pidgin: libpurple/plugins/ssl/ssl-nss.c comparison

comparison libpurple/plugins/ssl/ssl-nss.c @ 27567:199cf148cdf8

Continue verification when we can't find a *cached* peer. Fixes #9664. This should be a fatal condition and not finding a cached certificate is *not* the same as "the certificate changed".

author	Paul Aurich <paul@darkrain42.org>
date	Thu, 16 Jul 2009 02:46:36 +0000
parents	0491bd8a2a60
children	31905a0d1c9d

comparison

equal deleted inserted replaced

-:d677981cf97e
+:199cf148cdf8
 	gchar *rawcert;
 	gsize len = 0;
 	CERTCertificate *crt_dat;
 	PurpleCertificate *crt;
-	g_return_val_if_fail(filename, NULL);
+	g_return_val_if_fail(filename != NULL, NULL);
 	purple_debug_info("nss/x509",
 			  "Loading certificate from %s\n",
 			  filename);
 	/* Load the raw data up */
 	if (!g_file_get_contents(filename,
 				 &rawcert, &len,
 				 NULL)) {
 		purple_debug_error("nss/x509", "Unable to read certificate file.\n");
 		return NULL;
 	}
+	if (len == 0) {
+		purple_debug_error("nss/x509",
+				"Certificate file has no contents!\n");
+		if (rawcert)
+			g_free(rawcert);
+		return NULL;
+	}
 	/* Decode the certificate */
 	crt_dat = CERT_DecodeCertFromPackage(rawcert, len);
 	g_free(rawcert);
-	g_return_val_if_fail(crt_dat, NULL);
+	g_return_val_if_fail(crt_dat != NULL, NULL);
 	crt = g_new0(PurpleCertificate, 1);
 	crt->scheme = &x509_nss;
 	crt->data = crt_dat;
 	return crt;

Mercurial > pidgin

comparison libpurple/plugins/ssl/ssl-nss.c @ 27567:199cf148cdf8