create_client_ssl_connection(): Don't keep the certificate lock longer than necessary
[privoxy.git] / ssl.c
diff --git a/ssl.c b/ssl.c
index afd9af4..0df7333 100644 (file)
--- a/ssl.c
+++ b/ssl.c
@@ -325,17 +325,16 @@ extern int create_client_ssl_connection(struct client_state *csp)
     * certificate and key inconsistence must be locked.
     */
    privoxy_mutex_lock(&certificate_mutex);
-
    ret = generate_host_certificate(csp);
+   privoxy_mutex_unlock(&certificate_mutex);
+
    if (ret < 0)
    {
       log_error(LOG_LEVEL_ERROR,
          "generate_host_certificate failed: %d", ret);
-      privoxy_mutex_unlock(&certificate_mutex);
       ret = -1;
       goto exit;
    }
-   privoxy_mutex_unlock(&certificate_mutex);
 
    /*
     * Seed the RNG