Hello,
ne_ssl_context_trustcert does not check for NULL before using the
context pointer which causes a segfault if ne_ssl_trust_cert() is called
on a ne_session that is initialized with http as scheme.
Sincerely yours, Henrik Holst, Renderplanet AB
Index: ne_openssl.c
===================================================================
--- ne_openssl.c (revision 1222)
+++ ne_openssl.c (working copy)
@@ -715,6 +715,9 @@
void ne_ssl_context_trustcert(ne_ssl_context *ctx, const
ne_ssl_certificate *cert)
{
+ if (ctx == NULL)
+ return;
+
X509_STORE *store = SSL_CTX_get_cert_store(ctx->ctx);
X509_STORE_add_cert(store, cert->subject);
_______________________________________________
neon mailing list
[email protected]
http://mailman.webdav.org/mailman/listinfo/neon
