diff options
author | Brian Smith <brian@briansmith.org> | 2013-10-11 01:41:13 -0700 |
---|---|---|
committer | Brian Smith <brian@briansmith.org> | 2013-10-11 01:41:13 -0700 |
commit | 50dae5480dad5d0c26a3bc95ec083fbda98b4846 (patch) | |
tree | 2af92e2ca7946f442db76331dca02556611749c1 /lib/certhigh | |
parent | ab3d8596f260a69c7e2d386dc6f3b33b8c5b6cdf (diff) | |
download | nss-hg-50dae5480dad5d0c26a3bc95ec083fbda98b4846.tar.gz |
Bug 910438: Have CERT_VerifyCert return the correct result when certificate verification fails and a verifyLog is not used, r=briansmith, r=rrelyea
Diffstat (limited to 'lib/certhigh')
-rw-r--r-- | lib/certhigh/certvfy.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/certhigh/certvfy.c b/lib/certhigh/certvfy.c index f364ceb5f..fbed385ee 100644 --- a/lib/certhigh/certvfy.c +++ b/lib/certhigh/certvfy.c @@ -1312,7 +1312,7 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert, PORT_SetError(SEC_ERROR_UNTRUSTED_CERT); LOG_ERROR_OR_EXIT(log,cert,0,flags); } else if (trusted) { - goto winner; + goto done; } @@ -1340,7 +1340,10 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert, } } -winner: +done: + if (log && log->head) { + return SECFailure; + } return(SECSuccess); loser: |