Message ID | 20211102042314.19113-1-selva.nair@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel] Fix tls-version-min default once again | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> Thanks. The old one "looked good", but the MIN_MASK would have needed a shift (indeed) and this way it's more readable anyway. I have not tested this beyond "it compiles and passes make check". Your patch has been applied to the master branch. commit 3037d2bd348eb184ed924a590012a23f68a1b47f Author: Selva Nair Date: Tue Nov 2 00:23:14 2021 -0400 Fix tls-version-min default once again Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20211102042314.19113-1-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23091.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 4a5db8a6..6b15d898 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3165,7 +3165,9 @@ static void options_set_backwards_compatible_options(struct options *o) { /* TLS min version is not set */ - if ((o->ssl_flags & SSLF_TLS_VERSION_MIN_MASK) == 0) + int tls_ver_min = (o->ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) + & SSLF_TLS_VERSION_MIN_MASK; + if (tls_ver_min == 0) { int tls_ver_max = (o->ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK;