From 0bd2fa38fb70ad9022c05ffa67b2bd8751ca5a5b Mon Sep 17 00:00:00 2001
From: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Date: Sat, 26 Nov 2022 17:26:47 +0100
Subject: [PATCH] Correct tls-crypt-v2 metadata length in man page

The manual page claims that the client metadata can be up to 735 bytes
(encoded as upt to 980 characters base64), but the actual maximum length
is 733 bytes which is also encoded as 980 characters in base64.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20221126162648.150678-1-maximilian.fillinger@foxcrypto.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25546.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 doc/man-sections/encryption-options.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/man-sections/encryption-options.rst b/doc/man-sections/encryption-options.rst
index ee34f14e4..abc73d90c 100644
--- a/doc/man-sections/encryption-options.rst
+++ b/doc/man-sections/encryption-options.rst
@@ -104,7 +104,8 @@ Generating key material
 
     If supplied, include the supplied ``metadata`` in the wrapped client
     key. This metadata must be supplied in base64-encoded form. The
-    metadata must be at most 735 bytes long (980 bytes in base64).
+    metadata must be at most 733 bytes long (980 characters in base64, though
+    note that 980 base64 characters can encode more than 733 bytes).
 
     If no metadata is supplied, OpenVPN will use a 64-bit unix timestamp
     representing the current time in UTC, encoded in network order, as
-- 
2.47.2