From 5c344f297682cf11793407fca4547968aee22d95 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Mon, 20 Mar 2017 19:19:01 +0100 Subject: [PATCH] Don't dereference myself->incipher if it's NULL. This fixes #142 on GitHub. --- NEWS | 4 ++++ src/net_setup.c | 7 +++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 34c6f1f..028cc9c 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Version 1.0.32 not released yet + + * Fix segmentation fault when using Cipher = none. + Version 1.0.31 January 15 2017 * Remove ExecStop in tinc@.service. diff --git a/src/net_setup.c b/src/net_setup.c index d766888..2371f7e 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -1,7 +1,7 @@ /* net_setup.c -- Setup. Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2016 Guus Sliepen + 2000-2017 Guus Sliepen 2006 Scott Lamb 2010 Brandon Black @@ -660,9 +660,12 @@ static bool setup_myself(void) { /* We need to use a stream mode for the meta protocol. Use AES for this, but try to match the key size with the one from the cipher selected by Cipher. + + If Cipher is set to none, still use a low level of encryption for the + meta protocol. */ - int keylen = EVP_CIPHER_key_length(myself->incipher); + int keylen = myself->incipher ? EVP_CIPHER_key_length(myself->incipher) : 0; if(keylen <= 16) myself->connection->outcipher = EVP_aes_128_cfb(); else if(keylen <= 24) -- 2.25.1