From patchwork Thu Mar 5 06:59:45 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4801 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7001:a68f:b0:83c:d90d:321 with SMTP id wf15csp677794mab; Wed, 4 Mar 2026 23:00:20 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWCTMkRoL/Lf1qb3OQOMA7gR6l29jl+1LL0dVjfY/RNyVrgPwHT2CCNBAwXsJDE8IE48/ZBNFDZ8to=@openvpn.net X-Received: by 2002:a05:6808:4283:b0:466:d19c:24ec with SMTP id 5614622812f47-466d19c2924mr102653b6e.0.1772694019812; Wed, 04 Mar 2026 23:00:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1772694019; cv=none; d=google.com; s=arc-20240605; b=bL9xpzA/lewAjhrudgOj4nWzfPYDDP7GrnNopQxU8hWcqGYjYmKnJnnKULgiD9/+01 pkVxeleBB921E1BBO1BUFv4avE/YQaL/w/lhqqYKIDSjBR4sxoHG6z7uFUPNn8a7j379 XnjKJZJv2OjN2KO9pG8Evqh92ienx2cmWOcbHD//nyBCMAt242x6dyKLwWvKBPvuKTe3 uAWtcaqgW/EQHUJ6le/CWRTvKC2/DgprUd3qu5K9+Nt1JerN9PiYlmV6eX1CBD4bI5dF Si91B7rYMBqgyQqkmvP0nIbzIID3xEUbZcwPFQKb81YcuijKZ3wYDCFb57tCc/0lKFud 1U8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=7xPKvsteWUkU5Jkjw8o+Gl40SUNfQWaD+OntgYP/XxU=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=TEou/MPChIYRLKYFsx0XP9nvGmAFu0QCeCNINcRuoqfwddpuuwGn59blN57NHPS5Uy 2Nne/RVnUdcoMwvrLm2CRtZrfKO+k2uvdbXOItmPQq2wb9M1328Qqe+4sSGiPaBKBIWl xqm8whFZHpj+tOzfk1Logbo5XfO2v06jTOCxFswUeCzGwA2UOomWVdsp57RIzrCfe57+ 3oPPHAmYinAa20VschDBBzAJaXjj5WgL2RqSLua/u1swTMRaMnmy6wrG/QsnJQ3yvGS0 fb4hEL4bLDvW+9deaE42Ugfl251dCcqmFN8uAb4GBZHq1rXfJ9eu8mGHrGu9a6kTvWVC Z6gg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=C4SPtahf; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=leuQpQY8; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=AnFJNG8z; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-464bb2eb997si10504447b6e.18.2026.03.04.23.00.19 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Mar 2026 23:00:19 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=C4SPtahf; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=leuQpQY8; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=AnFJNG8z; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=7xPKvsteWUkU5Jkjw8o+Gl40SUNfQWaD+OntgYP/XxU=; b=C4SPtahfKr7rreFtSsnJzq+bCW CriCWzKT1ZmegAzsl3SOj92RK0gdfxODum7QBDeyKZBZSXsJg5oZunlAODJAoXVv1fZc14lCkBD/h Rzmg1oHRgPU765XVitPr4HFQUoY7vF10S8J7YqM6lu4eeslaEfFgGV2qPA1R8CxA8x+8=; Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vy2gu-0004z1-6t; Thu, 05 Mar 2026 07:00:13 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vy2gn-0004yr-V9 for openvpn-devel@lists.sourceforge.net; Thu, 05 Mar 2026 07:00:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=6wIFWaXudHI3stImm1jtCX75M0Hupg6x+gj/MfCc4pM=; b=leuQpQY81Ol6w9SNTEbLn9m/ZD Qpcu05TuNZJgXWeFwbc9xjbyfrzKoZ2+UIcDxl3lepuei+1Vnazxk2GzdpcSQtUn1PTi+HncRdAe+ ZWZyaavqMdsBUhPpr399Ds7kSZOpQiFSbc0F0DYLGgGbs4n70I2q5Na0lsWBVnSFqmZ0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=6wIFWaXudHI3stImm1jtCX75M0Hupg6x+gj/MfCc4pM=; b=AnFJNG8zV7IuxzKVx8IvMCxYX4 O7Hn9l+X0UWX2orPzkURsTd+KgSmKHhvG1c6QcjAJ82ZjTz8f/nU4SoTK7mz/5vPZo+Se6SROg7tn 5j8Cj0rcM/4C2k1klV5WLTeKyRr5FIDnRCCZ5XKcdsSF8t5HGE2Krw1g/kTqzPq/yZww=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vy2gn-0003D4-7C for openvpn-devel@lists.sourceforge.net; Thu, 05 Mar 2026 07:00:06 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 6256xqqu024360 for ; Thu, 5 Mar 2026 07:59:52 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 6256xqfL024359 for openvpn-devel@lists.sourceforge.net; Thu, 5 Mar 2026 07:59:52 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Thu, 5 Mar 2026 07:59:45 +0100 Message-ID: <20260305065952.24348-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair GitHub: fixes OpenVPN/openvpn#993 Change-Id: I5e17e184f666317df21460108da4f70670358ece Signed-off-by: Selva Nair Acked-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c/openvpn [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vy2gn-0003D4-7C Subject: [Openvpn-devel] [PATCH v1] Use USER_PASS_LEN for private key password buffer size X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1858804404446270544?= X-GMAIL-MSGID: =?utf-8?q?1858804404446270544?= From: Selva Nair GitHub: fixes OpenVPN/openvpn#993 Change-Id: I5e17e184f666317df21460108da4f70670358ece Signed-off-by: Selva Nair Acked-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1553 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1553 This mail reflects revision 1 of this Change. Signed-off-by line for the author was added as per our policy. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 09f23964..80aef69 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -796,7 +796,7 @@ } else /* use our generic 'Private Key' passphrase callback */ { - char password[64]; + char password[USER_PASS_LEN]; pem_password_cb *cb = SSL_CTX_get_default_passwd_cb(ctx); void *d = SSL_CTX_get_default_passwd_cb_userdata(ctx);