From: Selva Nair <selva.n...@gmail.com>
An easy way to trigger this error is to run an otherwise working setup
(at say verb = 4) with increased verbosity of verb >= 7 and using a GCM
cipher (e.g., AES-256-GCM). It will cause a fatal exit while printing the
cipher and hmac in key2_print().
Signed-off-by: Selva Nair <selva.n...@gmail.com>
---
Its actually md_get("none") called by md_kt_size("none") that
causes the error and I'm not entirely sure whether we should
instead make md_get("none") to return NULL. But that would
require all its callers to check for NULL.
src/openvpn/crypto_openssl.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 35fb0052..b93c680a 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -1073,6 +1073,10 @@ md_kt_name(const char *mdname)
unsigned char
md_kt_size(const char *mdname)
{
+ if (!strcmp("none", mdname))
+ {
+ return 0;
+ }
evp_md_type *kt = md_get(mdname);
unsigned char size = (unsigned char)EVP_MD_size(kt);
EVP_MD_free(kt);
--
2.30.2
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
