From 365f2a3f76d05cf3f2f7d547eae400cbad769025 Mon Sep 17 00:00:00 2001
From: cantor <cantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
Date: Thu, 7 Jun 2007 00:09:53 +0000
Subject: [PATCH] Prevent attach execution with empty key filename.

git-svn-id: https://svn.middleware.georgetown.edu/cpp-xmltooling/trunk@339 de75baf8-a10c-0410-a50a-987c0e22f00f
---
 xmltooling/security/impl/FilesystemCredentialResolver.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/xmltooling/security/impl/FilesystemCredentialResolver.cpp b/xmltooling/security/impl/FilesystemCredentialResolver.cpp
index efc7436..b7cff3f 100644
--- a/xmltooling/security/impl/FilesystemCredentialResolver.cpp
+++ b/xmltooling/security/impl/FilesystemCredentialResolver.cpp
@@ -549,7 +549,10 @@ void FilesystemCredentialResolver::attach(SSL_CTX* ctx) const
 #ifdef _DEBUG
     NDC ndc("attach");
 #endif
-    
+
+    if (m_keypath.empty())
+        throw XMLSecurityException("No key available, unable to attach private key to SSL context.");
+
     // Attach key.
     SSL_CTX_set_default_passwd_cb(ctx, passwd_callback);
     SSL_CTX_set_default_passwd_cb_userdata(ctx, const_cast<char*>(m_keypass.c_str()));
-- 
2.1.4