check_issuer_cert() now builds and there's one warning less. Still one compiler

warning in the code though but we need NSS' base64.h header for that and we
don't currently have a suitable way to include it as our own base64.h header
kind of "blocks" it.

diff --git a/lib/nss.c b/lib/nss.c
index 62fd191d81fa2af5b33a65a871f7da6202ea9a53..fcdda04922f93a88cf6485436da198b269a10b93 100644 (file)
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -62,6 +62,7 @@
 #include <prio.h>
 #include <secitem.h>
 #include <secport.h>
+#include <certdb.h>
 
 #include "memory.h"
 #include "easyif.h" /* for Curl_convert_from_utf8 prototype */
@@ -766,7 +767,8 @@ static SECStatus check_issuer_cert(struct connectdata *conn,
 
   if ((!cert_issuer) || (!issuer))
     res = SECFailure;
-  else if (CERT_CompareCerts(cert_issuer,issuer)==PR_FALSE)
+  else if (SECITEM_CompareItem(&cert_issuer->derCert,
+                               &issuer->derCert)!=SECEqual)
     res = SECFailure;
 
   CERT_DestroyCertificate(cert);