зеркало из https://github.com/mozilla/pjs.git
b=129067 Deleted certs still appear in Cert Manager, uses slow workaround, which should get removed once bug 138626 is fixed.
r=javi sr=alecf
This commit is contained in:
Родитель
e7a9499b78
Коммит
0aa2271015
|
@ -80,7 +80,6 @@ function LoadCerts()
|
|||
enableBackupAllButton.setAttribute("enabled",true);
|
||||
}
|
||||
|
||||
|
||||
var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
|
||||
var verifiedColText;
|
||||
if (certdb.ocspOn) {
|
||||
|
@ -100,6 +99,14 @@ function ReloadCerts()
|
|||
userTreeView.loadCerts(nsIX509Cert.USER_CERT);
|
||||
}
|
||||
|
||||
function CleanUp()
|
||||
{
|
||||
caTreeView = null;
|
||||
serverTreeView = null;
|
||||
emailTreeView = null;
|
||||
userTreeView = null;
|
||||
}
|
||||
|
||||
function getSelectedTab()
|
||||
{
|
||||
var selTab = document.getElementById('certMgrTabbox').selectedItem;
|
||||
|
@ -264,6 +271,7 @@ function backupCerts()
|
|||
certdb.exportPKCS12File(null, fp.file,
|
||||
selected_certs.length, selected_certs);
|
||||
}
|
||||
selected_certs = [];
|
||||
}
|
||||
|
||||
function backupAllCerts()
|
||||
|
@ -289,6 +297,7 @@ function editCerts()
|
|||
'chrome,width=100,resizable=1,modal');
|
||||
}
|
||||
}
|
||||
selected_certs = [];
|
||||
}
|
||||
|
||||
function restoreCerts()
|
||||
|
@ -338,6 +347,7 @@ function deleteCerts()
|
|||
}
|
||||
else
|
||||
{
|
||||
selected_certs = [];
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -346,8 +356,11 @@ function deleteCerts()
|
|||
{
|
||||
var cert = selected_certs[t];
|
||||
params.SetString(t+1, cert.dbKey);
|
||||
cert = null;
|
||||
}
|
||||
|
||||
selected_certs = [];
|
||||
|
||||
window.openDialog('chrome://pippki/content/deletecert.xul', "",
|
||||
'chrome,resizable=1,modal',params);
|
||||
|
||||
|
@ -361,6 +374,7 @@ function viewCerts()
|
|||
for (var t=0; t<numcerts; t++) {
|
||||
selected_certs[t].view();
|
||||
}
|
||||
selected_certs = [];
|
||||
}
|
||||
|
||||
/* XXX future - import a DER cert from a file? */
|
||||
|
|
|
@ -35,7 +35,7 @@
|
|||
<window id="certmanager"
|
||||
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
|
||||
title="&certmgr.title;"
|
||||
onload="LoadCerts();">
|
||||
onload="LoadCerts();" onclose="CleanUp();">
|
||||
|
||||
<script type="application/x-javascript" src="chrome://help/content/contextHelp.js"/>
|
||||
<script type="application/x-javascript" src="chrome://global/content/strres.js"/>
|
||||
|
|
|
@ -94,6 +94,8 @@ function setWindowName()
|
|||
var text;
|
||||
for(x=0;x<certs.length;x++)
|
||||
{
|
||||
if (!certs[x])
|
||||
continue;
|
||||
text = document.createElement("text");
|
||||
text.setAttribute("value",certs[x].commonName);
|
||||
box.appendChild(text);
|
||||
|
@ -107,7 +109,10 @@ function doOK()
|
|||
{
|
||||
for(var i=0;i<certs.length;i++)
|
||||
{
|
||||
certdb.deleteCertificate(certs[i]);
|
||||
if (certs[i]) {
|
||||
certdb.deleteCertificate(certs[i]);
|
||||
certs[i] = null;
|
||||
}
|
||||
}
|
||||
window.close();
|
||||
}
|
||||
|
|
|
@ -78,12 +78,17 @@ nsCertTree::FreeCertArray()
|
|||
if (mCertArray) {
|
||||
PRUint32 count;
|
||||
nsresult rv = mCertArray->Count(&count);
|
||||
NS_ASSERTION(NS_SUCCEEDED(rv), "Count failed");
|
||||
if (NS_FAILED(rv))
|
||||
{
|
||||
NS_ASSERTION(0, "Count failed");
|
||||
return;
|
||||
}
|
||||
PRInt32 i;
|
||||
for (i = count - 1; i >= 0; i--)
|
||||
{
|
||||
mCertArray->RemoveElementAt(i);
|
||||
}
|
||||
}
|
||||
mCertArray = nsnull;
|
||||
}
|
||||
|
||||
// CmpByToken
|
||||
|
@ -293,7 +298,7 @@ nsCertTree::LoadCerts(PRUint32 aType)
|
|||
if (rowsChanged) {
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("[%d,%d]", mNumRows, numChanged));
|
||||
numChanged = mNumRows - numChanged;
|
||||
if (mTree) mTree->RowCountChanged(0, numChanged);
|
||||
if (mTree) mTree->RowCountChanged(0, mNumRows);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
|
|
@ -2888,6 +2888,57 @@ nsNSSCertificateDB::GetCertsByType(PRUint32 aType,
|
|||
!CERT_LIST_END(node, certList);
|
||||
node = CERT_LIST_NEXT(node)) {
|
||||
if (getCertType(node->cert) == aType) {
|
||||
|
||||
// Work around bug 138626.
|
||||
|
||||
PRBool deleted = PR_FALSE;
|
||||
|
||||
{
|
||||
SECItem key;
|
||||
key.len = NS_NSS_LONG*4+node->cert->serialNumber.len+node->cert->derIssuer.len;
|
||||
key.data = (unsigned char *)nsMemory::Alloc(key.len);
|
||||
NS_NSS_PUT_LONG(0,key.data); // later put moduleID
|
||||
NS_NSS_PUT_LONG(0,&key.data[NS_NSS_LONG]); // later put slotID
|
||||
NS_NSS_PUT_LONG(node->cert->serialNumber.len,&key.data[NS_NSS_LONG*2]);
|
||||
NS_NSS_PUT_LONG(node->cert->derIssuer.len,&key.data[NS_NSS_LONG*3]);
|
||||
memcpy(&key.data[NS_NSS_LONG*4],node->cert->serialNumber.data,
|
||||
node->cert->serialNumber.len);
|
||||
memcpy(&key.data[NS_NSS_LONG*4+node->cert->serialNumber.len],
|
||||
node->cert->derIssuer.data, node->cert->derIssuer.len);
|
||||
|
||||
SECItem &keyItem = key;
|
||||
|
||||
CERTIssuerAndSN issuerSN;
|
||||
unsigned long moduleID,slotID;
|
||||
|
||||
// someday maybe we can speed up the search using the moduleID and slotID
|
||||
moduleID = NS_NSS_GET_LONG(keyItem.data);
|
||||
slotID = NS_NSS_GET_LONG(&keyItem.data[NS_NSS_LONG]);
|
||||
|
||||
// build the issuer/SN structure
|
||||
issuerSN.serialNumber.len = NS_NSS_GET_LONG(&keyItem.data[NS_NSS_LONG*2]);
|
||||
issuerSN.derIssuer.len = NS_NSS_GET_LONG(&keyItem.data[NS_NSS_LONG*3]);
|
||||
issuerSN.serialNumber.data= &keyItem.data[NS_NSS_LONG*4];
|
||||
issuerSN.derIssuer.data= &keyItem.data[NS_NSS_LONG*4+
|
||||
issuerSN.serialNumber.len];
|
||||
|
||||
CERTCertificate *cert = CERT_FindCertByIssuerAndSN(CERT_GetDefaultCertDB(), &issuerSN);
|
||||
|
||||
nsMemory::Free(key.data); // SECItem is a 'c' type without a destrutor
|
||||
|
||||
if (!cert)
|
||||
{
|
||||
deleted = PR_TRUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
CERT_DestroyCertificate(cert);
|
||||
}
|
||||
}
|
||||
|
||||
if (deleted)
|
||||
continue;
|
||||
|
||||
nsCOMPtr<nsIX509Cert> pipCert = new nsNSSCertificate(node->cert);
|
||||
if (pipCert) {
|
||||
for (i=0; i<count; i++) {
|
||||
|
|
Загрузка…
Ссылка в новой задаче