[Openvpn-devel,XS] Change in openvpn[master]: pkcs11_openssl: Disable unused code

Message ID 6b941ce86c4031a5535d6c1997e6ae06c9aec7b3-HTML@gerrit.openvpn.net
State Not Applicable
Headers show
Series [Openvpn-devel,XS] Change in openvpn[master]: pkcs11_openssl: Disable unused code | expand

Commit Message

mrbff (Code Review) July 28, 2023, 1:03 p.m. UTC
flichtenheld has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/317?usp=email )


Change subject: pkcs11_openssl: Disable unused code
......................................................................

pkcs11_openssl: Disable unused code

Coverity: CID 1539183 (#1 of 1): Structurally dead code (UNREACHABLE)

Change-Id: I889de8bafb581b810a026c7359fbfee94f1b5a4e
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
---
M src/openvpn/pkcs11_openssl.c
1 file changed, 2 insertions(+), 2 deletions(-)



  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/17/317/1

Comments

Gert Doering Aug. 11, 2023, 3:09 p.m. UTC | #1
ACK from Selva in Gerrit (and Gerrit URL recorded in the commit).

Patch makes sense.  Test compiled on Linux with --enable-pkcs11.

Your patch has been applied to the master and release/2.6 branch.

commit 38fbddc94596b6b2d8fa93a8bd0aca7dbb220def (master)
commit dd0a3f3af229c62957d6a223fcb91278c6b77650 (release/2.6)
Author: Frank Lichtenheld
Date:   Fri Jul 28 14:42:01 2023 +0200

     pkcs11_openssl: Disable unused code

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Selva Nair <selva.nair@gmail.com>
     Message-Id: <6b941ce86c4031a5535d6c1997e6ae06c9aec7b3-HTML@gerrit.openvpn.net>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26901.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c
index 7c07152..40080ef 100644
--- a/src/openvpn/pkcs11_openssl.c
+++ b/src/openvpn/pkcs11_openssl.c
@@ -331,8 +331,7 @@ 
 
 #ifdef HAVE_XKEY_PROVIDER
     return (xkey_load_from_pkcs11h(certificate, ssl_ctx) == 0); /* inverts the return value */
-#endif
-
+#else
     int ret = 1;
 
     X509 *x509 = NULL;
@@ -402,6 +401,7 @@ 
         openssl_session = NULL;
     }
     return ret;
+#endif /* ifdef HAVE_XKEY_PROVIDER */
 }
 
 char *