moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity

nss: Don't ignore Curl_ssl_init_certinfo() OOM failure

Browse Source
This commit is contained in:
Steve Holme 2014-12-27 20:50:14 +00:00
parent b235c29366
commit 0943045108
1 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/vtls/nss.c
View File

@ -725,8 +725,9 @@ static void display_cert_info(struct SessionHandle *data,
PR_Free(common_name); PR_Free(common_name);
} }
static void display_conn_info(struct connectdata *conn, PRFileDesc *sock) static CURLcode display_conn_info(struct connectdata *conn, PRFileDesc *sock)
{ {
CURLcode result = CURLE_OK;
SSLChannelInfo channel; SSLChannelInfo channel;
SSLCipherSuiteInfo suite; SSLCipherSuiteInfo suite;
CERTCertificate *cert; CERTCertificate *cert;
@ -745,7 +746,6 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc *sock)
} }
cert = SSL_PeerCertificate(sock); cert = SSL_PeerCertificate(sock);
if(cert) { if(cert) {
infof(conn->data, "Server certificate:\n"); infof(conn->data, "Server certificate:\n");
@ -770,7 +770,9 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc *sock)
cert2 = cert3; cert2 = cert3;
} }
} }
Curl_ssl_init_certinfo(conn->data, i);
result = Curl_ssl_init_certinfo(conn->data, i);
if(!result) {
for(i = 0; cert; cert = cert2) { for(i = 0; cert; cert = cert2) {
Curl_extract_certinfo(conn, i++, (char *)cert->derCert.data, Curl_extract_certinfo(conn, i++, (char *)cert->derCert.data,
(char *)cert->derCert.data + cert->derCert.len); (char *)cert->derCert.data + cert->derCert.len);
@ -783,8 +785,9 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc *sock)
} }
} }
} }
}
return; return result;
} }
static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) static SECStatus BadCertHandler(void *arg, PRFileDesc *sock)
@ -1694,7 +1697,9 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex)
goto error; goto error;
} }
display_conn_info(conn, connssl->handle); result = display_conn_info(conn, connssl->handle);
if(result)
goto error;
if(data->set.str[STRING_SSL_ISSUERCERT]) { if(data->set.str[STRING_SSL_ISSUERCERT]) {
SECStatus ret = SECFailure; SECStatus ret = SECFailure;