Fix Android keystore support for older keystore_get.h

This is an "inline" function, in the header file. So it's about the build
environment you use for building openconnect, not the runtime environment.

It was fixed by the following commit in android/frameworks/base:

commit c741a2fe41ea33fc386a4d5b932cc081aa92a18c
Author: Chia-chi Yeh <chiachi@android.com>
Date:   Thu Sep 30 15:17:58 2010 +0800

    KeyStore: Fix the return value when send() or recv() has an error.

    Change-Id: I20a63c76bd29b1a9f8959a6c4fe5a5b8a9a971b4

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/openssl.c b/openssl.c
index a03b20e6dfd374a1652a56afcb50754e2c9c88a7..0787d338c2dd315bd44fceec0b58a56d3fb13b88 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -614,8 +614,12 @@ static BIO *BIO_from_keystore(struct openconnect_info *vpninfo, const char *item
                p++;
        if (*p == '/')
                p++;
+       /* Old versions of keystore_get.h will return the input length
+          instead of an error, in some circumstances. So check the
+          content actually changes, too. */
+       content[0] = 0;
        len = keystore_get(p, strlen(p), content);
-       if (len < 0) {
+       if (len < 0 || content[0] == 0) {
                vpn_progress(vpninfo, PRG_ERR,
                             _("Failed to lead item '%s' from keystore\n"),
                             p);