[Openvpn-devel,6/6] Use gc_arena in ncp_get_best_cipher

Message ID 20200217133453.29300-1-arne@rfc2549.org
State Superseded
Headers show
Series
  • [Openvpn-devel,v3,1/5] Only announce IV_NCP=2 when we are willing to support these ciphers
Related show

Commit Message

Arne Schwabe Feb. 17, 2020, 1:34 p.m.
This avoids using the session specific gc arena to hold the temporary
string returned by tls_peer_ncp_list for the whole session.
---
 src/openvpn/ssl_ncp.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

Patch

diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c
index 00400c1f..4c6af38d 100644
--- a/src/openvpn/ssl_ncp.c
+++ b/src/openvpn/ssl_ncp.c
@@ -216,10 +216,12 @@  ncp_get_best_cipher(const char *server_list, const char *server_cipher,
                     const char *peer_info,  const char *remote_cipher,
                     struct gc_arena *gc)
 {
-    const char *peer_ncp_list = tls_peer_ncp_list(peer_info, gc);
 
-    char *tmp_ciphers = string_alloc(server_list, NULL);
-    char *tmp_ciphers_orig = tmp_ciphers;
+    struct gc_arena gc_tmp = gc_new();
+
+    const char *peer_ncp_list = tls_peer_ncp_list(peer_info, &gc_tmp);
+
+    char *tmp_ciphers = string_alloc(server_list, &gc_tmp);
 
     const char *token = strsep(&tmp_ciphers, ":");
     while (token)
@@ -247,7 +249,7 @@  ncp_get_best_cipher(const char *server_list, const char *server_cipher,
         ret = string_alloc(token, gc);
     }
 
-    free(tmp_ciphers_orig);
+    gc_free(&gc_tmp);
     return ret;
 }