diff options
author | Sumit Bose <sbose@redhat.com> | 2016-06-17 13:50:55 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-07-07 18:13:27 +0200 |
commit | ecd48ae244dbb6490989752fba99b58d84babfa6 (patch) | |
tree | 9536b4a754c24a666f2f6c2c3900207b020629ce /src | |
parent | c5a47e4a809aca39669e26d6136f8056952efd74 (diff) | |
download | sssd-ecd48ae244dbb6490989752fba99b58d84babfa6.tar.gz sssd-ecd48ae244dbb6490989752fba99b58d84babfa6.tar.xz sssd-ecd48ae244dbb6490989752fba99b58d84babfa6.zip |
SSH-CERT: always initialize cert_verify_opts
Currently cert_verify_opts is only initialized when there is an option
in the config file. This might cause issues later when the struct is
accessed. Since parse_cert_verify_opts() can already handle an empty
option the additional check is not needed at all.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/responder/ssh/sshsrv_cmd.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c index 72e58ea20..ab721d66e 100644 --- a/src/responder/ssh/sshsrv_cmd.c +++ b/src/responder/ssh/sshsrv_cmd.c @@ -843,14 +843,12 @@ static errno_t get_valid_certs_keys(TALLOC_CTX *mem_ctx, goto done; } - if (cert_verification_opts != NULL) { - ret = parse_cert_verify_opts(tmp_ctx, cert_verification_opts, - &cert_verify_opts); - if (ret != EOK) { - DEBUG(SSSDBG_FATAL_FAILURE, - "Failed to parse verifiy option.\n"); - goto done; - } + ret = parse_cert_verify_opts(tmp_ctx, cert_verification_opts, + &cert_verify_opts); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to parse verifiy option.\n"); + goto done; } el_res = talloc_zero(tmp_ctx, struct ldb_message_element); |