]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 72bcdfd) | patch
Always use default keysize for NCP'd ciphers
authorSteffan Karger <steffan@karger.me>
Thu, 20 Jul 2017 17:55:57 +0000 (19:55 +0200)
committerDavid Sommerseth <davids@openvpn.net>
Mon, 14 Aug 2017 12:50:51 +0000 (14:50 +0200)
commit956bb1c32fa40ee184919b3ce569c90643a01b5b
treec3e1f07727b5fba7681d19784e67f82df5bc1ad9tree
parent72bcdfdc19243c1ed6cb8568f62f0c35e8b70f5fcommit | diff
Always use default keysize for NCP'd ciphers

If a peer has set --keysize, and NCP negotiates a cipher with a different
key size (e.g. --keysize 128 + AES-256-GCM), that peer will exit with a
"invalid key size" error.  To prevent that, always set keysize=0 for NCP'd
ciphers.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1500573357-20496-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15110.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
src/openvpn/ssl.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git