Remove unneeded check for extra_certs_file_inline

As with all the file/file_inline variable, the _inline variable is only
relevant if the file variable is equal to INLINE_FILE_TAG.  The
tls_ctx_load_extra_certs() function nicely follows this mantra.

Removing this unneeded check silences a coverity 'dereference after null
check' warning (tls_ctx_load_extra_certs() always dereferences
options->extra_cert_file, and the check implies it might be null).  In
reality, this cannot occur, because if options->extra_cert_file_inline is
non-null, so is options->extra_cert_file.  Still, coverity is correct this
this check is a bit weird, so let's fix it and make coverity happy.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1478640507-14415-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12978.html
Signed-off-by: David Sommerseth <davids@openvpn.net>

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 88aeaadac32a23cc4ee439efb7ce70bb5678a0de..c1951adcc20ddec22e1d4c451ec59ba830d740df 100644 (file)
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -600,7 +600,7 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx)
 
   /* Load extra certificates that are part of our own certificate
      chain but shouldn't be included in the verify chain */
-  if (options->extra_certs_file || options->extra_certs_file_inline)
+  if (options->extra_certs_file)
     {
       tls_ctx_load_extra_certs(new_ctx, options->extra_certs_file, options->extra_certs_file_inline);
     }