mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-06 23:27:04 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl: Remove dead code in cli_parse_update_ocsp_response

Browse Source 
This patch removes dead code from the cli_parse_update_ocsp_response
function. The 'end' label in only used in case of error so the check of
the 'errcode' variable and the errcode variable itself become useless.

This patch does not need to be backported.
It fixes GitHub issue #2077.
This commit is contained in:
Remi Tricot-Le Breton 2023-03-21 10:26:20 +01:00 committed by William Lallemand
parent 7e64d8720e
commit ae5187721f
1 changed files with 1 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/ssl_ocsp.c
View File

@ -1341,7 +1341,6 @@ REGISTER_PRE_CHECK(ssl_ocsp_update_precheck);
static int cli_parse_update_ocsp_response(char **args, char *payload, struct appctx *appctx, void *private)
{
int errcode = 0;
char *err = NULL;
struct ckch_store *ckch_store = NULL;
struct certificate_ocsp *ocsp = NULL;
@ -1358,7 +1357,6 @@ static int cli_parse_update_ocsp_response(char **args, char *payload, struct app
* manipulate ckch_store and ckch_inst */
if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock)) {
memprintf(&err, "%sCan't update the certificate!\nOperations on certificates are currently locked!\n", err ? err : "");
errcode |= ERR_ALERT | ERR_FATAL;
goto end;
}
@ -1366,7 +1364,6 @@ static int cli_parse_update_ocsp_response(char **args, char *payload, struct app
if (!ckch_store) {
memprintf(&err, "%sUnknown certificate! 'update ssl ocsp-response' expects an already known certificate file name.\n", err ? err : "");
errcode |= ERR_ALERT | ERR_FATAL;
HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
goto end;
}
@ -1381,7 +1378,6 @@ static int cli_parse_update_ocsp_response(char **args, char *payload, struct app
ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
if (!ocsp) {
memprintf(&err, "%s'update ssl ocsp-response' only works on certificates that already have a known OCSP response.\n", err ? err : "");
errcode |= ERR_ALERT | ERR_FATAL;
HA_SPIN_UNLOCK(OCSP_LOCK, &ocsp_tree_lock);
goto end;
}
@ -1404,10 +1400,7 @@ static int cli_parse_update_ocsp_response(char **args, char *payload, struct app
return 0;
end:
if (errcode & ERR_CODE) {
return cli_dynerr(appctx, memprintf(&err, "%sCan't send ocsp request for %s!\n", err ? err : "", args[3]));
}
return cli_dynmsg(appctx, LOG_NOTICE, err);
return cli_dynerr(appctx, memprintf(&err, "%sCan't send ocsp request for %s!\n", err ? err : "", args[3]));
}
#endif /* !defined OPENSSL_IS_BORINGSSL */