git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Antonio Quartulli <a@unstable.cc>
	Thu, 3 Feb 2022 19:36:54 +0000 (20:36 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 4 Feb 2022 11:07:45 +0000 (12:07 +0100)
commit	2d822550ad990fbd498523fb1ab62ca19b3bb93c
tree	3b67ebe56dd06a0b8a3165b9c42bba4f88e31e28	tree
parent	3780ce0e16c2cd06e77357a30df3c43595c98cab	commit \| diff

crypto: move validation logic from cipher_get to cipher_valid

With cipher validation performed in cipher_get(), a cipher is never
returned in any case if some check fails.

This prevents OpenVPN from operating on all ciphers provided by the SSL
library, like printing them to the user.

Move the validation logic to cipher_valid() so that checks are performed
only when OpenVPN really want to know if a cipher is usable or not.

Fixes: ce2954a0 ("Remove cipher_kt_t and change type to const char* in
API")
Cc: Arne Schwabe <arne@rfc2549.org>
Cc: David Sommerseth <davids@openvpn.net>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20220203193655.28791-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23713.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>