From: ido@wireplug.org
Subject: wg(4): remove redundant if statement
To: tech@openbsd.org
Date: Thu, 18 Sep 2025 16:30:29 +0000

Hi,

The outer if statement seems redundant.
Tested against current on an amd64 laptop.

Ido

diff --git sys/net/wg_noise.c sys/net/wg_noise.c
index c4d64baeeec..97d704e9ee5 100644
--- sys/net/wg_noise.c
+++ sys/net/wg_noise.c
@@ -651,16 +651,14 @@ noise_remote_decrypt(struct noise_remote *r, uint32_t r_idx, uint64_t nonce,
 	 * next keypair into current. If we do slide the next keypair in, then
 	 * we skip the REKEY_AFTER_TIME_RECV check. This is safe to do as a
 	 * data packet can't confirm a session that we are an INITIATOR of. */
-	if (kp == r->r_next) {
-		if (kp == r->r_next && kp->kp_local_index == r_idx) {
-			noise_remote_keypair_free(r, r->r_previous);
-			r->r_previous = r->r_current;
-			r->r_current = r->r_next;
-			r->r_next = NULL;
+	if (kp == r->r_next && kp->kp_local_index == r_idx) {
+		noise_remote_keypair_free(r, r->r_previous);
+		r->r_previous = r->r_current;
+		r->r_current = r->r_next;
+		r->r_next = NULL;
 
-			ret = ECONNRESET;
-			goto error;
-		}
+		ret = ECONNRESET;
+		goto error;
 	}
 
 	/* Similar to when we encrypt, we want to notify the caller when we