[Openvpn-devel] Changes.rst: document removal of --keysize

Message ID 20230201135221.36135-1-frank@lichtenheld.com
State Accepted
Headers show
Series [Openvpn-devel] Changes.rst: document removal of --keysize | expand

Commit Message

Frank Lichtenheld Feb. 1, 2023, 1:52 p.m. UTC
When reviweing OpenVPN/openvpn#231 I noticed this was
missing from Changes.rst.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
 Changes.rst           | 5 +++++
 src/openvpn/options.c | 1 -
 2 files changed, 5 insertions(+), 1 deletion(-)


Gert Doering Feb. 1, 2023, 4:35 p.m. UTC | #1
Acked-by: Gert Doering <gert@greenie.muc.de>

Does what it says on the lid, not much to test here :-)

Your patch has been applied to the master branch.

commit b2e49465e6b837d97ecb3a4edbc06aba00584381 (master)
commit c8e94242e31cf94a12f6e897191548be5c4893fe (release/2.6)
Author: Frank Lichtenheld
Date:   Wed Feb 1 14:52:21 2023 +0100

     Changes.rst: document removal of --keysize

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20230201135221.36135-1-frank@lichtenheld.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26121.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>

kind regards,

Gert Doering


diff --git a/Changes.rst b/Changes.rst
index 4942a580..dc829032 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -176,6 +176,11 @@  TLS 1.0 and 1.1 are deprecated
     a PRNG is better left to a crypto library. So we use the PRNG
     mbed TLS or OpenSSL now.
+``--keysize`` has been removed
+    The ``--keysize`` option was only useful to change the key length when using the
+    BF, CAST6 or RC2 ciphers. For all other ciphers the key size is fixed with the
+    chosen cipher. As OpenVPN v2.6 no longer supports any of these variable length
+    ciphers, this option was removed as well to avoid confusion.
 Compression no longer enabled by default
     Unless an explicit compression option is specified in the configuration,
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index a5f6d244..34291edf 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -4176,7 +4176,6 @@  options_postprocess_pull(struct options *o, struct env_set *es)
  * --cipher
  * --auth
- * --keysize
  * --secret
  * --no-replay