im.pidgin.pidgin: 0822c640f22b63d7bc8992e62b80bccd1eea12a2
datallah at pidgin.im
datallah at pidgin.im
Mon Oct 8 11:15:44 EDT 2007
revision: 0822c640f22b63d7bc8992e62b80bccd1eea12a2
date: 2007-10-08T14:45:01
author: datallah at pidgin.im
branch: im.pidgin.pidgin
changelog:
Prevent leakage of the cert returned by SSL_PeerCertificate(), and prevent allocation since it isn't used currently anyway. Also prevent an assertion when reading a cert file - there are a number of places where g_return_* are misused here that need to be cleaned up.
manifest:
format_version "1"
new_manifest [07de1718efe8565cd4ecaf61a422272c86a37118]
old_revision [83dfe33f2a0bc4a70f870e1fc108bc08f7ede506]
patch "libpurple/plugins/ssl/ssl-nss.c"
from [8f2ac7cf0a8ebce37f710d7aa36c4f6a712ecbff]
to [3ae0c5446991c81bafe075c62230ac3849a8d532]
-------------- next part --------------
============================================================
--- libpurple/plugins/ssl/ssl-nss.c 8f2ac7cf0a8ebce37f710d7aa36c4f6a712ecbff
+++ libpurple/plugins/ssl/ssl-nss.c 3ae0c5446991c81bafe075c62230ac3849a8d532
@@ -386,6 +386,7 @@ ssl_nss_peer_certs(PurpleSslConnection *
static GList *
ssl_nss_peer_certs(PurpleSslConnection *gsc)
{
+#if 0
PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
CERTCertificate *cert;
/*
@@ -397,6 +398,10 @@ ssl_nss_peer_certs(PurpleSslConnection *
/* TODO: this is a blind guess */
cert = SSL_PeerCertificate(nss_data->fd);
+ if (cert)
+ CERT_DestroyCertificate(cert);
+#endif
+
return NULL;
@@ -430,11 +435,12 @@ x509_import_from_file(const gchar *filen
filename);
/* Load the raw data up */
- g_return_val_if_fail(
- g_file_get_contents(filename,
- &rawcert, &len,
- NULL ),
- NULL);
+ if (!g_file_get_contents(filename,
+ &rawcert, &len,
+ NULL)) {
+ purple_debug_error("nss/x509", "Unable to read certificate file.\n");
+ return NULL;
+ }
/* Decode the certificate */
crt_dat = CERT_DecodeCertFromPackage(rawcert, len);
More information about the Commits
mailing list