+
+			"by creating an issue, attaching the new certificate and we will update Gluetun.")
 	}
 
 	return warnings