The mbed TLS variant of the call already returned the normalised
name while the OpenSSL variant did not. On top of that, all calls but
one to cipher_kt_name were translate_cipher_name_to_openvpn. This commit
moves the call of translate_cipher_name_to_openvpn into cipher_kt_name
or avoids calling it twice in the case of mbed TLS.
The one case that did not translate_cipher_name_to_openvpn is an
internal ssl_openssl.c method that should call EVP_CIPHER_name anyway.
Also simplify cipher_name_cmp function that is only used by
openvpn --show-ciphers with the modified cipher_kt_name
function.
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Steffan Karger <steffan@karger.me>
Message-Id: <
20200605112519.22714-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19970.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
cipher_ctx_init(ctx->cipher, key->cipher, kt->cipher_length,
kt->cipher, enc);
- const char *ciphername = translate_cipher_name_to_openvpn(cipher_kt_name(kt->cipher));
+ const char *ciphername = cipher_kt_name(kt->cipher);
msg(D_HANDSHAKE, "%s: Cipher '%s' initialized with %d bit key",
prefix,
ciphername,
" by default" : "";
printf("%s (%d bit key%s, ",
- translate_cipher_name_to_openvpn(cipher_kt_name(cipher)),
+ cipher_kt_name(cipher),
cipher_kt_key_size(cipher) * 8, var_key_size);
if (cipher_kt_block_size(cipher) == 1)
/**
* Retrieve a string describing the cipher (e.g. \c AES-128-CBC).
+ * The returned name is normalised to the OpenVPN config name in case the
+ * name differs from the name used by the crypto library.
*
* @param cipher_kt Static cipher parameters
*
const EVP_CIPHER *const *cipher_a = a;
const EVP_CIPHER *const *cipher_b = b;
- const char *cipher_name_a =
- translate_cipher_name_to_openvpn(EVP_CIPHER_name(*cipher_a));
- const char *cipher_name_b =
- translate_cipher_name_to_openvpn(EVP_CIPHER_name(*cipher_b));
-
- return strcmp(cipher_name_a, cipher_name_b);
+ return strcmp(cipher_kt_name(*cipher_a), cipher_kt_name(*cipher_b));
}
void
{
return "[null-cipher]";
}
- return EVP_CIPHER_name(cipher_kt);
+
+ const char *name = EVP_CIPHER_name(cipher_kt);
+ return translate_cipher_name_to_openvpn(name);
}
int
int block_size = EVP_CIPHER_block_size(cipher);
- orig_name = cipher_kt_name(cipher);
+ orig_name = EVP_CIPHER_name(cipher);
if (!orig_name)
{
goto cleanup;
init_key_type(&kt, o->ciphername, o->authname, o->keysize, true,
false);
- buf_printf(&out, ",cipher %s",
- translate_cipher_name_to_openvpn(cipher_kt_name(kt.cipher)));
+ buf_printf(&out, ",cipher %s", cipher_kt_name(kt.cipher));
buf_printf(&out, ",auth %s", md_kt_name(kt.digest));
buf_printf(&out, ",keysize %d", kt.cipher_length * 8);
if (o->shared_secret_file)
}
else
{
- const char *ovpn_cipher_name =
- translate_cipher_name_to_openvpn(cipher_kt_name(ktc));
+ const char *ovpn_cipher_name = cipher_kt_name(ktc);
if (buf_len(&new_list)> 0)
{
projects / thirdparty / openvpn.git / commitdiff
