Loading lib/nss.c +17 −14 Original line number Diff line number Diff line Loading @@ -548,7 +548,7 @@ static SECStatus nss_Init_Tokens(struct connectdata * conn) return status; } static SECStatus BadCertHandler(void *arg, PRFileDesc * socket) static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) { SECStatus success = SECSuccess; struct connectdata *conn = (struct connectdata *)arg; Loading @@ -560,7 +560,7 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc * socket) return success; conn->data->set.ssl.certverifyresult=err; cert = SSL_PeerCertificate(socket); cert = SSL_PeerCertificate(sock); subject = CERT_NameToAscii(&cert->subject); issuer = CERT_NameToAscii(&cert->issuer); CERT_DestroyCertificate(cert); Loading Loading @@ -606,14 +606,14 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc * socket) /** * Inform the application that the handshake is complete. */ static SECStatus HandshakeCallback(PRFileDesc * socket, void *arg) static SECStatus HandshakeCallback(PRFileDesc *sock, void *arg) { (void)socket; (void)sock; (void)arg; return SECSuccess; } static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) static void display_conn_info(struct connectdata *conn, PRFileDesc *sock) { SSLChannelInfo channel; SSLCipherSuiteInfo suite; Loading @@ -623,7 +623,7 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) char timeString[256]; PRTime notBefore, notAfter; if (SSL_GetChannelInfo(socket, &channel, sizeof channel) == if (SSL_GetChannelInfo(sock, &channel, sizeof channel) == SECSuccess && channel.length == sizeof channel && channel.cipherSuite) { if (SSL_GetCipherSuiteInfo(channel.cipherSuite, Loading @@ -634,7 +634,7 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) infof(conn->data, "Server certificate:\n"); cert = SSL_PeerCertificate(socket); cert = SSL_PeerCertificate(sock); subject = CERT_NameToAscii(&cert->subject); issuer = CERT_NameToAscii(&cert->issuer); common_name = CERT_GetCommonName(&cert->subject); Loading Loading @@ -663,7 +663,7 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) * * Callback to pick the SSL client certificate. */ static SECStatus SelectClientCert(void *arg, PRFileDesc * socket, static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, struct CERTDistNamesStr *caNames, struct CERTCertificateStr **pRetCert, struct SECKEYPrivateKeyStr **pRetKey) Loading @@ -676,7 +676,7 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc * socket, PK11SlotInfo *slot; (void)caNames; proto_win = SSL_RevealPinArg(socket); proto_win = SSL_RevealPinArg(sock); if (!nickname) return secStatus; Loading Loading @@ -800,7 +800,9 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex) curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; SECStatus rv; #ifdef HAVE_PK11_CREATEGENERICOBJECT char *configstring = NULL; #endif char *certDir = NULL; int curlerr; Loading Loading @@ -925,7 +927,7 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex) } if (S_ISDIR(st.st_mode)) { int rv; int rc; dir = PR_OpenDir(data->set.ssl.CApath); do { Loading @@ -936,7 +938,8 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex) snprintf(fullpath, sizeof(fullpath), "%s/%s", data->set.ssl.CApath, entry->name); rv = nss_load_cert(fullpath, PR_TRUE); rc = nss_load_cert(fullpath, PR_TRUE); /* FIXME: check this return value! */ } /* This is purposefully tolerant of errors so non-PEM files * can be in the same directory */ Loading Loading
lib/nss.c +17 −14 Original line number Diff line number Diff line Loading @@ -548,7 +548,7 @@ static SECStatus nss_Init_Tokens(struct connectdata * conn) return status; } static SECStatus BadCertHandler(void *arg, PRFileDesc * socket) static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) { SECStatus success = SECSuccess; struct connectdata *conn = (struct connectdata *)arg; Loading @@ -560,7 +560,7 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc * socket) return success; conn->data->set.ssl.certverifyresult=err; cert = SSL_PeerCertificate(socket); cert = SSL_PeerCertificate(sock); subject = CERT_NameToAscii(&cert->subject); issuer = CERT_NameToAscii(&cert->issuer); CERT_DestroyCertificate(cert); Loading Loading @@ -606,14 +606,14 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc * socket) /** * Inform the application that the handshake is complete. */ static SECStatus HandshakeCallback(PRFileDesc * socket, void *arg) static SECStatus HandshakeCallback(PRFileDesc *sock, void *arg) { (void)socket; (void)sock; (void)arg; return SECSuccess; } static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) static void display_conn_info(struct connectdata *conn, PRFileDesc *sock) { SSLChannelInfo channel; SSLCipherSuiteInfo suite; Loading @@ -623,7 +623,7 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) char timeString[256]; PRTime notBefore, notAfter; if (SSL_GetChannelInfo(socket, &channel, sizeof channel) == if (SSL_GetChannelInfo(sock, &channel, sizeof channel) == SECSuccess && channel.length == sizeof channel && channel.cipherSuite) { if (SSL_GetCipherSuiteInfo(channel.cipherSuite, Loading @@ -634,7 +634,7 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) infof(conn->data, "Server certificate:\n"); cert = SSL_PeerCertificate(socket); cert = SSL_PeerCertificate(sock); subject = CERT_NameToAscii(&cert->subject); issuer = CERT_NameToAscii(&cert->issuer); common_name = CERT_GetCommonName(&cert->subject); Loading Loading @@ -663,7 +663,7 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc * socket) * * Callback to pick the SSL client certificate. */ static SECStatus SelectClientCert(void *arg, PRFileDesc * socket, static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, struct CERTDistNamesStr *caNames, struct CERTCertificateStr **pRetCert, struct SECKEYPrivateKeyStr **pRetKey) Loading @@ -676,7 +676,7 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc * socket, PK11SlotInfo *slot; (void)caNames; proto_win = SSL_RevealPinArg(socket); proto_win = SSL_RevealPinArg(sock); if (!nickname) return secStatus; Loading Loading @@ -800,7 +800,9 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex) curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; SECStatus rv; #ifdef HAVE_PK11_CREATEGENERICOBJECT char *configstring = NULL; #endif char *certDir = NULL; int curlerr; Loading Loading @@ -925,7 +927,7 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex) } if (S_ISDIR(st.st_mode)) { int rv; int rc; dir = PR_OpenDir(data->set.ssl.CApath); do { Loading @@ -936,7 +938,8 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex) snprintf(fullpath, sizeof(fullpath), "%s/%s", data->set.ssl.CApath, entry->name); rv = nss_load_cert(fullpath, PR_TRUE); rc = nss_load_cert(fullpath, PR_TRUE); /* FIXME: check this return value! */ } /* This is purposefully tolerant of errors so non-PEM files * can be in the same directory */ Loading
