added aditional check for the directory specified with SSL_DIR, and fall back to hardcoded directory if not a valid directory.

author: Gunter Knauf <gk@gknw.de> 2009-09-21 22:46:38 +0000
committer: Gunter Knauf <gk@gknw.de> 2009-09-21 22:46:38 +0000
commit: 40027148255c6fc07c7c6edb059020350a513720 (patch)
tree: 03f64a8560788d0107186134fb1a2a18fd429368 /lib
parent: 61ea058d9f9e5c81ce0ebfafcf7a0df4874a80d3 (diff)
1 files changed, 14 insertions, 7 deletions
diff --git a/lib/nss.c b/lib/nss.c
index ae0730479..dbb9a57fa 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -964,16 +964,23 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
   /* FIXME. NSS doesn't support multiple databases open at the same time. */
   PR_Lock(nss_initlock);
   if(!initialized) {
+    struct_stat st;
 
-    certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
+    /* First we check if $SSL_DIR points to a valid dir */
+    certDir = getenv("SSL_DIR");
+    if(certDir) {
+      if((stat(certDir, &st) != 0) ||
+              (!S_ISDIR(st.st_mode))) {
+        certDir = NULL;
+      }
+    }
 
+    /* Now we check if the default location is a valid dir */
     if(!certDir) {
-      struct_stat st;
-
-      if(stat(SSL_DIR, &st) == 0)
-        if(S_ISDIR(st.st_mode)) {
-          certDir = (char *)SSL_DIR;
-        }
+      if((stat(SSL_DIR, &st) == 0) &&
+              (S_ISDIR(st.st_mode))) {
+        certDir = (char *)SSL_DIR;
+      }
     }
 
     if (!NSS_IsInitialized()) {
author	Gunter Knauf <gk@gknw.de>	2009-09-21 22:46:38 +0000
committer	Gunter Knauf <gk@gknw.de>	2009-09-21 22:46:38 +0000
commit	40027148255c6fc07c7c6edb059020350a513720 (patch)
tree	03f64a8560788d0107186134fb1a2a18fd429368 /lib
parent	61ea058d9f9e5c81ce0ebfafcf7a0df4874a80d3 (diff)