Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Add explicit check for user/pass before ntlm_manual_challenge()
This is redundant since we should never reach state NTLM_MANUAL_REQ if
we don't have username and password. But Coverity can't spot that.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed Feb 28, 2015
1 parent 8e10de6 commit cdfd968
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ntlm.c
Expand Up @@ -1026,7 +1026,7 @@ int ntlm_authorization(struct openconnect_info *vpninfo, int proxy,
auth_state->state = NTLM_MANUAL_REQ;
return 0;
}
if (auth_state->state == NTLM_MANUAL_REQ &&
if (auth_state->state == NTLM_MANUAL_REQ && user && pass &&
!ntlm_manual_challenge(vpninfo, auth_state, buf, user, pass)) {
/* Leave the state as it is. If we come back there'll be no
challenge string and we'll fail then. */
Expand Down

0 comments on commit cdfd968

Please sign in to comment.