key_state_gen_auth_control_files has subtle logic mistake

**Describe the bug**
https://github.com/OpenVPN/openvpn/blob/32e6586687a548174b88b64fe54bfae6c74d4c19/src/openvpn/ssl_verify.c#L996-L1013

It feels like this function has grown from 2 to 3 files over time, so minimally it feels like you want to make the `if` and `return` lines be `if (acf && apf && afr)` to cover `afr`'s creation.  That is, you could end up in the `true` areas if `afr` failed but the other two succeeded.  
OR, if this is intentional, it looks like a miss and might warrant a comment.

**To Reproduce**
Unknown, found by code reading.  It's highly unlikely this edge case would fail you.

**Expected behavior**

**Version information (please complete the following information):**

**Additional context**


	key_state_rm_auth_control_files(ads);
	const char *acf = platform_create_temp_file(opt->tmp_dir, "acf", &gc);
	const char *apf = platform_create_temp_file(opt->tmp_dir, "apf", &gc);
	const char *afr = platform_create_temp_file(opt->tmp_dir, "afr", &gc);

	if (acf && apf)
	{
	ads->auth_control_file = string_alloc(acf, NULL);
	ads->auth_pending_file = string_alloc(apf, NULL);
	ads->auth_failed_reason_file = string_alloc(afr, NULL);

	setenv_str(opt->es, "auth_control_file", ads->auth_control_file);
	setenv_str(opt->es, "auth_pending_file", ads->auth_pending_file);
	setenv_str(opt->es, "auth_failed_reason_file", ads->auth_failed_reason_file);
	}

	gc_free(&gc);
	return (acf && apf);

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

key_state_gen_auth_control_files has subtle logic mistake #535

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

key_state_gen_auth_control_files has subtle logic mistake #535

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions