From 53dea3883463afb4bdc84abc4a56a326efdd5419 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 31 Oct 2017 20:15:03 +0100
Subject: [PATCH] ifcfg-rh: refactor write_object() to avoid coverity warning

Coverity detects that the "if (blob)" condition must always be true.
Reorder the code, to avoid the warning. It's a bit clearer this way
anyway.
---
 .../plugins/ifcfg-rh/nms-ifcfg-rh-writer.c    | 31 ++++++++-----------
 1 file changed, 13 insertions(+), 18 deletions(-)

diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index ea2e4af3e2..fafaa848bd 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -226,6 +226,7 @@ write_object (NMSetting8021x *s_8021x,
 	NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
 	char *secret_name, *secret_flags;
 	const char *extension;
+	char *standard_file;
 
 	g_return_val_if_fail (ifcfg != NULL, FALSE);
 	g_return_val_if_fail (objtype != NULL, FALSE);
@@ -265,24 +266,6 @@ write_object (NMSetting8021x *s_8021x,
 	else
 		extension = "pem";
 
-	/* If certificate/private key wasn't sent, the connection may no longer be
-	 * 802.1x and thus we clear out the paths and certs.
-	 */
-	if (!value && !blob) {
-		char *standard_file;
-
-		/* Since no cert/private key is now being used, delete any standard file
-		 * that was created for this connection, but leave other files alone.
-		 * Thus, for example,
-		 * /etc/sysconfig/network-scripts/ca-cert-Test_Write_Wifi_WPA_EAP-TLS.der
-		 * will be deleted, but /etc/pki/tls/cert.pem will not.
-		 */
-		standard_file = utils_cert_path (svFileGetName (ifcfg), objtype->vtable->file_suffix, extension);
-		g_hash_table_replace (blobs, standard_file, NULL);
-		svUnsetValue (ifcfg, objtype->ifcfg_rh_key);
-		return TRUE;
-	}
-
 	/* If the object path was specified, prefer that over any raw cert data that
 	 * may have been sent.
 	 */
@@ -301,6 +284,18 @@ write_object (NMSetting8021x *s_8021x,
 		return TRUE;
 	}
 
+	/* If certificate/private key wasn't sent, the connection may no longer be
+	 * 802.1x and thus we clear out the paths and certs.
+	 *
+	 * Since no cert/private key is now being used, delete any standard file
+	 * that was created for this connection, but leave other files alone.
+	 * Thus, for example,
+	 * /etc/sysconfig/network-scripts/ca-cert-Test_Write_Wifi_WPA_EAP-TLS.der
+	 * will be deleted, but /etc/pki/tls/cert.pem will not.
+	 */
+	standard_file = utils_cert_path (svFileGetName (ifcfg), objtype->vtable->file_suffix, extension);
+	g_hash_table_replace (blobs, standard_file, NULL);
+	svUnsetValue (ifcfg, objtype->ifcfg_rh_key);
 	return TRUE;
 }