nss: prevent NSS from crashing on client auth hook failure

Although it is not explicitly stated in the documentation, NSS uses *pRetCert and *pRetKey even if the client authentication hook returns a failure. Namely, if we destroy *pRetCert without clearing *pRetCert afterwards, NSS destroys the certificate once again, which causes a double free. Reported by: Bob Relyea
2012-12-03 13:17:50 +01:00
parent 2ecdd48683
commit 68d2830ee9
2 changed files with 13 additions and 8 deletions
--- a/4
+++ b/4
@@ -13,7 +13,7 @@ This release includes the following changes:

 This release includes the following bugfixes:

- o 
+ o nss: prevent NSS from crashing on client auth hook failure

 This release includes the following known bugs:

@@ -28,4 +28,4 @@ advice from friends like these:

 References to bug reports and discussions on issues:

- 
+