From: Arne Schwabe Date: Wed, 9 Nov 2022 11:52:08 +0000 (+0100) Subject: Fix md_kt_size in mbed TLS when queried for size of "none" X-Git-Tag: v2.6_beta1~27 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6ff2d63c7943b2d7e150c3934b4e789fb5d1e0c0;p=thirdparty%2Fopenvpn.git Fix md_kt_size in mbed TLS when queried for size of "none" Previously this would error out with a M_FATAL message about cipher not known. Align the mbed TLS version to OpenSSL version and also remove unreachable code. This manifested in key_print2() running into this M_FATAL message when used with an AEAD cipher and verb 7. Signed-off-by: Arne Schwabe Acked-by: Gert Doering Message-Id: <20221109115208.1248948-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25494.html Signed-off-by: Gert Doering --- diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index da4ed9809..9087ff6ad 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -809,11 +809,11 @@ md_kt_name(const char *mdname) unsigned char md_kt_size(const char *mdname) { - const mbedtls_md_info_t *kt = md_get(mdname); - if (NULL == kt) + if (!strcmp("none", mdname)) { return 0; } + const mbedtls_md_info_t *kt = md_get(mdname); return mbedtls_md_get_size(kt); }