aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Gustafsson <daniel@yesql.se>2019-07-12 16:13:31 +0200
committerJay Satiro <raysatiro@yahoo.com>2019-07-17 00:52:24 -0400
commite5b371dc51cb957984a0a2cbfe698f41876debed (patch)
tree3958bf97b028b213defd8e4063e9b64af5c530dc
parentc7f3c073f4821ed70281c4867b796cb3522dc6e0 (diff)
nss: inspect returnvalue of token check
PK11_IsPresent() checks for the token for the given slot is available, and sets needlogin flags for the PK11_Authenticate() call. Should it return false, we should however treat it as an error and bail out. Closes https://github.com/curl/curl/pull/4110
-rw-r--r--lib/vtls/nss.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 85b851ff8..482fd5e99 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -691,7 +691,10 @@ static CURLcode nss_load_key(struct connectdata *conn, int sockindex,
tmp = SECMOD_WaitForAnyTokenEvent(pem_module, 0, 0);
if(tmp)
PK11_FreeSlot(tmp);
- PK11_IsPresent(slot);
+ if(!PK11_IsPresent(slot)) {
+ PK11_FreeSlot(slot);
+ return CURLE_SSL_CERTPROBLEM;
+ }
status = PK11_Authenticate(slot, PR_TRUE, SSL_SET_OPTION(key_passwd));
PK11_FreeSlot(slot);