mirror of
https://github.com/schwabe/ics-openvpn.git
synced 2024-09-20 12:02:28 +02:00
Fix tls-cipher when invalid ciphers are given
This commit is contained in:
parent
f50f5b550a
commit
ad2256b6fe
@ -217,8 +217,9 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
|
||||
ASSERT(NULL != ctx);
|
||||
|
||||
// Translate IANA cipher suite names to OpenSSL names
|
||||
for (begin_of_cipher = 0; begin_of_cipher < strlen(ciphers); begin_of_cipher = end_of_cipher+1) {
|
||||
end_of_cipher = strcspn(&ciphers[begin_of_cipher], ":");
|
||||
begin_of_cipher = end_of_cipher = 0;
|
||||
for (; begin_of_cipher < strlen(ciphers); begin_of_cipher = end_of_cipher) {
|
||||
end_of_cipher += strcspn(&ciphers[begin_of_cipher], ":");
|
||||
cipher_pair = tls_get_cipher_name_pair(&ciphers[begin_of_cipher], end_of_cipher - begin_of_cipher);
|
||||
|
||||
if (NULL == cipher_pair)
|
||||
@ -257,6 +258,8 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
|
||||
openssl_ciphers_len += current_cipher_len;
|
||||
openssl_ciphers[openssl_ciphers_len] = ':';
|
||||
openssl_ciphers_len++;
|
||||
|
||||
end_of_cipher++;
|
||||
}
|
||||
|
||||
if (openssl_ciphers_len > 0)
|
||||
|
Loading…
Reference in New Issue
Block a user