mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix optimized builds (make tinderbox go green).

This commit is contained in:
relyea%netscape.com 2004-07-20 23:02:04 +00:00
Родитель 7d92a11646
Коммит 950ffdabc7
2 изменённых файлов: 46 добавлений и 21 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

65
security/nss/lib/pk11wrap/pk11cert.c
Просмотреть файл

@ -88,6 +88,7 @@ static PRStatus convert_cert(NSSCertificate *c, void *arg)
CERTCertificate *nss3cert; CERTCertificate *nss3cert;
SECStatus secrv; SECStatus secrv;
struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg; struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
/* 'c' is not adopted. caller will free it */
nss3cert = STAN_GetCERTCertificate(c); nss3cert = STAN_GetCERTCertificate(c);
if (!nss3cert) return PR_FAILURE; if (!nss3cert) return PR_FAILURE;
secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg); secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
@ -300,7 +301,7 @@ static CERTCertificate
id.ulValueLen = c->id.size; id.ulValueLen = c->id.size;
*nickptr = pk11_buildNickname(slot, &label, privateLabel, &id); *nickptr = pk11_buildNickname(slot, &label, privateLabel, &id);
} }
return STAN_GetCERTCertificate(c); return STAN_GetCERTCertificateOrRelease(c);
} }
/* /*
@ -575,8 +576,7 @@ transfer_token_certs_to_collection(nssList *certList, NSSToken *token,
} }
nssTokenArray_Destroy(tokens); nssTokenArray_Destroy(tokens);
} }
/* *must* be a valid CERTCertificate, came from cache */ CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(certs[i]));
CERT_DestroyCertificate(STAN_GetCERTCertificate(certs[i]));
} }
nss_ZFreeIf(certs); nss_ZFreeIf(certs);
} }
@ -687,7 +687,7 @@ PK11_FindCertFromNickname(char *nickname, void *wincx)
cert = nssCertificateArray_FindBestCertificate(certs, NULL, cert = nssCertificateArray_FindBestCertificate(certs, NULL,
&usage, NULL); &usage, NULL);
if (cert) { if (cert) {
rvCert = STAN_GetCERTCertificate(cert); rvCert = STAN_GetCERTCertificateOrRelease(cert);
} }
nssCertificateArray_Destroy(certs); nssCertificateArray_Destroy(certs);
} }
@ -812,8 +812,10 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) {
PRTime now = PR_Now(); PRTime now = PR_Now();
certList = CERT_NewCertList(); certList = CERT_NewCertList();
for (i=0, c = *foundCerts; c; c = foundCerts[++i]) { for (i=0, c = *foundCerts; c; c = foundCerts[++i]) {
CERTCertificate *certCert = STAN_GetCERTCertificate(c); CERTCertificate *certCert = STAN_GetCERTCertificateOrRelease(c);
/* c may be invalid after this, don't reference it */
if (certCert) { if (certCert) {
/* CERT_AddCertToListSorted adopts certCert */
CERT_AddCertToListSorted(certList, certCert, CERT_AddCertToListSorted(certList, certCert,
CERT_SortCBValidity, &now); CERT_SortCBValidity, &now);
} }
@ -822,6 +824,7 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) {
CERT_DestroyCertList(certList); CERT_DestroyCertList(certList);
certList = NULL; certList = NULL;
} }
/* all the certs have been adopted or freed, free the raw array */
nss_ZFreeIf(foundCerts); nss_ZFreeIf(foundCerts);
} }
return certList; return certList;
@ -1416,6 +1419,7 @@ PK11_FindCertByIssuerAndSNOnToken(PK11SlotInfo *slot,
} }
object = NULL; /* adopted by the previous call */ object = NULL; /* adopted by the previous call */
nssTrustDomain_AddCertsToCache(td, &cert,1); nssTrustDomain_AddCertsToCache(td, &cert,1);
/* on failure, cert is freed below */
rvCert = STAN_GetCERTCertificate(cert); rvCert = STAN_GetCERTCertificate(cert);
if (!rvCert) { if (!rvCert) {
goto loser; goto loser;
@ -1759,22 +1763,34 @@ PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN,
&serial); &serial);
if (cert) { if (cert) {
SECITEM_FreeItem(derSerial, PR_TRUE); SECITEM_FreeItem(derSerial, PR_TRUE);
return STAN_GetCERTCertificate(cert); return STAN_GetCERTCertificateOrRelease(cert);
} }
retry:
cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber( do {
/* free the old cert on retry. Associated slot was not present */
if (rvCert) {
CERT_DestroyCertificate(rvCert);
rvCert = NULL;
}
cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
STAN_GetDefaultTrustDomain(), STAN_GetDefaultTrustDomain(),
&issuer, &issuer,
&serial); &serial);
if (cert) { if (!cert) {
rvCert = STAN_GetCERTCertificate(cert); break;
/* Check to see if the cert's token is still there */
if (!PK11_IsPresent(rvCert->slot)) {
CERT_DestroyCertificate(rvCert);
goto retry;
} }
if (slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
} rvCert = STAN_GetCERTCertificateOrRelease(cert);
if (rvCert == NULL) {
break;
}
/* Check to see if the cert's token is still there */
} while (!PK11_IsPresent(rvCert->slot));
if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
SECITEM_FreeItem(derSerial, PR_TRUE); SECITEM_FreeItem(derSerial, PR_TRUE);
return rvCert; return rvCert;
#endif #endif
@ -1912,7 +1928,7 @@ PK11_TraverseCertsForSubject(CERTCertificate *cert,
PR_FALSE,PR_TRUE,NULL); PR_FALSE,PR_TRUE,NULL);
PK11SlotListElement *le; PK11SlotListElement *le;
/* loop through all the fortezza tokens */ /* loop through all the tokens */
for (le = list->head; le; le = le->next) { for (le = list->head; le; le = le->next) {
PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg); PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg);
} }
@ -1997,6 +2013,9 @@ PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot,
NSSCertificate **cp; NSSCertificate **cp;
for (cp = certs; *cp; cp++) { for (cp = certs; *cp; cp++) {
oldie = STAN_GetCERTCertificate(*cp); oldie = STAN_GetCERTCertificate(*cp);
if (!oldie) {
continue;
}
if ((*callback)(oldie, arg) != SECSuccess) { if ((*callback)(oldie, arg) != SECSuccess) {
nssrv = PR_FAILURE; nssrv = PR_FAILURE;
break; break;
@ -2094,6 +2113,9 @@ PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot,
NSSCertificate **cp; NSSCertificate **cp;
for (cp = certs; *cp; cp++) { for (cp = certs; *cp; cp++) {
oldie = STAN_GetCERTCertificate(*cp); oldie = STAN_GetCERTCertificate(*cp);
if (!oldie) {
continue;
}
if ((*callback)(oldie, arg) != SECSuccess) { if ((*callback)(oldie, arg) != SECSuccess) {
nssrv = PR_FAILURE; nssrv = PR_FAILURE;
break; break;
@ -2183,6 +2205,9 @@ PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
NSSCertificate **cp; NSSCertificate **cp;
for (cp = certs; *cp; cp++) { for (cp = certs; *cp; cp++) {
oldie = STAN_GetCERTCertificate(*cp); oldie = STAN_GetCERTCertificate(*cp);
if (!oldie) {
continue;
}
if ((*callback)(oldie, arg) != SECSuccess) { if ((*callback)(oldie, arg) != SECSuccess) {
nssrv = PR_FAILURE; nssrv = PR_FAILURE;
break; break;
@ -2242,10 +2267,7 @@ PK11_FindCertFromDERCertItem(PK11SlotInfo *slot, SECItem *inDerCert,
nssTokenArray_Destroy(tokens); nssTokenArray_Destroy(tokens);
} }
} }
if (c) { return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
rvCert = STAN_GetCERTCertificate(c);
}
return rvCert;
} }
/* mcgreer 3.4 -- nobody uses this, ignoring */ /* mcgreer 3.4 -- nobody uses this, ignoring */
@ -2575,6 +2597,7 @@ pk11ListCertCallback(NSSCertificate *c, void *arg)
return PR_SUCCESS; return PR_SUCCESS;
} }
/* caller still owns the reference to 'c' */
newCert = STAN_GetCERTCertificate(c); newCert = STAN_GetCERTCertificate(c);
if (!newCert) { if (!newCert) {
return PR_SUCCESS; return PR_SUCCESS;

2
security/nss/lib/pk11wrap/pk11nobj.c
Просмотреть файл

@ -65,6 +65,8 @@
#include "pki.h" #include "pki.h"
#include "pkim.h" #include "pkim.h"
extern const NSSError NSS_ERROR_NOT_FOUND;
CK_TRUST CK_TRUST
pk11_GetTrustField(PK11SlotInfo *slot, PRArenaPool *arena, pk11_GetTrustField(PK11SlotInfo *slot, PRArenaPool *arena,
CK_OBJECT_HANDLE id, CK_ATTRIBUTE_TYPE type) CK_OBJECT_HANDLE id, CK_ATTRIBUTE_TYPE type)