From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 8 Oct 2014 15:13:59 +0000 (+0200)
Subject: nss: do not fail if a CRL is already cached
X-Git-Tag: curl-7_39_0~165
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9e37a7f9a5cd141c717aa0262e8dee7713c25200;p=curl

nss: do not fail if a CRL is already cached

This fixes a copy-paste mistake from commit 2968f957.
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 827876137..c62ecb662 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -22,6 +22,7 @@ This release includes the following bugfixes:
  o configure: allow --with-ca-path with PolarSSL too
  o HTTP/2: Fix busy loop when EOF is encountered
  o CURLOPT_CAPATH: return failure if set without backend support
+ o nss: do not fail if a CRL is already cached
 
 This release includes the following known bugs:
 
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 83b3e3237..c84938fa4 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -448,7 +448,7 @@ static CURLcode nss_cache_crl(SECItem *crl_der)
     /* CRL already cached */
     SEC_DestroyCrl(crl);
     SECITEM_FreeItem(crl_der, PR_TRUE);
-    return CURLE_SSL_CRL_BADFILE;
+    return CURLE_OK;
   }
 
   /* acquire lock before call of CERT_CacheCRL() and accessing nss_crl_list */