Some commits ago, the cipher mode checks were cleaned up to
remove code duplication (and fix the issue in #471), but broke
'--cipher none' (reported in #473). This commit fixes that.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <545DED2C.5070002@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9217
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -223,7 +223,7 @@ int cipher_kt_block_size (const cipher_kt_t *cipher_kt); |
223 | 223 |
/** |
224 | 224 |
* Returns the mode that the cipher runs in. |
225 | 225 |
* |
226 |
- * @param cipher_kt Static cipher parameters |
|
226 |
+ * @param cipher_kt Static cipher parameters. May not be NULL. |
|
227 | 227 |
* |
228 | 228 |
* @return Cipher mode, either \c OPENVPN_MODE_CBC, \c |
229 | 229 |
* OPENVPN_MODE_OFB or \c OPENVPN_MODE_CFB |
... | ... |
@@ -233,7 +233,7 @@ int cipher_kt_mode (const cipher_kt_t *cipher_kt); |
233 | 233 |
/** |
234 | 234 |
* Check if the supplied cipher is a supported CBC mode cipher. |
235 | 235 |
* |
236 |
- * @param cipher Static cipher parameters. May not be NULL. |
|
236 |
+ * @param cipher Static cipher parameters. |
|
237 | 237 |
* |
238 | 238 |
* @return true iff the cipher is a CBC mode cipher. |
239 | 239 |
*/ |
... | ... |
@@ -243,7 +243,7 @@ bool cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
243 | 243 |
/** |
244 | 244 |
* Check if the supplied cipher is a supported OFB or CFB mode cipher. |
245 | 245 |
* |
246 |
- * @param cipher Static cipher parameters. May not be NULL. |
|
246 |
+ * @param cipher Static cipher parameters. |
|
247 | 247 |
* |
248 | 248 |
* @return true iff the cipher is a OFB or CFB mode cipher. |
249 | 249 |
*/ |
... | ... |
@@ -492,7 +492,7 @@ cipher_kt_mode (const EVP_CIPHER *cipher_kt) |
492 | 492 |
bool |
493 | 493 |
cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
494 | 494 |
{ |
495 |
- return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC |
|
495 |
+ return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC |
|
496 | 496 |
#ifdef EVP_CIPH_FLAG_AEAD_CIPHER |
497 | 497 |
/* Exclude AEAD cipher modes, they require a different API */ |
498 | 498 |
&& !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) |
... | ... |
@@ -503,7 +503,7 @@ cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
503 | 503 |
bool |
504 | 504 |
cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) |
505 | 505 |
{ |
506 |
- return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
506 |
+ return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
507 | 507 |
cipher_kt_mode(cipher) == OPENVPN_MODE_CFB) |
508 | 508 |
#ifdef EVP_CIPH_FLAG_AEAD_CIPHER |
509 | 509 |
/* Exclude AEAD cipher modes, they require a different API */ |
... | ... |
@@ -419,13 +419,13 @@ cipher_kt_mode (const cipher_info_t *cipher_kt) |
419 | 419 |
bool |
420 | 420 |
cipher_kt_mode_cbc(const cipher_kt_t *cipher) |
421 | 421 |
{ |
422 |
- return cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; |
|
422 |
+ return cipher && cipher_kt_mode(cipher) == OPENVPN_MODE_CBC; |
|
423 | 423 |
} |
424 | 424 |
|
425 | 425 |
bool |
426 | 426 |
cipher_kt_mode_ofb_cfb(const cipher_kt_t *cipher) |
427 | 427 |
{ |
428 |
- return (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
428 |
+ return cipher && (cipher_kt_mode(cipher) == OPENVPN_MODE_OFB || |
|
429 | 429 |
cipher_kt_mode(cipher) == OPENVPN_MODE_CFB); |
430 | 430 |
} |
431 | 431 |
|