Mercurial > pidgin.yaz
changeset 20831:09b06f6769ee
Prevent leakage of the cert returned by SSL_PeerCertificate(), and prevent allocation since it isn't used currently anyway. Also prevent an assertion when reading a cert file - there are a number of places where g_return_* are misused here that need to be cleaned up.
author | Daniel Atallah <daniel.atallah@gmail.com> |
---|---|
date | Mon, 08 Oct 2007 14:45:01 +0000 |
parents | 3e4c4a33ea35 |
children | c6f601a8eeba |
files | libpurple/plugins/ssl/ssl-nss.c |
diffstat | 1 files changed, 11 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/plugins/ssl/ssl-nss.c Mon Oct 08 14:26:41 2007 +0000 +++ b/libpurple/plugins/ssl/ssl-nss.c Mon Oct 08 14:45:01 2007 +0000 @@ -386,6 +386,7 @@ static GList * ssl_nss_peer_certs(PurpleSslConnection *gsc) { +#if 0 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc); CERTCertificate *cert; /* @@ -397,6 +398,10 @@ /* TODO: this is a blind guess */ cert = SSL_PeerCertificate(nss_data->fd); + if (cert) + CERT_DestroyCertificate(cert); +#endif + return NULL; @@ -430,11 +435,12 @@ filename); /* Load the raw data up */ - g_return_val_if_fail( - g_file_get_contents(filename, - &rawcert, &len, - NULL ), - NULL); + if (!g_file_get_contents(filename, + &rawcert, &len, + NULL)) { + purple_debug_error("nss/x509", "Unable to read certificate file.\n"); + return NULL; + } /* Decode the certificate */ crt_dat = CERT_DecodeCertFromPackage(rawcert, len);