[Openvpn-devel,1/2] Increase TLS_CHANNEL_BUF_SIZE from 2048 to 8192

Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:2755:b0:83c:d90d:321 with SMTP id j21csp2448345maq;
        Sun, 15 Mar 2026 11:44:03 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCX+x1P/gfwEY7RVMgOSZlNj2FqQrBOUFz/T/rdURPZ6n5KIq9X8sumCqpJDblx7rohoEeZ85RmQCCk=@openvpn.net
X-Received: by 2002:a05:6820:214:b0:67b:d547:26d9 with SMTP id
 006d021491bc7-67bda8865eamr6826325eaf.0.1773600243544;
        Sun, 15 Mar 2026 11:44:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1773600243; cv=none;
        d=google.com; s=arc-20240605;
        b=D3Hu3zjXVu1V/psNunaqQvPIh/p1pg7WZ+VymfxEGvSvDunqOOkGoCYII8ljU/xbte
         mmNVftu8i6eWvZjJ0zEv1jZskwWL7mrWH/A5XkQtRCrmjy+4vavuN+tPeuv/0muxUEg/
         D7pZ9tsgol5WBCcT/cv1VcpweweaihpQ/J/mPh7HXXXQbRCAPCBMPHoCW4kIGmL8tTB5
         0N28S57ioB8RPEAyod3rIEMNjnO47UGNMQoissj9f27q7wv7HlAzfZvntGeB4sZxhGyv
         ywzh+gq6aEkVnqqTRYUpSJo35Fg/3GWPRFZLvEwSw6kc1p22V5vR+rTIk1Di2bWdzWvK
         i1lQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature:dkim-signature:dkim-signature;
        bh=XM92qzFANwfMcYKqaUJjK8Yhf3v48vAdUPsjy+MKGls=;
        fh=FRWMOQmE4vArX8xPll5WCJJjcBedLRfud2/cHUpioeU=;
        b=YzFRafyFiu8vFNpWJ2C64mEHdFnfo2Z+0nMGoy3Q/L2599Evbs+gruLj1DWCjIN/mz
         oXqsiteWCx6AjYRkXxdVBn/33fSfNOehgEVHMy8UEqCGtzei0Sf9kyyOmQ/Ko+5Uu4ew
         N7pbV5i58e/sHX0GdwGI+6OTDtODQ2vi8/XoJnTW1XutfEDyrFroc8CURtI9jPiZUVP+
         ty+PQzQswi5gwBdQmgVPmLFnHPJI0G/c0hi+qSaC3GOo9TYyw6bvohxN1/G5Newm3uoV
         za0dYVgV1TJ2OEQqalv10PXNYRKnE0+IQMLLTiINbujVmkGdhaL9lFUOysRmRXyKY+Rv
         7Jlg==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b=Y+AhwD+0;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=XeO6Tphu;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=gLdhw2C9;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b="IZn/DNFS";
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
       dara=neutral header.i=@openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 006d021491bc7-67bc9322478si7073176eaf.83.2026.03.15.11.44.03
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 15 Mar 2026 11:44:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b=Y+AhwD+0;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=XeO6Tphu;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=gLdhw2C9;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b="IZn/DNFS";
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
       dara=neutral header.i=@openvpn.net
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc:
	List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
	Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
	Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender
	:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	bh=XM92qzFANwfMcYKqaUJjK8Yhf3v48vAdUPsjy+MKGls=; b=Y+AhwD+0S4OzwizLHGV1dBJnKd
	qGIsIF3ZK8T8nDFaV4Y1j+cDZ9qNmPdi3fiy4U8UiMRmp3YYdE8gDNpAeWBjJLLPD+AjXNL+OoIaE
	EH5CfqQrjOEalrABRc3rwFkLeMCKsxaUX0nnpZhRjZCRKxP1rV3Rqx9drIYINzjJadg4=;
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1w1qRT-00049B-Ou;
	Sun, 15 Mar 2026 18:44:00 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <luca.boccassi@gmail.com>) id 1w1qRS-00048s-53
 for openvpn-devel@lists.sourceforge.net;
 Sun, 15 Mar 2026 18:43:58 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=; b=XeO6Tphuhor7Cuvy8QM2uqKVP7
 xpkJmg9gkf4Y9BLgTUazGnAk6izKHJCNhg+jLrt6bCQdgDChxHg/XJ2gOGSCEz7WN60mp4ObONyaL
 JaC8YS50zCwTGoaDEqHyN6WSs5jhl/jNQMIgwaqy4b9Xg3YcWwKDyh6V1xeKfzwElG/c=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=; b=gLdhw2C9kfMNEMS1MHkVZwp7jw
 +s14I0uFhjtxvKFolKcFPml88n96fvKrUTTkDwVqlQ/CMivODkzFIUHWFFjL+z1hENqYjTMRw47YN
 R5lbpw4O5xfjbKN0AQMAhZbj7C97SnMILIwCZXA5CcM9OwH6+ylPOf/o0TZo6Lb0/nJ0=;
Received: from mail-wr1-f52.google.com ([209.85.221.52])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
 id 1w1qRS-0000OF-CQ for openvpn-devel@lists.sourceforge.net;
 Sun, 15 Mar 2026 18:43:58 +0000
Received: by mail-wr1-f52.google.com with SMTP id
 ffacd0b85a97d-439b9cf8cb5so4370540f8f.0
 for <openvpn-devel@lists.sourceforge.net>;
 Sun, 15 Mar 2026 11:43:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1773600226; x=1774205026;
 darn=lists.sourceforge.net;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=;
 b=IZn/DNFSVQcDJi6pg2FM+6kNSxSLBLM2wHmykzTAaCnNx4uqksolXAdhqOw/FxjWuL
 ZhbZVwW1qylFNi3KZjmwZ3l5CP0wSfNU9Pdd0ZZXD21MIfsMp51zdbB3bINa2jG6H6Wb
 QgFWID+VsVSh1lXxgpCyEaVNlxbAS0X2hN/XDvFVL5dEq8S7uyVVZKmR+9xelQDmC1Rc
 gb3DgyoP5T1WWyX++Wb8XIrp9rzvUM6eSHD6Tmmo2fmF+vtAwUoFy1Wis09l5KQyfNQz
 5gdmklub/sD1ZlxelYPYAafunUVpCT3cY5/0Y0Y+a/9LXOTIEAFoXnuYRt4nlC/g6pRF
 GYhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20251104; t=1773600226; x=1774205026;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=znggBQvKt9TLYQqMPOm+ITTICpbLQIiOFj4TQ7DzGCM=;
 b=ZRKJUyU5mmTvJriu3MYRf5Y+P/s73qGHfzJpBjyQ5gJQCPc3GOLWZk+mvvl9/Eqc04
 TyJ8Cqxlmo8HLXRxb2i9fVrGjTXhlvhbeAVG6CFSmMjgm0Kcp6MiCwFF3K9JFKxzjQIa
 mwgbMUXk5g/Lsg1VdIvoj5cAAIiFxXLEXuNm+W3nuQ3WE+i/z1ff2udOvPGLgBrNIoXV
 kjeR0jPoPs8sy7uQnzluoXQEFJIVYp17LVTCAxJSGwdDv8Uw+A9K3EbbbTzgSfHA9Yu0
 AGXi3Nm1zmHsegbLxQaKJhQtEofbffxEHttpMU0q+uGUJGtNuTyTl+scKYydolKiosJJ
 qgWg==
X-Gm-Message-State: AOJu0YzNOkGvR+QFbRS+xLnUBAppWXGDnYr6rkLWyyW5MumCBzAr0yr9
 HhQxBZgJ1miVX0LQkPxQESWbg3uFo4zsM/bWqgS5CfGC0N12heuyysdkcxeY6g==
X-Gm-Gg: ATEYQzzhWbfprf32fCnX7uIgXxZC1L67zX1AXiU4ImcW8aj3UygHw/Hb1VvOZ/grp8l
 y4WfQhpuJQVyQnrr4E/aiPsJa+QmzlyN/vfwSvDC/mnslHSbuqtqh9CdK0glZEAXRG8UkeKbwLH
 SwFQ6SBiXk98JwuCd4ZRUVmvZ4TrKBOx4AFlHqm9den6nfk48J8ZDY5s8rN7KbpCSRRT21s98by
 WMjbMRluN5+o5sfywHu/auzo0nUFSkVLB1lHXZhCn26QYobxdoCJcCh2F23RMQcs7P2D6PQh8FH
 ftW1Hh+8y0dSkyNVtiBvFiyKw+67WdAZ42dfgmcnZyN/MLSpW6gj3D+2bGKZvHKe9rKhvyT8dNk
 9nVVx/9TkGWCmygK9vIQGAYCV0t2xlJLKj/W5TBUz65DI2aKlXIkXXerRYDQjSdOyZfr0Zz2AJj
 2/OjLZDNbdJo3TDrsmAqYpYzC7fhwo+RGWbca2y4M=
X-Received: by 2002:a5d:5f53:0:b0:439:b624:5ce1 with SMTP id
 ffacd0b85a97d-43a04db6580mr18780110f8f.33.1773600226381;
 Sun, 15 Mar 2026 11:43:46 -0700 (PDT)
Received: from localhost ([2a01:4b00:d036:ae00:16d6:15ec:8b51:78c3])
 by smtp.gmail.com with UTF8SMTPSA id
 ffacd0b85a97d-439fe20bb90sm37365011f8f.19.2026.03.15.11.43.45
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 15 Mar 2026 11:43:45 -0700 (PDT)
From: luca.boccassi@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Sun, 15 Mar 2026 18:39:55 +0000
Message-ID: <20260315184337.1541272-2-luca.boccassi@gmail.com>
X-Mailer: git-send-email 2.47.3
In-Reply-To: <20260315184337.1541272-1-luca.boccassi@gmail.com>
References: <20260315184337.1541272-1-luca.boccassi@gmail.com>
MIME-Version: 1.0
X-Spam-Score: 0.8 (/)
X-Spam-Report: Spam detection software,
 running on the system "sfi-spamd-1.hosts.colo.sdot.me",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Luca Boccassi When authenticating via a JWT token 2048
 bytes are not enough, which breaks the auth process. In my local case the
 token is ~2100 bytes. Bump the maximum harcoded size from 2k to 8k to leave
 some head [...]
 Content analysis details:   (0.8 points, 5.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
 -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
 domain
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
 [luca.boccassi(at)gmail.com]
 1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers
 0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.221.52 listed in wl.mailspike.net]
X-Headers-End: 1w1qRS-0000OF-CQ
Subject: [Openvpn-devel] [PATCH 1/2] Increase TLS_CHANNEL_BUF_SIZE from 2048
 to 8192
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Luca Boccassi <luca.boccassi@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1859754648820128287?=
X-GMAIL-MSGID: =?utf-8?q?1859754648820128287?=