Browse code
Fix assertion error when using --cipher none
Some commits ago, the cipher mode checks were cleaned up to
remove code duplication (and fix the issue in #471), but broke
'--cipher none' (reported in #473). This commit fixes that.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <545DED2C.5070002@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9217
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger authored on 2014/11/08 19:15:08Showing 3 changed files
| ... | ... |
@@ -223,7 +223,7 @@ int cipher_kt_block_size (const cipher_kt_t *cipher_kt); |
| 223 | 223 |
/** |
| 224 | 224 |
* Returns the mode that the cipher runs in. |
| 225 | 225 |
* |
| 226 |
- * @param cipher_kt Static cipher parameters |
|
| 226 |
+ * @param cipher_kt Static cipher parameters. May not be NULL. |
|
| 227 | 227 |
* |
| 228 | 228 |
* @return Cipher mode, either \c OPENVPN_MODE_CBC, \c |
| 229 | 229 |
* OPENVPN_MODE_OFB or \c OPENVPN_MODE_CFB |
| ... | ... |
@@ -233,7 +233,7 @@ int cipher_kt_mode (const cipher_kt_t *cipher_kt); |
| 233 | 233 |
/** |
| 234 | 234 |
* Check if the supplied cipher is a supported CBC mode cipher. |
| 235 | 235 |
* |
| 236 |
- * @param cipher Static cipher parameters. May not be NULL. |
|
| 236 |
+ * @param cipher Static cipher parameters. |
|
| 237 | 237 |
* |
| 238 | 238 |
* @return true iff the cipher is a CBC mode cipher. |
| 239 | 239 |
*/ |
| ... | ... |
@@ -243,7 +243,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
| 243 | 243 |
/** |
| 244 | 244 |
* Check if the supplied cipher is a supported OFB or CFB mode cipher. |
| 245 | 245 |
* |
| 246 |
- * @param cipher Static cipher parameters. May not be NULL. |
|
| 246 |
+ * @param cipher Static cipher parameters. |
|
| 247 | 247 |
* |
| 248 | 248 |
* @return true iff the cipher is a OFB or CFB mode cipher. |
| 249 | 249 |
*/ |
| ... | ... |
@@ -492,7 +492,7 @@ cipher_kt_mode (const EVP_CIPHER *cipher_kt) |
| 492 | 492 |
bool |
| 493 | 493 |
cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
| 494 | 494 |
{
|
| 495 |
- return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC |
|
| 495 |
+ return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC |
|
| 496 | 496 |
#ifdef EVP_CIPH_FLAG_AEAD_CIPHER |
| 497 | 497 |
/* Exclude AEAD cipher modes, they require a different API */ |
| 498 | 498 |
&& !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) |
| ... | ... |
@@ -503,7 +503,7 @@ cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
| 503 | 503 |
bool |
| 504 | 504 |
cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) |
| 505 | 505 |
{
|
| 506 |
- return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
| 506 |
+ return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
| 507 | 507 |
cipher_kt_mode(cipher) == OPENVPN_MODE_CFB) |
| 508 | 508 |
#ifdef EVP_CIPH_FLAG_AEAD_CIPHER |
| 509 | 509 |
/* Exclude AEAD cipher modes, they require a different API */ |
| ... | ... |
@@ -419,13 +419,13 @@ cipher_kt_mode (const cipher_info_t *cipher_kt) |
| 419 | 419 |
bool |
| 420 | 420 |
cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
| 421 | 421 |
{
|
| 422 |
- return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; |
|
| 422 |
+ return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; |
|
| 423 | 423 |
} |
| 424 | 424 |
|
| 425 | 425 |
bool |
| 426 | 426 |
cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) |
| 427 | 427 |
{
|
| 428 |
- return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
| 428 |
+ return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
| 429 | 429 |
cipher_kt_mode(cipher) == OPENVPN_MODE_CFB); |
| 430 | 430 |
} |
| 431 | 431 |
|