nss: clear session cache if a client cert from file is used
This commit fixes a regression introduced in 052a08ff. NSS caches certs/keys returned by the SSL_GetClientAuthDataHook callback and if we connect second time to the same server, the cached cert/key pair is used. If we use multiple client certificates for different paths on the same server, we need to clear the session cache to force NSS to call the hook again. The commit 052a08ff prevented the session cache from being cleared if a client certificate from file was used. The condition is now fixed to cover both cases: consssl->client_nickname is not NULL if a client certificate from the NSS database is used and connssl->obj_clicert is not NULL if a client certificate from file is used. Review by: Kai Engert
parent
d17f5366
Please register or sign in to comment