e_capi patch
15 views
Skip to first unread message
Daniel Sahlberg
Jun 16, 2025, 2:51:22 AMJun 16
to TortoiseSVN-dev
Hi,
I was reviewing the e_capi patch (https://sourceforge.net/p/tortoisesvn/code/HEAD/tree/trunk/ext/build/openssl.patch) and spotted the below section:
[[[
@@ -1786,9 +1906,22 @@
return 0;
/* Select the appropriate certificate */
+ TSVN_GetSHA1HashFromX509(ca_dn, hash);
+ strcpy(lastUsedAuthCacheHash, hash);
+ client_cert_idx = TSVN_GetSavedIndexForHash(hash);
+ if ((client_cert_idx < 0) || (client_cert_idx >= sk_X509_num(certs)))
+ {
+ client_cert_idx = ctx->client_cert_select(e, ssl, certs);
+ if (client_cert_idx >= 0)
+ {
+ TSVN_SaveIndexForHash(hash, client_cert_idx);
+ }
+ }
+ else if (client_cert_idx >= sk_X509_num(certs))
+ {
+ TSVN_ClearLastUsedAuthCache();
+ }
]]]
return 0;
/* Select the appropriate certificate */
+ TSVN_GetSHA1HashFromX509(ca_dn, hash);
+ strcpy(lastUsedAuthCacheHash, hash);
+ client_cert_idx = TSVN_GetSavedIndexForHash(hash);
+ if ((client_cert_idx < 0) || (client_cert_idx >= sk_X509_num(certs)))
+ {
+ client_cert_idx = ctx->client_cert_select(e, ssl, certs);
+ if (client_cert_idx >= 0)
+ {
+ TSVN_SaveIndexForHash(hash, client_cert_idx);
+ }
+ }
+ else if (client_cert_idx >= sk_X509_num(certs))
+ {
+ TSVN_ClearLastUsedAuthCache();
+ }
]]]
To me it looks like the else if branch can't ever be executed since the same condition is also in the if branch. Am I missing something?
Cheers,
Daniel
Stefan
Jun 17, 2025, 2:11:03 PMJun 17
to TortoiseSVN-dev
that seems like a bug. But it's been there since the start of our openssl patch in 2013, so I think it's not really critical ;)
I'll fix the patch...
Reply all
Reply to author
Forward
0 new messages