b=157927 Fix memory leaks in nsNSSCertificate.cpp, fix some compiler warnings, do some cleanup.

r=javi sr=jag

security/manager/ssl/src/nsCMS.cpp

@@ -340,7 +340,8 @@ NS_IMETHODIMP nsCMSMessage::CreateEncrypted(nsISupportsArray * aRecipientCerts)
   CERTCertificate **recipientCerts;
   PLArenaPool *tmpPoolp = nsnull;
   SECOidTag bulkAlgTag;
-  int keySize, i;
+  int keySize;
+  PRUint32 i;
   nsNSSCertificate *nssRecipientCert;
   nsresult rv = NS_ERROR_FAILURE;
 

security/manager/ssl/src/nsCertTree.cpp

@@ -461,7 +461,8 @@ nsCertTree::RemoveCert(PRUint32 index)
     return NS_ERROR_FAILURE;
   }
 
-  int i, idx = 0, cIndex = 0, nc;
+  int i;
+  PRUint32 idx = 0, cIndex = 0, nc;
   // Loop over the threads
   for (i=0; i<mNumOrgs; i++) {
     if (index == idx)

security/manager/ssl/src/nsKeygenHandler.cpp

@@ -101,8 +101,6 @@ static NS_DEFINE_IID(kFormProcessorIID,   NS_IFORMPROCESSOR_IID);
 static NS_DEFINE_IID(kIDOMHTMLSelectElementIID, NS_IDOMHTMLSELECTELEMENT_IID);
 static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
 
-static const char *mozKeyGen = "-mozilla-keygen";
-
 static PQGParams *
 decode_pqg_params(char *aStr)
 {
@@ -611,20 +609,14 @@ NS_METHOD nsKeygenFormProcessor::ProvideContent(const nsString& aFormType,
 						nsVoidArray& aContent, 
 						nsString& aAttribute) 
 { 
-  nsString selectKey;
-  SECKeySizeChoiceInfo *choice = SECKeySizeChoiceList;
-
-  selectKey.Assign(NS_LITERAL_STRING("SELECT"));
   if (Compare(aFormType, NS_LITERAL_STRING("SELECT"), 
     nsCaseInsensitiveStringComparator()) == 0) {
     for (SECKeySizeChoiceInfo* choice = SECKeySizeChoiceList; choice && choice->name; ++choice) {
       nsString *str = new nsString(choice->name);
       aContent.AppendElement(str);
     }
-    aAttribute.AssignWithConversion(mozKeyGen);
+    aAttribute.Assign(NS_LITERAL_STRING("-mozilla-keygen"));
   }
   return NS_OK;
 } 
 
-
-

security/manager/ssl/src/nsNSSCallbacks.cpp

@@ -196,9 +196,11 @@ void PR_CALLBACK HandshakeCallback(PRFileDesc* fd, void* client_data) {
   nsresult rv;
   PRInt32 encryptBits;
 
-  if (SECSuccess == SSL_SecurityStatus(fd, &sslStatus, &cipherName, &keyLength,
-                                       &encryptBits, &signer, nsnull))
-    {
+  if (SECSuccess != SSL_SecurityStatus(fd, &sslStatus, &cipherName, &keyLength,
+                                       &encryptBits, &signer, nsnull)) {
+    return;
+  }
+
   PRInt32 secStatus;
   if (sslStatus == SSL_SECURITY_STATUS_OFF)
     secStatus = nsIWebProgressListener::STATE_IS_BROKEN;
@@ -231,9 +233,7 @@ void PR_CALLBACK HandshakeCallback(PRFileDesc* fd, void* client_data) {
   nsXPIDLString shortDesc;
   const PRUnichar* formatStrings[1] = { ToNewUnicode(NS_ConvertUTF8toUCS2(caName)) };
   nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
-      if (NS_FAILED(rv))
-        return; 
-
+  if (NS_SUCCEEDED(rv)) {
     rv = nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SignedBy").get(),
                                                    formatStrings, 1,
                                                    getter_Copies(shortDesc));
@@ -255,11 +255,12 @@ void PR_CALLBACK HandshakeCallback(PRFileDesc* fd, void* client_data) {
     status->mCipherName.Adopt(cipherName);
 
     infoObject->SetSSLStatus(status);
-
-      if (caName != signer)
-        PR_Free(caName);
-      PR_Free(signer);
   }
+
+  if (caName != signer) {
+    PR_Free(caName);
+  }
+  PR_Free(signer);
 }
 
 SECStatus PR_CALLBACK AuthCertificateCallback(void* client_data, PRFileDesc* fd,

security/manager/ssl/src/nsNSSComponent.cpp

@@ -628,7 +628,7 @@ nsresult nsNSSComponent::getParamsForNextCrlToDownload(nsAutoString *url, PRTime
     return NS_ERROR_FAILURE;
   }
 
-  for(PRInt32 i=0;i<noOfCrls;i++) {
+  for(PRUint32 i=0;i<noOfCrls;i++) {
     PRBool autoUpdateEnabled;
     nsAutoString tempCrlKey;
   

security/manager/ssl/src/nsNSSIOLayer.cpp

@@ -1461,6 +1461,7 @@ static const SEC_ASN1Template cert_CertificateScopeOfUseTemplate[] = {
     { SEC_ASN1_SEQUENCE_OF, 0, cert_CertificateScopeEntryTemplate }
 };
 
+#if 0
 /* 
  * decodes the extension data and create CERTCertificateScopeEntry that can
  * be consumed by the code
@@ -1710,6 +1711,7 @@ done:
     }
     return rv;
 }
+#endif
 
 /*
  * Function: SSMStatus SSM_SetUserCertChoice()
@@ -1966,9 +1968,17 @@ SECStatus nsNSS_SSLGetClientAuthData(void* arg, PRFileDesc* socket,
     }
 
     /* Get CN and O of the subject and O of the issuer */
-    NS_ConvertUTF8toUCS2 cn(CERT_GetCommonName(&serverCert->subject));
-    NS_ConvertUTF8toUCS2 org(CERT_GetOrgName(&serverCert->subject));
-    NS_ConvertUTF8toUCS2 issuer(CERT_GetOrgName(&serverCert->issuer));
+    char *ccn = CERT_GetCommonName(&serverCert->subject);
+    NS_ConvertUTF8toUCS2 cn(ccn);
+    if (ccn) PORT_Free(ccn);
+
+    char *corg = CERT_GetOrgName(&serverCert->subject);
+    NS_ConvertUTF8toUCS2 org(corg);
+    if (corg) PORT_Free(corg);
+
+    char *cissuer = CERT_GetOrgName(&serverCert->issuer);
+    NS_ConvertUTF8toUCS2 issuer(cissuer);
+    if (cissuer) PORT_Free(cissuer);
 
     certNicknameList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
     certDetailsList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);

security/manager/ssl/src/nsPKCS12Blob.cpp

@@ -31,7 +31,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: nsPKCS12Blob.cpp,v 1.27 2002/08/06 05:37:58 henry.jia%sun.com Exp $
+ * $Id: nsPKCS12Blob.cpp,v 1.28 2002/08/23 10:40:27 kaie%netscape.com Exp $
  */
 
 #include "prmem.h"
@@ -597,7 +597,7 @@ nsPKCS12Blob::nickname_collision(SECItem *oldNick, PRBool *cancel, void *wincx)
   nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
   if (NS_FAILED(rv)) return nsnull;
   int count = 1;
-  nsXPIDLCString nickname;
+  nsCString nickname;
   nsString nickFromProp;
   nssComponent->GetPIPNSSBundleString(
                                  NS_LITERAL_STRING("P12DefaultNickname").get(),
@@ -646,7 +646,7 @@ nsPKCS12Blob::nickname_collision(SECItem *oldNick, PRBool *cancel, void *wincx)
     return nsnull;
 
   newNick->type = siAsciiString;
-  newNick->data = (unsigned char*) nsCRT::strdup(nickname);
+  newNick->data = (unsigned char*) nsCRT::strdup(nickname.get());
   newNick->len  = strlen((char*)newNick->data);
   return newNick;
 }