Add scopes for the conditional code, remove local scope that's only needed
for c89 support (which we dropped).
This patch should be applied after the SHA256 fingerprint support patch.
Signed-off-by: Steffan Karger <stef...@karger.me>
---
src/openvpn/ssl_verify.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c
index 15a5de8..d0c22b8 100644
--- a/src/openvpn/ssl_verify.c
+++ b/src/openvpn/ssl_verify.c
@@ -197,14 +197,17 @@ cert_hash_remember (struct tls_session *session, const
int error_depth,
if (error_depth >= 0 && error_depth < MAX_CERT_DEPTH)
{
if (!session->cert_hash_set)
- ALLOC_OBJ_CLEAR (session->cert_hash_set, struct cert_hash_set);
+ {
+ ALLOC_OBJ_CLEAR (session->cert_hash_set, struct cert_hash_set);
+ }
if (!session->cert_hash_set->ch[error_depth])
- ALLOC_OBJ (session->cert_hash_set->ch[error_depth], struct cert_hash);
- {
- struct cert_hash *ch = session->cert_hash_set->ch[error_depth];
- ASSERT (sizeof (ch->sha256_hash) == BLEN (cert_hash));
- memcpy (ch->sha256_hash, BPTR (cert_hash), sizeof (ch->sha256_hash));
- }
+ {
+ ALLOC_OBJ (session->cert_hash_set->ch[error_depth], struct cert_hash);
+ }
+
+ struct cert_hash *ch = session->cert_hash_set->ch[error_depth];
+ ASSERT (sizeof (ch->sha256_hash) == BLEN (cert_hash));
+ memcpy (ch->sha256_hash, BPTR (cert_hash), sizeof (ch->sha256_hash));
}
}
--
2.7.4
------------------------------------------------------------------------------
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
