generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

nss: let nss_{cache,load}_crl return CURLcode

Browse Source
This commit is contained in:
Kamil Dudka 2014-07-03 23:53:44 +02:00
parent 0cd368c2ef
commit 2968f957aa
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lib/vtls/nss.c
View File

@ -439,7 +439,7 @@ static SECStatus nss_cache_crl(SECItem *crlDER)
/* CRL already cached */ /* CRL already cached */
SEC_DestroyCrl(crl); SEC_DestroyCrl(crl);
SECITEM_FreeItem(crlDER, PR_FALSE); SECITEM_FreeItem(crlDER, PR_FALSE);
return SECSuccess; return CURLE_SSL_CRL_BADFILE;
} }
/* acquire lock before call of CERT_CacheCRL() */ /* acquire lock before call of CERT_CacheCRL() */
@ -448,16 +448,16 @@ static SECStatus nss_cache_crl(SECItem *crlDER)
/* unable to cache CRL */ /* unable to cache CRL */
PR_Unlock(nss_crllock); PR_Unlock(nss_crllock);
SECITEM_FreeItem(crlDER, PR_FALSE); SECITEM_FreeItem(crlDER, PR_FALSE);
return SECFailure; return CURLE_SSL_CRL_BADFILE;
} }
/* we need to clear session cache, so that the CRL could take effect */ /* we need to clear session cache, so that the CRL could take effect */
SSL_ClearSessionCache(); SSL_ClearSessionCache();
PR_Unlock(nss_crllock); PR_Unlock(nss_crllock);
return SECSuccess; return CURLE_OK;
} }
static SECStatus nss_load_crl(const char* crlfilename) static CURLcode nss_load_crl(const char* crlfilename)
{ {
PRFileDesc *infile; PRFileDesc *infile;
PRFileInfo info; PRFileInfo info;
@ -467,7 +467,7 @@ static SECStatus nss_load_crl(const char* crlfilename)
infile = PR_Open(crlfilename, PR_RDONLY, 0); infile = PR_Open(crlfilename, PR_RDONLY, 0);
if(!infile) if(!infile)
return SECFailure; return CURLE_SSL_CRL_BADFILE;
if(PR_SUCCESS != PR_GetOpenFileInfo(infile, &info)) if(PR_SUCCESS != PR_GetOpenFileInfo(infile, &info))
goto fail; goto fail;
@ -513,7 +513,7 @@ static SECStatus nss_load_crl(const char* crlfilename)
fail: fail:
PR_Close(infile); PR_Close(infile);
SECITEM_FreeItem(&filedata, PR_FALSE); SECITEM_FreeItem(&filedata, PR_FALSE);
return SECFailure; return CURLE_SSL_CRL_BADFILE;
} }
static CURLcode nss_load_key(struct connectdata *conn, int sockindex, static CURLcode nss_load_key(struct connectdata *conn, int sockindex,
@ -1564,13 +1564,12 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
} }
if(data->set.ssl.CRLfile) { if(data->set.ssl.CRLfile) {
if(SECSuccess != nss_load_crl(data->set.ssl.CRLfile)) { const CURLcode rv = nss_load_crl(data->set.ssl.CRLfile);
curlerr = CURLE_SSL_CRL_BADFILE; if(CURLE_OK != rv) {
curlerr = rv;
goto error; goto error;
} }
infof(data, infof(data, " CRLfile: %s\n", data->set.ssl.CRLfile);
" CRLfile: %s\n",
data->set.ssl.CRLfile ? data->set.ssl.CRLfile : "none");
} }
if(data->set.str[STRING_CERT]) { if(data->set.str[STRING_CERT]) {