Jan Vcelak authored 12 years ago and Quanah Gibson-Mount committed 12 years ago

Avoid infinite loop if the pin in the password file is wrong.

Jan Vcelak authored 12 years ago and Quanah Gibson-Mount committed 12 years ago

We cannot rely on tc_certificate->slot value, the library will choose
the correct slot itself when needed. Just provide correct pin argument.

Jan Vcelak authored 13 years ago and Quanah Gibson-Mount committed 12 years ago

PEM certificates should not be referenced by nicknames, because the
nicknames are derived from basename of the cerificate file and in
general are not easy-predictable.

The code of Mozilla NSS backend depends on some aspects of PEM module
and tries to guess the nicknames correctly. In some cases the guessing
is wrong.

Howard Chu authored 12 years ago and Quanah Gibson-Mount committed 12 years ago

This reverts commit 9e3af235.

Jan Vcelak authored 12 years ago and Quanah Gibson-Mount committed 12 years ago

The buffer allocated for reading password file has to be initialized
with zeros, or we need to append zero at the end of the file. Otherwise
we might read unitialized memory and consider it to be a password.