Fix binary and (&) used in auth-token check instead of logical and (&&)

AUTH_TOKEN_HMAC_OK is 1, so the first term is always 0/1 and the bool
from the second part is also 0/1, so the & does the same in this instance
as &&.

In this specific case & instead && does not change behaviour but using
&& is the intended semantic behaviour.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210331155508.19423-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21911.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index cc70c06c3554f6791f37f2f26cdc01484babd931..d571b686e0cd373a3fba9a1d1026629b5ddd6cd2 100644 (file)
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -99,7 +99,7 @@ add_session_token_env(struct tls_session *session, struct tls_multi *multi,
     /* We had a valid session id before */
     const char *session_id_source;
     if (multi->auth_token_state_flags & AUTH_TOKEN_HMAC_OK
-        &!(multi->auth_token_state_flags & AUTH_TOKEN_EXPIRED))
+        && !(multi->auth_token_state_flags & AUTH_TOKEN_EXPIRED))
     {
         session_id_source = up->password;
     }