Bug 164707, Provide a way to view/delete orphan certs

Supplemental patch r=rrelyea
2007-01-06 16:36:19 +00:00 · 2007-01-06 16:36:19 +00:00 · 4553b718c8
--- a/security/manager/locales/en-US/chrome/pippki/pippki.properties
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties
@ -70,9 +70,7 @@ deleteEmailCertConfirm=Are you sure you want to delete these people's e-mail cer
 deleteEmailCertImpact=If you delete an e-mail certificate, your will no longer be able to send encrypted e-mail to those people.
 deleteEmailCertTitle=Delete E-Mail Certificates

-deleteOrphanCertFlag=deleteOrphanFlag
 deleteOrphanCertConfirm=Are you sure you want to delete these certificates?
-deleteOrphanCertImpact=
 deleteOrphanCertTitle=Delete Certificates


--- a/security/manager/pki/resources/content/deletecert.js
+++ b/security/manager/pki/resources/content/deletecert.js
@ -90,6 +90,12 @@ function setWindowName()
     confirm = bundle.GetStringFromName("deleteEmailCertConfirm");
     impact = bundle.GetStringFromName("deleteEmailCertImpact");
  }
+  else if(typeFlag == "orphan_tab")
+  {
+     title = bundle.GetStringFromName("deleteOrphanCertTitle");
+     confirm = bundle.GetStringFromName("deleteOrphanCertConfirm");
+     impact = "";
+  }
  else
  {
     return;
--- a/security/manager/ssl/src/nsNSSCertHelper.cpp
+++ b/security/manager/ssl/src/nsNSSCertHelper.cpp
@ -2142,7 +2142,7 @@ getCertType(CERTCertificate *cert)
    return nsIX509Cert::CA_CERT;
  if (cert->emailAddr)
    return nsIX509Cert::EMAIL_CERT;
-  return nsIX509Cert::SERVER_CERT;
+  return nsIX509Cert::UNKNOWN_CERT;
 }

 CERTCertNicknames *
--- a/security/manager/ssl/src/nsNSSCertificate.cpp
+++ b/security/manager/ssl/src/nsNSSCertificate.cpp
@ -89,6 +89,11 @@ extern PRLogModuleInfo* gPIPNSSLog;

 static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);

+// This is being stored in an PRUint32 that can otherwise
+// only take values from nsIX509Cert's list of cert types.
+// As nsIX509Cert is frozen, we choose a value not contained
+// in the list to mean not yet initialized.
+#define CERT_TYPE_NOT_YET_INITIALIZED (1 << 30)

 /* nsNSSCertificate */

@ -123,7 +128,7 @@ nsNSSCertificate::ConstructFromDER(char *certDER, int derLen)
 nsNSSCertificate::nsNSSCertificate(CERTCertificate *cert) : 
                                           mCert(nsnull),
                                           mPermDelete(PR_FALSE),
-                                           mCertType(nsIX509Cert::UNKNOWN_CERT)
+                                           mCertType(CERT_TYPE_NOT_YET_INITIALIZED)
 {
  nsNSSShutDownPreventionLock locker;
  if (isAlreadyShutDown())
@ -174,7 +179,8 @@ void nsNSSCertificate::destructorSafeDestroyNSSReference()
 nsresult
 nsNSSCertificate::GetCertType(PRUint32 *aCertType)
 {
-  if (mCertType == nsIX509Cert::UNKNOWN_CERT) {
+  if (mCertType == CERT_TYPE_NOT_YET_INITIALIZED) {
+     // only determine cert type once and cache it
     mCertType = getCertType(mCert);
  }
  *aCertType = mCertType;