Am 05.12.21 um 18:40 schrieb Gert Doering:
Hi,
On Wed, Dec 01, 2021 at 07:07:23PM +0100, Arne Schwabe wrote:
This field is only set once to cipher_kt_key_size(kt.cipher) at the same
time that kt.cipher is set and therefore completely redundant.
[..]
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -744,8 +744,6 @@ init_key_type(struct key_type *kt, const char *ciphername,
msg(M_FATAL, "Cipher %s not supported", ciphername);
}
- kt->cipher_length = cipher_kt_key_size(kt->cipher);
-
/* check legal cipher mode */
aead_cipher = cipher_kt_mode_aead(kt->cipher);
if (!(cipher_kt_mode_cbc(kt->cipher)
@@ -811,21 +809,20 @@ init_key_ctx(struct key_ctx *ctx, const struct key *key,
[..]
const char *ciphername = cipher_kt_name(kt->cipher);
msg(D_HANDSHAKE, "%s: Cipher '%s' initialized with %d bit key",
prefix,
ciphername,
- kt->cipher_length *8);
+ cipher_kt_key_size(kt->cipher));
This does not look right. Shouldn't it be "cipher_kt_key_size() * 8", then?
You are correct.
Arne
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
