From 40027148255c6fc07c7c6edb059020350a513720 Mon Sep 17 00:00:00 2001
From: Gunter Knauf <gk@gknw.de>
Date: Mon, 21 Sep 2009 22:46:38 +0000
Subject: added aditional check for the directory specified with SSL_DIR, and
 fall back to hardcoded directory if not a valid directory.

---
 lib/nss.c | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/lib/nss.c b/lib/nss.c
index ae0730479..dbb9a57fa 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -964,16 +964,23 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
   /* FIXME. NSS doesn't support multiple databases open at the same time. */
   PR_Lock(nss_initlock);
   if(!initialized) {
+    struct_stat st;
 
-    certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
+    /* First we check if $SSL_DIR points to a valid dir */
+    certDir = getenv("SSL_DIR");
+    if(certDir) {
+      if((stat(certDir, &st) != 0) ||
+              (!S_ISDIR(st.st_mode))) {
+        certDir = NULL;
+      }
+    }
 
+    /* Now we check if the default location is a valid dir */
     if(!certDir) {
-      struct_stat st;
-
-      if(stat(SSL_DIR, &st) == 0)
-        if(S_ISDIR(st.st_mode)) {
-          certDir = (char *)SSL_DIR;
-        }
+      if((stat(SSL_DIR, &st) == 0) &&
+              (S_ISDIR(st.st_mode))) {
+        certDir = (char *)SSL_DIR;
+      }
     }
 
     if (!NSS_IsInitialized()) {
-- 
cgit v1.2.3