From: Antonio Quartulli <a@unstable.cc>
Date: Fri, 16 Aug 2019 20:49:45 +0000 (+0200)
Subject: mbedtls: fix segfault by calling mbedtls_cipher_free() in cipher_ctx_free()
X-Git-Tag: v2.4.8~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=416532f8e4125adb7862b2dce5c2d47d85b260df;p=thirdparty%2Fopenvpn.git

mbedtls: fix segfault by calling mbedtls_cipher_free() in cipher_ctx_free()

Commit ("openssl: Fix compilation without deprecated OpenSSL 1.1 APIs")
has removed the cipher_ctx_cleanup() API, as it is not anymore required
to be a distinct call. However, while doing so it also touched the
mbedtls backend in a wrong way causing a systematic segfault upon
connection.

Basically mbedtls_cipher_free(ctx) was moved from the defunct
cipher_ctx_cleanup()
to md_ctx_free(), while it was supposed to go into cipher_ctx_free().
This was clearly wrong as also the type of the ctx variable was not
correct anymore.

Fix this mistake by actually moving mbedtls_cipher_free(ctx) to
cipher_ctx_free().

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20190816204945.7937-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18781.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 2a74fc3f66bb9f73fc957719d187256922ca003f)
---

diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index 630578d49..748043ec0 100644
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -519,6 +519,7 @@ cipher_ctx_new(void)
 void
 cipher_ctx_free(mbedtls_cipher_context_t *ctx)
 {
+    mbedtls_cipher_free(ctx);
     free(ctx);
 }
 
@@ -782,7 +783,6 @@ md_ctx_new(void)
 
 void md_ctx_free(mbedtls_md_context_t *ctx)
 {
-    mbedtls_cipher_free(ctx);
     free(ctx);
 }