[Openvpn-devel,v2] Ensure only CBC, CFB, OFB and AEAD ciphers are considered valid data ciphers

Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director14.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net with LMTP
	id ICWeDY9ARGOeBgAAIUCqbw
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Mon, 10 Oct 2022 11:55:59 -0400
Received: from proxy17.mail.ord1d.rsapps.net ([172.30.191.6])
	by director14.mail.ord1d.rsapps.net with LMTP
	id IG2SDY9ARGNcIwAAeJ7fFg
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Mon, 10 Oct 2022 11:55:59 -0400
Received: from smtp19.gate.ord1d ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy17.mail.ord1d.rsapps.net with LMTPS
	id CCZgDY9ARGPxPgAAWC7mWg
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	for <patchwork@openvpn.net>; Mon, 10 Oct 2022 11:55:59 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp19.gate.ord1d.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=rfc2549.org
X-Suspicious-Flag: YES
X-Classification-ID: 07b7e6dc-48b4-11ed-84b2-525400d67fa8-1-1
Received: from [216.105.38.7] ([216.105.38.7:34770]
 helo=lists.sourceforge.net)
	by smtp19.gate.ord1d.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 86/F3-18942-E8044436; Mon, 10 Oct 2022 11:55:58 -0400
Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com)
	by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1ohv7w-0007tV-B3;
	Mon, 10 Oct 2022 15:55:36 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <arne@kamera.blinkt.de>) id 1ohv7t-0007tL-RI
 for openvpn-devel@lists.sourceforge.net;
 Mon, 10 Oct 2022 15:55:33 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=KU4b9bH/NiROk/eHDLCfIsq0+kYF1Hxa7f79sbmMHSU=; b=SeO20DzexXQdVYixFfHjj5xAhF
 yIRTPnYtPNEA2UB8cXDathcLk96epc+RUZYpNLlVCo30Pw/B+KxUKl2vTWr9gd6KuXnewIHO0Nh7J
 duu9gx3cbAm/WbqFNiNSLW/SRMdi57/QlKkq50t86+eVyHYgJX83NRjSIevKHMf34mM4=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=KU4b9bH/NiROk/eHDLCfIsq0+kYF1Hxa7f79sbmMHSU=; b=ZL1XVdsuNtgsTqOHCxoDh1mx0w
 XdUbZBAVM67NfJhnxEJ4C55yRHX23updZIHKYjWE7QFThT4YaDBlYMs4jW1DErFvSfVLxYtz1aGR0
 7AsVKnBo/0nFiYN+PxrpyHdS585PFNNpSLNHDUSZj6ck/6iU+T8wpecjHmsdZKcHl0aE=;
Received: from mail.blinkt.de ([192.26.174.232])
 by sfi-mx-1.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1ohv7o-0018wc-Ln for openvpn-devel@lists.sourceforge.net;
 Mon, 10 Oct 2022 15:55:33 +0000
Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c])
 by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD))
 (envelope-from <arne@kamera.blinkt.de>) id 1ohv7b-000Fbz-SJ
 for openvpn-devel@lists.sourceforge.net;
 Mon, 10 Oct 2022 17:55:15 +0200
Received: (nullmailer pid 1687197 invoked by uid 10006);
 Mon, 10 Oct 2022 15:55:15 -0000
From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Mon, 10 Oct 2022 17:55:15 +0200
Message-Id: <20221010155515.1687151-1-arne@rfc2549.org>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20221010154116.1685877-1-arne@rfc2549.org>
References: <20221010154116.1685877-1-arne@rfc2549.org>
MIME-Version: 1.0
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: Make sure cipher_valid only considered these four operations
 as valid. This fixes that somjething like --data-ciphers
 AES-256-GCM:AES-128-CCM
 will start but later fail when trying to use the CCM ciphe [...]
 Content analysis details:   (0.3 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
X-Headers-End: 1ohv7o-0018wc-Ln
Subject: [Openvpn-devel] [PATCH v2] Ensure only CBC, CFB,
 OFB and AEAD ciphers are considered valid data ciphers
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox