Camel: Allow SSL certificate resave and use detailed errors from SSL stream

diff --git a/camel/camel-tcp-stream-raw.c b/camel/camel-tcp-stream-raw.c
index 356f425..059106d 100644 (file)
--- a/camel/camel-tcp-stream-raw.c
+++ b/camel/camel-tcp-stream-raw.c
@@ -273,8 +273,8 @@ _set_g_error_from_errno (GError **error,
                        "%s", g_strerror (errn));
 }
 
-static void
-tcp_stream_set_error_from_pr_error (GError **error)
+void
+_set_error_from_pr_error (GError **error)
 {
        gchar *error_message = NULL;
        PRInt32 length;
@@ -339,7 +339,7 @@ read_from_prfd (PRFileDesc *fd,
                return -1;
 
        if (bytes_read == -1) {
-               tcp_stream_set_error_from_pr_error (error);
+               _set_error_from_pr_error (error);
                return -1;
        }
 
@@ -393,7 +393,7 @@ write_to_prfd (PRFileDesc *fd,
                return -1;
 
        if (bytes_written == -1) {
-               tcp_stream_set_error_from_pr_error (error);
+               _set_error_from_pr_error (error);
                return -1;
        }
 
@@ -534,7 +534,7 @@ socket_connect (struct addrinfo *host,
                goto fail;
 
        if (status == PR_FAILURE) {
-               tcp_stream_set_error_from_pr_error (error);
+               _set_error_from_pr_error (error);
                goto fail;
        }
 

diff --git a/camel/camel-tcp-stream-raw.h b/camel/camel-tcp-stream-raw.h
index f12acda..c23cfe3 100644 (file)
--- a/camel/camel-tcp-stream-raw.h
+++ b/camel/camel-tcp-stream-raw.h
@@ -91,6 +91,7 @@ void _camel_tcp_stream_raw_replace_file_desc (CamelTcpStreamRaw *raw, PRFileDesc
 
 void _set_errno_from_pr_error (gint pr_code);
 void _set_g_error_from_errno (GError **error, gboolean eintr_means_cancelled);
+void _set_error_from_pr_error (GError **error);
 
 G_END_DECLS
 

diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index 45dfa61..8c57ae7 100644 (file)
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -332,8 +332,9 @@ camel_certdb_nss_cert_get (CamelCertDB *certdb,
                                filename, error ? error->message : "Unknown error");
                        g_clear_error (&error);
 
-                       camel_cert_set_trust (
-                               certdb, ccert, CAMEL_CERT_TRUST_UNKNOWN);
+                       /* failed to load the certificate, thus remove it from
+                          the CertDB, thus it can be re-added and properly saved */
+                       camel_certdb_remove_host (certdb, hostname);
                        camel_certdb_touch (certdb);
                        g_free (fingerprint);
                        g_free (filename);
@@ -786,8 +787,7 @@ rehandshake_ssl (PRFileDesc *fd,
                status = SECFailure;
 
        } else if (status == SECFailure) {
-               _set_errno_from_pr_error (PR_GetError ());
-               _set_g_error_from_errno (error, FALSE);
+               _set_error_from_pr_error (error);
        }
 
        return (status == SECSuccess);
@@ -942,8 +942,7 @@ camel_tcp_stream_ssl_enable_ssl (CamelTcpStreamSSL *ssl,
 
        if (fd && !ssl->priv->ssl_mode) {
                if (!(ssl_fd = enable_ssl (ssl, fd))) {
-                       _set_errno_from_pr_error (PR_GetError ());
-                       _set_g_error_from_errno (error, FALSE);
+                       _set_error_from_pr_error (error);
                        return -1;
                }