From: Frank Lichtenheld <frank@lichtenheld.com>
Date: Wed, 1 Feb 2023 13:52:21 +0000 (+0100)
Subject: Changes.rst: document removal of --keysize
X-Git-Tag: v2.7_alpha1~568
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b2e49465e6b837d97ecb3a4edbc06aba00584381;p=thirdparty%2Fopenvpn.git

Changes.rst: document removal of --keysize

When reviweing OpenVPN/openvpn#231 I noticed this was
missing from Changes.rst.

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230201135221.36135-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26121.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/Changes.rst b/Changes.rst
index f4c3587f4..c5335ce93 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -170,6 +170,11 @@ TLS 1.0 and 1.1 are deprecated
     a PRNG is better left to a crypto library. So we use the PRNG
     mbed TLS or OpenSSL now.
 
+``--keysize`` has been removed
+    The ``--keysize`` option was only useful to change the key length when using the
+    BF, CAST6 or RC2 ciphers. For all other ciphers the key size is fixed with the
+    chosen cipher. As OpenVPN v2.6 no longer supports any of these variable length
+    ciphers, this option was removed as well to avoid confusion.
 
 Compression no longer enabled by default
     Unless an explicit compression option is specified in the configuration,
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index f24af3d7c..6ae3faf89 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -4176,7 +4176,6 @@ options_postprocess_pull(struct options *o, struct env_set *es)
  *
  * --cipher
  * --auth
- * --keysize
  * --secret
  * --no-replay
  *