Fix md_kt_size in mbed TLS when queried for size of "none"

Previously this would error out with a M_FATAL message about cipher
not known. Align the mbed TLS version to OpenSSL version and also remove
unreachable code. This manifested in key_print2() running into this
M_FATAL message when used with an AEAD cipher and verb 7.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221109115208.1248948-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25494.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index da4ed980924778c385c1d82a09fc646d6deaad5d..9087ff6ad2fd10cf3499976197294b72f98df5b7 100644 (file)
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -809,11 +809,11 @@ md_kt_name(const char *mdname)
 unsigned char
 md_kt_size(const char *mdname)
 {
-    const mbedtls_md_info_t *kt = md_get(mdname);
-    if (NULL == kt)
+    if (!strcmp("none", mdname))
     {
         return 0;
     }
+    const mbedtls_md_info_t *kt = md_get(mdname);
     return mbedtls_md_get_size(kt);
 }