moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

nss: provide human-readable names for NSS errors

This commit is contained in:
Kamil Dudka 2012-04-11 13:44:20 +02:00
parent 20cb12db8d
commit a60edcc6d4
2 changed files with 26 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
RELEASE-NOTES
View File

@ -10,6 +10,7 @@ Curl and libcurl 7.25.1
This release includes the following changes:
o nss: the minimal supported version of NSS bumped to 3.12.x
o nss: human-readable names are now provided for NSS errors if available
o
This release includes the following bugfixes:

32
lib/nss.c
View File

@ -62,6 +62,7 @@
#include <certdb.h>
#include <base64.h>
#include <cert.h>
#include <prerror.h>
#include "curl_memory.h"
#include "rawstr.h"
@ -176,6 +177,15 @@ static const int enable_ciphers_by_default[] = {
static const char* pem_library = "libnsspem.so";
SECMODModule* mod = NULL;
static const char* nss_error_to_name(PRErrorCode code)
{
const char *name = PR_ErrorToName(code);
if(name)
return name;
return "unknown error";
}
static SECStatus set_ciphers(struct SessionHandle *data, PRFileDesc * model,
char *cipher_list)
{
@ -548,8 +558,11 @@ static CURLcode cert_stuff(struct connectdata *conn, int sockindex,
if(cert_file) {
rv = nss_load_cert(&conn->ssl[sockindex], cert_file, PR_FALSE);
if(CURLE_OK != rv) {
if(!display_error(conn, PR_GetError(), cert_file))
failf(data, "Unable to load client cert %d.", PR_GetError());
const PRErrorCode err = PR_GetError();
if(!display_error(conn, err, cert_file)) {
const char *err_name = nss_error_to_name(err);
failf(data, "unable to load client cert: %d (%s)", err, err_name);
}
return rv;
}
@ -562,8 +575,11 @@ static CURLcode cert_stuff(struct connectdata *conn, int sockindex,
/* In case the cert file also has the key */
rv = nss_load_key(conn, sockindex, cert_file);
if(CURLE_OK != rv) {
if(!display_error(conn, PR_GetError(), key_file))
failf(data, "Unable to load client key %d.", PR_GetError());
const PRErrorCode err = PR_GetError();
if(!display_error(conn, err, key_file)) {
const char *err_name = nss_error_to_name(err);
failf(data, "unable to load client key: %d (%s)", err, err_name);
}
return rv;
}
@ -1448,7 +1464,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
if(handle_cc_error(err, data))
curlerr = CURLE_SSL_CERTPROBLEM;
else
infof(data, "NSS error %d\n", err);
infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
if(model)
PR_Close(model);
@ -1484,7 +1500,8 @@ static ssize_t nss_send(struct connectdata *conn, /* connection data */
else if(handle_cc_error(err, conn->data))
*curlcode = CURLE_SSL_CERTPROBLEM;
else {
failf(conn->data, "SSL write: error %d", err);
const char *err_name = nss_error_to_name(err);
failf(conn->data, "SSL write: error %d (%s)", err, err_name);
*curlcode = CURLE_SEND_ERROR;
}
return -1;
@ -1510,7 +1527,8 @@ static ssize_t nss_recv(struct connectdata * conn, /* connection data */
else if(handle_cc_error(err, conn->data))
*curlcode = CURLE_SSL_CERTPROBLEM;
else {
failf(conn->data, "SSL read: errno %d", err);
const char *err_name = nss_error_to_name(err);
failf(conn->data, "SSL read: errno %d (%s)", err, err_name);
*curlcode = CURLE_RECV_ERROR;
}
return -1;