From 9e37a7f9a5cd141c717aa0262e8dee7713c25200 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 8 Oct 2014 17:13:59 +0200
Subject: nss: do not fail if a CRL is already cached

This fixes a copy-paste mistake from commit 2968f957.
---
 RELEASE-NOTES  | 1 +
 lib/vtls/nss.c | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 827876137..c62ecb662 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -22,6 +22,7 @@ This release includes the following bugfixes:
  o configure: allow --with-ca-path with PolarSSL too
  o HTTP/2: Fix busy loop when EOF is encountered
  o CURLOPT_CAPATH: return failure if set without backend support
+ o nss: do not fail if a CRL is already cached
 
 This release includes the following known bugs:
 
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 83b3e3237..c84938fa4 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -448,7 +448,7 @@ static CURLcode nss_cache_crl(SECItem *crl_der)
     /* CRL already cached */
     SEC_DestroyCrl(crl);
     SECITEM_FreeItem(crl_der, PR_TRUE);
-    return CURLE_SSL_CRL_BADFILE;
+    return CURLE_OK;
   }
 
   /* acquire lock before call of CERT_CacheCRL() and accessing nss_crl_list */
-- 
cgit v1.2.3