1 files changed, 12 insertions, 4 deletions

diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c
index 551c352..47fb62a 100644
--- a/src/openvpn/ssl_polarssl.c
+++ b/src/openvpn/ssl_polarssl.c
@@ -173,7 +173,12 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
 {
   char *tmp_ciphers, *tmp_ciphers_orig, *token;
   int i, cipher_count;
-  int ciphers_len = strlen (ciphers);
+  int ciphers_len;
+
+  if (NULL == ciphers)
+    return; /* Nothing to do */
+
+  ciphers_len = strlen (ciphers);
 
   ASSERT (NULL != ctx);
   ASSERT (0 != ciphers_len);
@@ -1038,10 +1043,11 @@ show_available_tls_ciphers (const char *cipher_list)
   struct tls_root_ctx tls_ctx;
   const int *ciphers = ssl_list_ciphersuites();
 
-  if (cipher_list) {
-    tls_ctx_restrict_ciphers(&tls_ctx, cipher_list);
+  tls_ctx_server_new(&tls_ctx);
+  tls_ctx_restrict_ciphers(&tls_ctx, cipher_list);
+
+  if (tls_ctx.allowed_ciphers)
     ciphers = tls_ctx.allowed_ciphers;
-  }
 
 #ifndef ENABLE_SMALL
   printf ("Available TLS Ciphers,\n");
@@ -1054,6 +1060,8 @@ show_available_tls_ciphers (const char *cipher_list)
       ciphers++;
     }
   printf ("\n");
+
+  tls_ctx_free(&tls_ctx);
 }
 
 void