From 1927493de2e516969ec06d467813d5bb4cf704b5 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Wed, 1 Jun 2011 10:41:09 -0400
Subject: [PATCH 120/150] - don't call tempnam() more than TMP_MAX times

---
 src/plugins/preauth/pkinit/pkinit_crypto_nss.c |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
index 8b25aa7..f3dd62b 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
@@ -698,11 +698,14 @@ static PK11SlotInfo *
 crypto_get_p12_slot(struct _pkinit_identity_crypto_context *id)
 {
 	char *configdir, *spec;
+	int attempts;
 	if (id->id_p12_slot == NULL) {
 		configdir = DEFAULT_CONFIGDIR;
 #ifdef PKCS12_HACK
 		/* Figure out where to put the temporary userdb. */
-		while ((spec = tempnam(NULL, "pk12-")) != NULL) {
+		attempts = 0;
+		while ((attempts < TMP_MAX) &&
+		       (spec = tempnam(NULL, "pk12-")) != NULL) {
 			if (spec != NULL) {
 				if (mkdir(spec, S_IRWXU) == 0) {
 					configdir = spec;
@@ -713,6 +716,7 @@ crypto_get_p12_slot(struct _pkinit_identity_crypto_context *id)
 						break;
 					}
 				}
+				attempts++;
 			}
 		}
 #endif
-- 
1.7.6.4