From: Guus Sliepen Date: Mon, 20 Mar 2017 18:19:01 +0000 (+0100) Subject: Don't dereference myself->incipher if it's NULL. X-Git-Tag: release-1.0.32~12 X-Git-Url: https://tinc-vpn.org/git/browse?a=commitdiff_plain;h=5c344f297682cf11793407fca4547968aee22d95;p=tinc Don't dereference myself->incipher if it's NULL. This fixes #142 on GitHub. --- diff --git a/NEWS b/NEWS index 34c6f1f5..028cc9cd 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Version 1.0.32 not released yet + + * Fix segmentation fault when using Cipher = none. + Version 1.0.31 January 15 2017 * Remove ExecStop in tinc@.service. diff --git a/src/net_setup.c b/src/net_setup.c index d7668885..2371f7ee 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -1,7 +1,7 @@ /* net_setup.c -- Setup. Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2016 Guus Sliepen + 2000-2017 Guus Sliepen 2006 Scott Lamb 2010 Brandon Black @@ -660,9 +660,12 @@ static bool setup_myself(void) { /* We need to use a stream mode for the meta protocol. Use AES for this, but try to match the key size with the one from the cipher selected by Cipher. + + If Cipher is set to none, still use a low level of encryption for the + meta protocol. */ - int keylen = EVP_CIPHER_key_length(myself->incipher); + int keylen = myself->incipher ? EVP_CIPHER_key_length(myself->incipher) : 0; if(keylen <= 16) myself->connection->outcipher = EVP_aes_128_cfb(); else if(keylen <= 24)