From c15acf374d4b25ba5afcb52435da6090f2d98a20 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 10 Dec 2022 09:20:14 +0000 Subject: gentoo auto-resync : 10:12:2022 - 09:20:14 --- .../nss/files/nss-3.87-fix-client-cert-crash.patch | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 dev-libs/nss/files/nss-3.87-fix-client-cert-crash.patch (limited to 'dev-libs/nss/files/nss-3.87-fix-client-cert-crash.patch') diff --git a/dev-libs/nss/files/nss-3.87-fix-client-cert-crash.patch b/dev-libs/nss/files/nss-3.87-fix-client-cert-crash.patch new file mode 100644 index 000000000000..2f8c3b37219b --- /dev/null +++ b/dev-libs/nss/files/nss-3.87-fix-client-cert-crash.patch @@ -0,0 +1,38 @@ +diff --git a/lib/ssl/authcert.c b/lib/ssl/authcert.c +--- a/lib/ssl/authcert.c ++++ b/lib/ssl/authcert.c +@@ -204,10 +204,13 @@ + if (certList == NULL) { + certList = CERT_FindUserCertsByUsage(CERT_GetDefaultCertDB(), + certUsageSSLClient, + PR_FALSE, chosenNickName == NULL, + pw_arg); ++ if (certList == NULL) { ++ return SECFailure; ++ } + /* filter only the certs that meet the nickname requirements */ + if (chosenNickName) { + rv = CERT_FilterCertListByNickname(certList, chosenNickName, + pw_arg); + } else { +@@ -217,17 +220,14 @@ + certUsageSSLClient); + ssl_FreeDistNamesStrings(names, nnames); + } + if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) { + CERT_DestroyCertList(certList); +- certList = NULL; ++ return SECFailure; + } + } +- if (certList == NULL) { +- /* no user certs meeting the nickname/usage requirements found */ +- return SECFailure; +- } ++ + /* now remove any certs that can't meet the connection requirements */ + rv = ssl_FilterClientCertListBySSLSocket(ss, certList); + if ((rv != SECSuccess) || CERT_LIST_EMPTY(certList)) { + // no certs left. + CERT_DestroyCertList(certList); + -- cgit v1.2.3