mirror of
https://github.com/moparisthebest/curl
synced 2024-12-25 01:28:51 -05:00
nss: try to connect even if libnssckbi.so fails to load
One can still use CA certificates stored in NSS database. Reported-by: Maxime Legros Bug: https://curl.haxx.se/mail/lib-2018-09/0077.html Closes #3016
This commit is contained in:
parent
522e647cc5
commit
eb0b3acbc1
@ -1578,8 +1578,9 @@ static CURLcode nss_load_ca_certificates(struct connectdata *conn,
|
|||||||
infof(data, "%s %s\n", (result) ? "failed to load" : "loaded",
|
infof(data, "%s %s\n", (result) ? "failed to load" : "loaded",
|
||||||
trust_library);
|
trust_library);
|
||||||
if(result == CURLE_FAILED_INIT)
|
if(result == CURLE_FAILED_INIT)
|
||||||
/* make the error non-fatal if we are not going to verify peer */
|
/* If libnssckbi.so is not available (or fails to load), one can still
|
||||||
result = CURLE_SSL_CACERT_BADFILE;
|
use CA certificates stored in NSS database. Ignore the failure. */
|
||||||
|
result = CURLE_OK;
|
||||||
}
|
}
|
||||||
else if(!use_trust_module && trust_module) {
|
else if(!use_trust_module && trust_module) {
|
||||||
/* libnssckbi.so not needed but already loaded --> unload it! */
|
/* libnssckbi.so not needed but already loaded --> unload it! */
|
||||||
|
Loading…
Reference in New Issue
Block a user