From 06feeb244d0a4f9f6f3a241f2a35840dabfbce43 Mon Sep 17 00:00:00 2001
From: Aaron Jones <aaronmdjones@gmail.com>
Date: Wed, 17 Aug 2016 16:58:40 +0000
Subject: [PATCH] GNUTLS: Avoid null derefence in constructing ciphersuite

---
 libratbox/src/gnutls.c | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/libratbox/src/gnutls.c b/libratbox/src/gnutls.c
index f51211fe..88be06b1 100644
--- a/libratbox/src/gnutls.c
+++ b/libratbox/src/gnutls.c
@@ -673,11 +673,27 @@ rb_ssl_get_cipher(rb_fde_t *F)
 {
 	static char buf[1024];
 
-	rb_snprintf(buf, sizeof(buf), "%s-%s-%s-%s",
-		gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))),
-		gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))),
-		gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))),
-		gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))));
+	const char* proto_name =
+	    gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F)));
+
+	const char* kex_alg_name =
+	    gnutls_kx_get_name(gnutls_kx_get(SSL_P(F)));
+
+	const char* cipher_alg_name =
+	    gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F)));
+
+	const char* mac_alg_name =
+	    gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))));
+
+	(void) rb_snprintf(buf, sizeof buf, "%s%s%s%s%s%s%s",
+	                   proto_name ? proto_name : "",
+	                   proto_name ? ", " : "",
+	                   kex_alg_name ? kex_alg_name : "",
+	                   kex_alg_name ? "-" : "",
+	                   cipher_alg_name ? cipher_alg_name : "",
+	                   cipher_alg_name ? "-" : "",
+	                   mac_alg_name ? mac_alg_name : "",
+	                   mac_alg_name ? "-" : "");
 
 	return buf;
 }