diff options
| -rw-r--r-- | lib/vtls/nss.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 3613b4042..afe498b1a 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -439,7 +439,7 @@ static SECStatus nss_cache_crl(SECItem *crlDER) /* CRL already cached */ SEC_DestroyCrl(crl); SECITEM_FreeItem(crlDER, PR_FALSE); - return SECSuccess; + return CURLE_SSL_CRL_BADFILE; } /* acquire lock before call of CERT_CacheCRL() */ @@ -448,16 +448,16 @@ static SECStatus nss_cache_crl(SECItem *crlDER) /* unable to cache CRL */ PR_Unlock(nss_crllock); SECITEM_FreeItem(crlDER, PR_FALSE); - return SECFailure; + return CURLE_SSL_CRL_BADFILE; } /* we need to clear session cache, so that the CRL could take effect */ SSL_ClearSessionCache(); PR_Unlock(nss_crllock); - return SECSuccess; + return CURLE_OK; } -static SECStatus nss_load_crl(const char* crlfilename) +static CURLcode nss_load_crl(const char* crlfilename) { PRFileDesc *infile; PRFileInfo info; @@ -467,7 +467,7 @@ static SECStatus nss_load_crl(const char* crlfilename) infile = PR_Open(crlfilename, PR_RDONLY, 0); if(!infile) - return SECFailure; + return CURLE_SSL_CRL_BADFILE; if(PR_SUCCESS != PR_GetOpenFileInfo(infile, &info)) goto fail; @@ -513,7 +513,7 @@ static SECStatus nss_load_crl(const char* crlfilename) fail: PR_Close(infile); SECITEM_FreeItem(&filedata, PR_FALSE); - return SECFailure; + return CURLE_SSL_CRL_BADFILE; } static CURLcode nss_load_key(struct connectdata *conn, int sockindex, @@ -1564,13 +1564,12 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) } if(data->set.ssl.CRLfile) { - if(SECSuccess != nss_load_crl(data->set.ssl.CRLfile)) { - curlerr = CURLE_SSL_CRL_BADFILE; + const CURLcode rv = nss_load_crl(data->set.ssl.CRLfile); + if(CURLE_OK != rv) { + curlerr = rv; goto error; } - infof(data, - " CRLfile: %s\n", - data->set.ssl.CRLfile ? data->set.ssl.CRLfile : "none"); + infof(data, " CRLfile: %s\n", data->set.ssl.CRLfile); } if(data->set.str[STRING_CERT]) { |