mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

b=129067 Deleted certs still appear in Cert Manager. 

r=javi sr=alecf
This commit is contained in:
kaie%netscape.com 2002-05-16 04:03:19 +00:00
Родитель 6d4667a84a
Коммит 1a9df62b37
7 изменённых файлов: 153 добавлений и 33 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

69
security/manager/pki/resources/content/certManager.js
Просмотреть файл

@ -37,6 +37,7 @@ const nsPKIParamBlock = "@mozilla.org/security/pkiparamblock;1";
var key;
var selected_certs = [];
var selected_cert_index = [];
var certdb;
var caTreeView;
@ -92,14 +93,6 @@ function LoadCerts()
verifiedCol.setAttribute('label', verifiedColText);
}
function ReloadCerts()
{
caTreeView.loadCerts(nsIX509Cert.CA_CERT);
serverTreeView.loadCerts(nsIX509Cert.SERVER_CERT);
emailTreeView.loadCerts(nsIX509Cert.EMAIL_CERT);
userTreeView.loadCerts(nsIX509Cert.USER_CERT);
}
function getSelectedTab()
{
var selTab = document.getElementById('certMgrTabbox').selectedItem;
@ -160,8 +153,11 @@ function getSelectedCerts()
} else if (websites_tab.selected) {
cert = serverTreeView.getCert(j);
}
if (cert)
selected_certs[selected_certs.length] = cert;
if (cert) {
var sc = selected_certs.length;
selected_certs[sc] = cert;
selected_cert_index[sc] = j;
}
}
}
}
@ -252,6 +248,8 @@ function backupCerts()
{
getSelectedCerts();
var numcerts = selected_certs.length;
if (!numcerts)
return;
var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
var fp = Components.classes[nsFilePicker].createInstance(nsIFilePicker);
fp.init(window,
@ -277,6 +275,8 @@ function editCerts()
{
getSelectedCerts();
var numcerts = selected_certs.length;
if (!numcerts)
return;
for (var t=0; t<numcerts; t++) {
var cert = selected_certs[t];
var certkey = cert.dbKey;
@ -305,18 +305,21 @@ function restoreCerts()
certdb.importPKCS12File(null, fp.file);
}
userTreeView.loadCerts(nsIX509Cert.USER_CERT);
userTreeView.selection.clearSelection();
}
function deleteCerts()
{
getSelectedCerts();
var numcerts = selected_certs.length;
if (!numcerts)
return;
var params = Components.classes[nsDialogParamBlock].createInstance(nsIDialogParamBlock);
var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
var selTab = document.getElementById('certMgrTabbox').selectedItem;
var selTabID = selTab.getAttribute('id');
var numcerts = selected_certs.length;
params.SetNumberStrings(numcerts+1);
@ -347,16 +350,56 @@ function deleteCerts()
var cert = selected_certs[t];
params.SetString(t+1, cert.dbKey);
}
// The dialog will modify the params.
// Every param item where the corresponding cert could get deleted,
// will still contain the db key.
// Certs which could not get deleted, will have their corrensponding
// param string erased.
window.openDialog('chrome://pippki/content/deletecert.xul', "",
'chrome,resizable=1,modal',params);
ReloadCerts();
if (params.GetInt(1) == 1) {
// user closed dialog with OK
var treeView = null;
var loadParam = null;
var selTab = document.getElementById('certMgrTabbox').selectedItem;
var selTabID = selTab.getAttribute('id');
if (selTabID == 'mine_tab') {
treeView = userTreeView;
loadParam = nsIX509Cert.USER_CERT;
} else if (selTabID == "others_tab") {
treeView = emailTreeView;
loadParam = nsIX509Cert.EMAIL_CERT;
} else if (selTabID == "websites_tab") {
treeView = serverTreeView;
loadParam = nsIX509Cert.SERVER_CERT;
} else if (selTabID == "ca_tab") {
treeView = caTreeView;
loadParam = nsIX509Cert.CA_CERT;
}
for (var t=numcerts-1; t>=0; t--)
{
var s = params.GetString(t+1);
if (s.length) {
// This cert was deleted.
treeView.removeCert(selected_cert_index[t]);
}
}
treeView.selection.clearSelection();
}
}
function viewCerts()
{
getSelectedCerts();
var numcerts = selected_certs.length;
if (!numcerts)
return;
var numcerts = selected_certs.length;
for (var t=0; t<numcerts; t++) {
selected_certs[t].view();

36
security/manager/pki/resources/content/deletecert.js
Просмотреть файл

@ -29,20 +29,21 @@ const nsIDialogParamBlock = Components.interfaces.nsIDialogParamBlock;
var certdb;
var certs = [];
var helpUrl;
var gParams;
function setWindowName()
{
var params = window.arguments[0].QueryInterface(nsIDialogParamBlock);
gParams = window.arguments[0].QueryInterface(nsIDialogParamBlock);
// Get the cert from the cert database
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
var typeFlag = params.GetString(0);
var numberOfCerts = params.GetInt(0);
var typeFlag = gParams.GetString(0);
var numberOfCerts = gParams.GetInt(0);
var dbkey;
for(var x=0; x<numberOfCerts;x++)
{
dbkey = params.GetString(x+1);
dbkey = gParams.GetString(x+1);
certs[x] = certdb.getCertByDBKey(dbkey , null);
}
@ -94,6 +95,8 @@ function setWindowName()
var text;
for(x=0;x<certs.length;x++)
{
if (!certs[x])
continue;
text = document.createElement("text");
text.setAttribute("value",certs[x].commonName);
box.appendChild(text);
@ -105,10 +108,33 @@ function setWindowName()
function doOK()
{
// On returning our param list will contain keys of those certs that were deleted.
// It will contain empty strings for those certs that are still alive.
for(var i=0;i<certs.length;i++)
{
certdb.deleteCertificate(certs[i]);
if (certs[i]) {
try {
certdb.deleteCertificate(certs[i]);
}
catch (e) {
gParams.SetString(i+1, "");
}
certs[i] = null;
}
}
gParams.SetInt(1, 1); // means OK
window.close();
}
function doCancel()
{
var numberOfCerts = gParams.GetInt(0);
for(var x=0; x<numberOfCerts;x++)
{
gParams.SetString(x+1, "");
}
gParams.SetInt(1, 0); // means CANCEL
window.close();
}

2
security/manager/pki/resources/content/deletecert.xul
Просмотреть файл

@ -53,7 +53,7 @@
<button id="ok-button" label="&certmgr.ok.label;"
oncommand="doOK();"/>
<button id="cancel-button" label="&certmgr.cancel.label;"
oncommand="window.close();"/>
oncommand="doCancel();"/>
<button id="help-button" label="&certmgr.help.label;"
oncommand="doHelp();"/>
</hbox>

3
security/manager/ssl/public/nsICertTree.idl
Просмотреть файл

@ -43,7 +43,8 @@ interface nsICertTree : nsITreeView {
void loadCerts(in unsigned long type);
nsIX509Cert getCert(in unsigned long index);
void removeCert(in PRUint32 index);
};
%{C++

59
security/manager/ssl/src/nsCertTree.cpp
Просмотреть файл

@ -78,12 +78,17 @@ nsCertTree::FreeCertArray()
if (mCertArray) {
PRUint32 count;
nsresult rv = mCertArray->Count(&count);
NS_ASSERTION(NS_SUCCEEDED(rv), "Count failed");
if (NS_FAILED(rv))
{
NS_ASSERTION(0, "Count failed");
return;
}
PRInt32 i;
for (i = count - 1; i >= 0; i--)
{
mCertArray->RemoveElementAt(i);
}
}
mCertArray = nsnull;
}
// CmpByToken
@ -248,14 +253,10 @@ NS_IMETHODIMP
nsCertTree::LoadCerts(PRUint32 aType)
{
nsresult rv;
PRBool rowsChanged = PR_FALSE;
PRInt32 numChanged = 0;
if (mTreeArray) {
FreeCertArray();
nsMemory::Free(mTreeArray);
mTreeArray = NULL;
rowsChanged = PR_TRUE;
numChanged = mNumRows;
mNumRows = 0;
}
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
@ -264,8 +265,14 @@ nsCertTree::LoadCerts(PRUint32 aType)
CmpByTok_IssuerOrg_Name,
getter_AddRefs(mCertArray));
if (NS_FAILED(rv)) return rv;
return UpdateUIContents();
}
nsresult
nsCertTree::UpdateUIContents()
{
PRUint32 count;
rv = mCertArray->Count(&count);
nsresult rv = mCertArray->Count(&count);
if (NS_FAILED(rv)) return rv;
mNumOrgs = CountOrganizations();
mTreeArray = (treeArrayEl *)nsMemory::Alloc(
@ -290,14 +297,42 @@ nsCertTree::LoadCerts(PRUint32 aType)
orgCert = nextCert;
}
mNumRows = count + mNumOrgs;
if (rowsChanged) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%d,%d]", mNumRows, numChanged));
numChanged = mNumRows - numChanged;
if (mTree) mTree->RowCountChanged(0, numChanged);
}
if (mTree)
mTree->Invalidate();
return NS_OK;
}
NS_IMETHODIMP
nsCertTree::RemoveCert(PRUint32 index)
{
if (!mCertArray || !mTreeArray || index < 0) {
return NS_ERROR_FAILURE;
}
int i, idx = 0, cIndex = 0, nc;
nsIX509Cert *rawPtr = nsnull;
// Loop over the threads
for (i=0; i<mNumOrgs; i++) {
if (index == idx)
return NS_OK; // index is for thread
idx++; // get past the thread
nc = (mTreeArray[i].open) ? mTreeArray[i].numChildren : 0;
if (index < idx + nc) { // cert is within range of this thread
PRInt32 certIndex = cIndex + index - idx;
mCertArray->RemoveElementAt(certIndex);
nsMemory::Free(mTreeArray);
mTreeArray = NULL;
return UpdateUIContents();
}
if (mTreeArray[i].open)
idx += mTreeArray[i].numChildren;
cIndex += mTreeArray[i].numChildren;
if (idx > index)
break;
}
return NS_ERROR_FAILURE;
}
//////////////////////////////////////////////////////////////////////////////
//
// Begin nsITreeView methods

1
security/manager/ssl/src/nsCertTree.h
Просмотреть файл

@ -75,6 +75,7 @@ private:
nsIX509Cert *GetCertAtIndex(PRInt32 _index);
void FreeCertArray();
nsresult UpdateUIContents();
#ifdef DEBUG_CERT_TREE
/* for debugging purposes */

16
security/manager/ssl/src/nsNSSCertificate.cpp
Просмотреть файл

@ -683,6 +683,7 @@ nsNSSCertificate::~nsNSSCertificate()
if (mCertType == nsNSSCertificate::USER_CERT) {
nsCOMPtr<nsIInterfaceRequestor> cxt = new PipUIContext();
PK11_DeleteTokenCertAndKey(mCert, cxt);
CERT_DestroyCertificate(mCert);
} else
#ifdef NSS_3_4
if (!PK11_IsReadOnly(mCert->slot))
@ -718,6 +719,16 @@ nsNSSCertificate::GetCertType(PRUint32 *aCertType)
nsresult
nsNSSCertificate::MarkForPermDeletion()
{
// make sure user is logged in to the token
nsCOMPtr<nsIInterfaceRequestor> ctx = new PipUIContext();
if (!PK11_IsLoggedIn(mCert->slot, ctx))
{
if (SECSuccess != PK11_Authenticate(mCert->slot, PR_TRUE, ctx))
{
return NS_ERROR_FAILURE;
}
}
mPermDelete = PR_TRUE;
return NS_OK;
}
@ -3477,7 +3488,10 @@ nsNSSCertificateDB::DeleteCertificate(nsIX509Cert *aCert)
PRUint32 certType = getCertType(cert);
nssCert->SetCertType(certType);
nssCert->MarkForPermDeletion();
if (NS_FAILED(nssCert->MarkForPermDeletion()))
{
return NS_ERROR_FAILURE;
}
if (cert->slot && certType != nsIX509Cert::USER_CERT) {
// To delete a cert of a slot (builtin, most likely), mark it as