From: Tim Duesterhus Date: Fri, 29 Oct 2021 16:06:55 +0000 (+0200) Subject: MINOR: jwt: Make invalid static JWT algorithms an error in `jwt_verify` converter X-Git-Tag: v2.5-dev13~34 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ab896ee3f7eee28d159a04248e61b68abd5a694c;p=thirdparty%2Fhaproxy.git MINOR: jwt: Make invalid static JWT algorithms an error in `jwt_verify` converter It is not useful to start a configuration where an invalid static string is provided as the JWT algorithm. Better make the administrator aware of the suspected typo by failing to start. --- diff --git a/src/sample.c b/src/sample.c index 9200ca3034..5abf4712aa 100644 --- a/src/sample.c +++ b/src/sample.c @@ -3522,14 +3522,14 @@ static int sample_conv_jwt_verify_check(struct arg *args, struct sample_conv *co switch(alg) { case JWT_ALG_DEFAULT: - memprintf(err, "unknown JWT algorithm : %s", *err); - break; + memprintf(err, "unknown JWT algorithm: %s", args[0].data.str.area); + return 0; case JWS_ALG_PS256: case JWS_ALG_PS384: case JWS_ALG_PS512: memprintf(err, "RSASSA-PSS JWS signing not managed yet"); - break; + return 0; default: break;