Default server config contains enabled deprecated option `cipher`

[TJNII]

Describe the bug The default server config contains cipher AES-256-CBC uncommented: https://github.com/OpenVPN/openvpn/blob/master/sample/sample-config-files/server.conf#L252

On start:

2024-03-03 00:51:30 us=398513 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.

https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#Policy:Migrateawayfromdeprecatedciphers.Status:Inprogress

This example needs to be updated or removed. Thanks.

[TJNII]

This client setting also looks suspicious, I haven't tested this one: https://github.com/OpenVPN/openvpn/blob/master/sample/sample-config-files/client.conf#L116

[cron2]

Good catch. It will work but is not setting a suitable example for what people should be using. We'll deal with it :-)

[flichtenheld]

Work-in-progress patch here: https://gerrit.openvpn.net/c/openvpn/+/532