Signed-off-by: James Yonan <ja...@openvpn.net>
---
src/openvpn/ssl_openssl.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index 481600a..d845fd7 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -261,8 +261,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const
char *ciphers)
const tls_cipher_name_pair *cipher_pair;
- const size_t openssl_ciphers_size = 4096;
- char openssl_ciphers[openssl_ciphers_size];
+ char openssl_ciphers[4096];
size_t openssl_ciphers_len = 0;
openssl_ciphers[0] = '\0';
@@ -301,8 +300,8 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const
char *ciphers)
}
// Make sure new cipher name fits in cipher string
- if (((openssl_ciphers_size-1) - openssl_ciphers_len) <
current_cipher_len) {
- msg(M_SSLERR, "Failed to set restricted TLS cipher list, too long
(>%zu).", openssl_ciphers_size-1);
+ if (((sizeof(openssl_ciphers)-1) - openssl_ciphers_len) <
current_cipher_len) {
+ msg(M_SSLERR, "Failed to set restricted TLS cipher list, too long
(>%d).", (int)sizeof(openssl_ciphers)-1);
}
// Concatenate cipher name to OpenSSL cipher string
--
1.8.5.5
