Message ID | 20250121161247.37883-1-frank@lichtenheld.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,v1] Remove comparing username to NULL in tls_lock_username | expand |
JFTR, v2 in gerrit is "the same as v1, just rebased", so taking what is already on the list here. And indeed, in the only call chain to this, we have string_mod_remap_name(up->username); .. so this should better be non-NULL :-) (ASSERT(str) in string_mod()). Your patch has been applied to the master branch. commit d9af13e8c222cba41000202908663a6d1e2cd028 Author: Arne Schwabe Date: Tue Jan 21 17:12:47 2025 +0100 Remove comparing username to NULL in tls_lock_username Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com> Message-Id: <20250121161247.37883-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30520.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 4c4b58d..e7d7ed6 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -153,11 +153,11 @@ { if (multi->locked_username) { - if (!username || strcmp(username, multi->locked_username)) + if (strcmp(username, multi->locked_username) != 0) { msg(D_TLS_ERRORS, "TLS Auth Error: username attempted to change from '%s' to '%s' -- tunnel disabled", multi->locked_username, - np(username)); + username); /* disable the tunnel */ tls_deauthenticate(multi); @@ -166,10 +166,7 @@ } else { - if (username) - { - multi->locked_username = string_alloc(username, NULL); - } + multi->locked_username = string_alloc(username, NULL); } return true; }