Commit ("openssl: Fix compilation without deprecated OpenSSL 1.1 APIs")
has removed the cipher_ctx_cleanup() API, as it is not anymore required
to be a distinct call. However, while doing so it also touched the
mbedtls backend in a wrong way causing a systematic segfault upon connection.
Basically mbedtls_cipher_free(ctx) was moved from the defunct
cipher_ctx_cleanup()
to md_ctx_free(), while it was supposed to go into cipher_ctx_free().
This was clearly wrong as also the type of the ctx variable was not
correct anymore.
Fix this mistake by actually moving mbedtls_cipher_free(ctx) to
cipher_ctx_free().
Signed-off-by: Antonio Quartulli <a...@unstable.cc>
---
src/openvpn/crypto_mbedtls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index f924323d..648a988e 100644
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -591,6 +591,7 @@ cipher_ctx_new(void)
void
cipher_ctx_free(mbedtls_cipher_context_t *ctx)
{
+ mbedtls_cipher_free(ctx);
free(ctx);
}
@@ -855,7 +856,6 @@ md_ctx_new(void)
void
md_ctx_free(mbedtls_md_context_t *ctx)
{
- mbedtls_cipher_free(ctx);
free(ctx);
}
--
2.22.1
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
