From bb44e87f6a51318547a94a47ebc8f1523a29bb03 Mon Sep 17 00:00:00 2001
From: Antonio Quartulli <a@unstable.cc>
Date: Wed, 3 Aug 2022 17:40:49 +0200
Subject: [PATCH] push: fix compilation with --disable-management and
 --enable-werror

The authfail_extended and buf variables are only used when
ENABLE_MANAGEMENT is defined. However, they are currently declared
outside of any ifdefs, thus triggering a warning.

Move the declaration of these 2 down, right before their usage (within
the existing "#ifdef ENABLE_MANAGEMENT" block.

Fixes: ("Cleanup receive_auth_failed and simplify method")
Cc: Arne Schwabe <arne@rfc2549.org>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220803154049.1213-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24792.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/push.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 9503e666f..121ea691a 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -58,12 +58,6 @@ receive_auth_failed(struct context *c, const struct buffer *buffer)
         return;
     }
 
-    struct buffer buf = *buffer;
-
-    /* If the AUTH_FAIL message ends with a , it is an extended message that
-     * contains further flags */
-    bool authfail_extended = buf_string_compare_advance(&buf, "AUTH_FAILED,");
-
     /* Before checking how to react on AUTH_FAILED, first check if the
      * failed auth might be the result of an expired auth-token.
      * Note that a server restart will trigger a generic AUTH_FAILED
@@ -95,6 +89,12 @@ receive_auth_failed(struct context *c, const struct buffer *buffer)
         c->sig->signal_text = "auth-failure";
     }
 #ifdef ENABLE_MANAGEMENT
+    struct buffer buf = *buffer;
+
+    /* If the AUTH_FAIL message ends with a , it is an extended message that
+     * contains further flags */
+    bool authfail_extended = buf_string_compare_advance(&buf, "AUTH_FAILED,");
+
     if (management)
     {
         const char *reason = NULL;
@@ -112,7 +112,7 @@ receive_auth_failed(struct context *c, const struct buffer *buffer)
     {
         ssl_put_auth_challenge(BSTR(&buf));
     }
-#endif
+#endif /* ifdef ENABLE_MANAGEMENT */
 
 }
 
-- 
2.47.2