summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2016-06-17 13:50:55 +0200
committerJakub Hrozek <jhrozek@redhat.com>2016-07-07 18:13:27 +0200
commitecd48ae244dbb6490989752fba99b58d84babfa6 (patch)
tree9536b4a754c24a666f2f6c2c3900207b020629ce
parentc5a47e4a809aca39669e26d6136f8056952efd74 (diff)
downloadsssd-ecd48ae244dbb6490989752fba99b58d84babfa6.zip
sssd-ecd48ae244dbb6490989752fba99b58d84babfa6.tar.gz
sssd-ecd48ae244dbb6490989752fba99b58d84babfa6.tar.xz
SSH-CERT: always initialize cert_verify_opts
Currently cert_verify_opts is only initialized when there is an option in the config file. This might cause issues later when the struct is accessed. Since parse_cert_verify_opts() can already handle an empty option the additional check is not needed at all. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r--src/responder/ssh/sshsrv_cmd.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c
index 72e58ea..ab721d6 100644
--- a/src/responder/ssh/sshsrv_cmd.c
+++ b/src/responder/ssh/sshsrv_cmd.c
@@ -843,14 +843,12 @@ static errno_t get_valid_certs_keys(TALLOC_CTX *mem_ctx,
goto done;
}
- if (cert_verification_opts != NULL) {
- ret = parse_cert_verify_opts(tmp_ctx, cert_verification_opts,
- &cert_verify_opts);
- if (ret != EOK) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- "Failed to parse verifiy option.\n");
- goto done;
- }
+ ret = parse_cert_verify_opts(tmp_ctx, cert_verification_opts,
+ &cert_verify_opts);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ "Failed to parse verifiy option.\n");
+ goto done;
}
el_res = talloc_zero(tmp_ctx, struct ldb_message_element);