From b2e49465e6b837d97ecb3a4edbc06aba00584381 Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Wed, 1 Feb 2023 14:52:21 +0100 Subject: [PATCH] Changes.rst: document removal of --keysize When reviweing OpenVPN/openvpn#231 I noticed this was missing from Changes.rst. Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Message-Id: <20230201135221.36135-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26121.html Signed-off-by: Gert Doering --- Changes.rst | 5 +++++ src/openvpn/options.c | 1 - 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/Changes.rst b/Changes.rst index f4c3587f4..c5335ce93 100644 --- a/Changes.rst +++ b/Changes.rst @@ -170,6 +170,11 @@ TLS 1.0 and 1.1 are deprecated a PRNG is better left to a crypto library. So we use the PRNG mbed TLS or OpenSSL now. +``--keysize`` has been removed + The ``--keysize`` option was only useful to change the key length when using the + BF, CAST6 or RC2 ciphers. For all other ciphers the key size is fixed with the + chosen cipher. As OpenVPN v2.6 no longer supports any of these variable length + ciphers, this option was removed as well to avoid confusion. Compression no longer enabled by default Unless an explicit compression option is specified in the configuration, diff --git a/src/openvpn/options.c b/src/openvpn/options.c index f24af3d7c..6ae3faf89 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -4176,7 +4176,6 @@ options_postprocess_pull(struct options *o, struct env_set *es) * * --cipher * --auth - * --keysize * --secret * --no-replay * -- 2.47.2