From: Selva Nair <selva.nair@gmail.com>
Date: Fri, 21 Jan 2022 18:57:52 +0000 (-0500)
Subject: Do not error when md_kt_size() is called with mdname="none"
X-Git-Tag: v2.6_beta1~303
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9076d90684c06c8f0ac0ba4c099b00ddbc4ab29d;p=thirdparty%2Fopenvpn.git

Do not error when md_kt_size() is called with mdname="none"

An easy way to trigger this error is to run an otherwise working setup
(at say verb = 4) with increased verbosity of verb >= 7 and using a GCM
cipher (e.g., AES-256-GCM). It will cause a fatal exit while printing the
cipher and hmac in key2_print().

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220121185752.14138-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23631.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 5f8c575ec..a725306cc 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -1073,6 +1073,10 @@ md_kt_name(const char *mdname)
 unsigned char
 md_kt_size(const char *mdname)
 {
+    if (!strcmp("none", mdname))
+    {
+        return 0;
+    }
     evp_md_type *kt = md_get(mdname);
     unsigned char size =  (unsigned char)EVP_MD_size(kt);
     EVP_MD_free(kt);