RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: jwt: Wrong return value checked 

The wrong return value was checked, resulting in dead code and
potential bugs.

It should fix GitHub issue #2005.
This patch should be backported up to 2.5.
This commit is contained in:
Remi Tricot-Le Breton 2023-01-20 09:37:26 +01:00 committed by William Lallemand
parent 7d84439b48
commit a0658c3cf3
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
reg-tests/jwt/jws_verify.vtc
View File

@ -265,7 +265,8 @@ client c12 -connect ${h1_mainfe_sock} {
rxresp
expect resp.status == 200
expect resp.http.x-jwt-alg == "ES512"
expect resp.http.x-jwt-verify-ES512 == "0"
# Invalid token
expect resp.http.x-jwt-verify-ES512 == "-3"
} -run

2
src/jwt.c
View File

@ -331,7 +331,7 @@ jwt_jwsverify_rsa_ecdsa(const struct jwt_ctx *ctx, struct buffer *decoded_signat
*/
if (is_ecdsa) {
int conv_retval = convert_ecdsa_sig(ctx, entry->pkey, decoded_signature);
if (retval != 0) {
if (conv_retval != 0) {
retval = conv_retval;
goto end;
}