From 7213ca445485c1bf3fbf5fffa147294b492b2830 Mon Sep 17 00:00:00 2001 From: "kaie@kuix.de" Date: Mon, 7 Apr 2008 19:22:26 -0700 Subject: [PATCH] Backing out the "early ev verification" patch from bug 406755, as an attempt to fix a tinderbox test failure (crash). --- security/manager/ssl/src/nsNSSCallbacks.cpp | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/security/manager/ssl/src/nsNSSCallbacks.cpp b/security/manager/ssl/src/nsNSSCallbacks.cpp index f96a8e0947ce..30db376147f2 100644 --- a/security/manager/ssl/src/nsNSSCallbacks.cpp +++ b/security/manager/ssl/src/nsNSSCallbacks.cpp @@ -914,20 +914,7 @@ SECStatus PR_CALLBACK AuthCertificateCallback(void* client_data, PRFileDesc* fd, CERTCertificateCleaner serverCertCleaner(serverCert); if (serverCert) { - nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret; - nsRefPtr status = infoObject->SSLStatus(); - nsRefPtr nsc; - - if (!status || !status->mServerCert) { - nsc = new nsNSSCertificate(serverCert); - } - if (SECSuccess == rv) { - if (nsc) { - PRBool dummyIsEV; - nsc->GetIsExtendedValidation(&dummyIsEV); // the nsc object will cache the status - } - CERTCertList *certList = CERT_GetCertChainFromCert(serverCert, PR_Now(), certUsageSSLCA); nsCOMPtr nssComponent; @@ -971,12 +958,15 @@ SECStatus PR_CALLBACK AuthCertificateCallback(void* client_data, PRFileDesc* fd, // The connection may get terminated, for example, if the server requires // a client cert. Let's provide a minimal SSLStatus // to the caller that contains at least the cert and its status. + nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret; + + nsRefPtr status = infoObject->SSLStatus(); if (!status) { status = new nsSSLStatus(); infoObject->SetSSLStatus(status); } if (status && !status->mServerCert) { - status->mServerCert = nsc; + status->mServerCert = new nsNSSCertificate(serverCert); PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("AuthCertificateCallback setting NEW cert %p\n", status->mServerCert.get())); }