From cbbccb8b3aa357926131375e7082b2579fa3fe82 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 19 Mar 2025 18:58:56 +0100 Subject: [PATCH] mbedtls: re-enable an error check While adding support for key blobs, a check and error code update moved after some logic, resulting in the updated code not checked anymore. Detected by clang-tidy: ``` lib/vtls/mbedtls.c:768:7: error: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores,-warnings-as-errors] 768 | ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; | ^ ``` Ref: https://github.com/curl/curl/actions/runs/13953249156/job/39057979349?pr=16764#step:12:178 Regression from 05e0453050def7323fbc8210886f909819edcc5f #7157 Cherry-picked from #16764 Closes #16766 --- lib/vtls/mbedtls.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 653f0a3d51..f50bed81ed 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -726,6 +726,9 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key, ssl_config->key_passwd); #endif + if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) || + mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY))) + ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -754,6 +757,9 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) (const unsigned char *)passwd, passwd ? strlen(passwd) : 0); #endif + if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) || + mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY))) + ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -762,10 +768,6 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) return CURLE_SSL_CERTPROBLEM; } } - - if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) || - mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY))) - ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; } /* Load the CRL */ -- 2.47.2