зеркало из https://github.com/mozilla/pjs.git
Backing out pk11cert.c changes (not ready for checkin yet). (revert to 1.133)
This commit is contained in:
Родитель
2ceccf402a
Коммит
1e25701255
|
@ -88,7 +88,6 @@ static PRStatus convert_cert(NSSCertificate *c, void *arg)
|
||||||
CERTCertificate *nss3cert;
|
CERTCertificate *nss3cert;
|
||||||
SECStatus secrv;
|
SECStatus secrv;
|
||||||
struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
|
struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
|
||||||
/* 'c' is not adopted. caller will free it */
|
|
||||||
nss3cert = STAN_GetCERTCertificate(c);
|
nss3cert = STAN_GetCERTCertificate(c);
|
||||||
if (!nss3cert) return PR_FAILURE;
|
if (!nss3cert) return PR_FAILURE;
|
||||||
secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
|
secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
|
||||||
|
@ -301,7 +300,7 @@ static CERTCertificate
|
||||||
id.ulValueLen = c->id.size;
|
id.ulValueLen = c->id.size;
|
||||||
*nickptr = pk11_buildNickname(slot, &label, privateLabel, &id);
|
*nickptr = pk11_buildNickname(slot, &label, privateLabel, &id);
|
||||||
}
|
}
|
||||||
return STAN_GetCERTCertificateOrRelease(c);
|
return STAN_GetCERTCertificate(c);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -576,7 +575,8 @@ transfer_token_certs_to_collection(nssList *certList, NSSToken *token,
|
||||||
}
|
}
|
||||||
nssTokenArray_Destroy(tokens);
|
nssTokenArray_Destroy(tokens);
|
||||||
}
|
}
|
||||||
CERT_DestroyCertificate(STAN_GetCERTCertificateOrRelease(certs[i]));
|
/* *must* be a valid CERTCertificate, came from cache */
|
||||||
|
CERT_DestroyCertificate(STAN_GetCERTCertificate(certs[i]));
|
||||||
}
|
}
|
||||||
nss_ZFreeIf(certs);
|
nss_ZFreeIf(certs);
|
||||||
}
|
}
|
||||||
|
@ -687,7 +687,7 @@ PK11_FindCertFromNickname(char *nickname, void *wincx)
|
||||||
cert = nssCertificateArray_FindBestCertificate(certs, NULL,
|
cert = nssCertificateArray_FindBestCertificate(certs, NULL,
|
||||||
&usage, NULL);
|
&usage, NULL);
|
||||||
if (cert) {
|
if (cert) {
|
||||||
rvCert = STAN_GetCERTCertificateOrRelease(cert);
|
rvCert = STAN_GetCERTCertificate(cert);
|
||||||
}
|
}
|
||||||
nssCertificateArray_Destroy(certs);
|
nssCertificateArray_Destroy(certs);
|
||||||
}
|
}
|
||||||
|
@ -812,10 +812,8 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) {
|
||||||
PRTime now = PR_Now();
|
PRTime now = PR_Now();
|
||||||
certList = CERT_NewCertList();
|
certList = CERT_NewCertList();
|
||||||
for (i=0, c = *foundCerts; c; c = foundCerts[++i]) {
|
for (i=0, c = *foundCerts; c; c = foundCerts[++i]) {
|
||||||
CERTCertificate *certCert = STAN_GetCERTCertificateOrRelease(c);
|
CERTCertificate *certCert = STAN_GetCERTCertificate(c);
|
||||||
/* c may be invalid after this, don't reference it */
|
|
||||||
if (certCert) {
|
if (certCert) {
|
||||||
/* CERT_AddCertToListSorted adopts certCert */
|
|
||||||
CERT_AddCertToListSorted(certList, certCert,
|
CERT_AddCertToListSorted(certList, certCert,
|
||||||
CERT_SortCBValidity, &now);
|
CERT_SortCBValidity, &now);
|
||||||
}
|
}
|
||||||
|
@ -824,7 +822,6 @@ PK11_FindCertsFromNickname(char *nickname, void *wincx) {
|
||||||
CERT_DestroyCertList(certList);
|
CERT_DestroyCertList(certList);
|
||||||
certList = NULL;
|
certList = NULL;
|
||||||
}
|
}
|
||||||
/* all the certs have been adopted or freed, free the raw array */
|
|
||||||
nss_ZFreeIf(foundCerts);
|
nss_ZFreeIf(foundCerts);
|
||||||
}
|
}
|
||||||
return certList;
|
return certList;
|
||||||
|
@ -1419,7 +1416,6 @@ PK11_FindCertByIssuerAndSNOnToken(PK11SlotInfo *slot,
|
||||||
}
|
}
|
||||||
object = NULL; /* adopted by the previous call */
|
object = NULL; /* adopted by the previous call */
|
||||||
nssTrustDomain_AddCertsToCache(td, &cert,1);
|
nssTrustDomain_AddCertsToCache(td, &cert,1);
|
||||||
/* on failure, cert is freed below */
|
|
||||||
rvCert = STAN_GetCERTCertificate(cert);
|
rvCert = STAN_GetCERTCertificate(cert);
|
||||||
if (!rvCert) {
|
if (!rvCert) {
|
||||||
goto loser;
|
goto loser;
|
||||||
|
@ -1763,34 +1759,22 @@ PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN,
|
||||||
&serial);
|
&serial);
|
||||||
if (cert) {
|
if (cert) {
|
||||||
SECITEM_FreeItem(derSerial, PR_TRUE);
|
SECITEM_FreeItem(derSerial, PR_TRUE);
|
||||||
return STAN_GetCERTCertificateOrRelease(cert);
|
return STAN_GetCERTCertificate(cert);
|
||||||
}
|
}
|
||||||
|
retry:
|
||||||
do {
|
cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
|
||||||
/* free the old cert on retry. Associated slot was not present */
|
|
||||||
if (rvCert) {
|
|
||||||
CERT_DestroyCertificate(rvCert);
|
|
||||||
rvCert = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
|
|
||||||
STAN_GetDefaultTrustDomain(),
|
STAN_GetDefaultTrustDomain(),
|
||||||
&issuer,
|
&issuer,
|
||||||
&serial);
|
&serial);
|
||||||
if (!cert) {
|
if (cert) {
|
||||||
break;
|
rvCert = STAN_GetCERTCertificate(cert);
|
||||||
}
|
|
||||||
|
|
||||||
rvCert = STAN_GetCERTCertificateOrRelease(cert);
|
|
||||||
if (rvCert == NULL) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Check to see if the cert's token is still there */
|
/* Check to see if the cert's token is still there */
|
||||||
} while (!PK11_IsPresent(rvCert->slot));
|
if (!PK11_IsPresent(rvCert->slot)) {
|
||||||
|
CERT_DestroyCertificate(rvCert);
|
||||||
if (rvCert && slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
|
goto retry;
|
||||||
|
}
|
||||||
|
if (slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
|
||||||
|
}
|
||||||
SECITEM_FreeItem(derSerial, PR_TRUE);
|
SECITEM_FreeItem(derSerial, PR_TRUE);
|
||||||
return rvCert;
|
return rvCert;
|
||||||
#endif
|
#endif
|
||||||
|
@ -1928,7 +1912,7 @@ PK11_TraverseCertsForSubject(CERTCertificate *cert,
|
||||||
PR_FALSE,PR_TRUE,NULL);
|
PR_FALSE,PR_TRUE,NULL);
|
||||||
PK11SlotListElement *le;
|
PK11SlotListElement *le;
|
||||||
|
|
||||||
/* loop through all the tokens */
|
/* loop through all the fortezza tokens */
|
||||||
for (le = list->head; le; le = le->next) {
|
for (le = list->head; le; le = le->next) {
|
||||||
PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg);
|
PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg);
|
||||||
}
|
}
|
||||||
|
@ -2013,9 +1997,6 @@ PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot,
|
||||||
NSSCertificate **cp;
|
NSSCertificate **cp;
|
||||||
for (cp = certs; *cp; cp++) {
|
for (cp = certs; *cp; cp++) {
|
||||||
oldie = STAN_GetCERTCertificate(*cp);
|
oldie = STAN_GetCERTCertificate(*cp);
|
||||||
if (!oldie) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if ((*callback)(oldie, arg) != SECSuccess) {
|
if ((*callback)(oldie, arg) != SECSuccess) {
|
||||||
nssrv = PR_FAILURE;
|
nssrv = PR_FAILURE;
|
||||||
break;
|
break;
|
||||||
|
@ -2113,9 +2094,6 @@ PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot,
|
||||||
NSSCertificate **cp;
|
NSSCertificate **cp;
|
||||||
for (cp = certs; *cp; cp++) {
|
for (cp = certs; *cp; cp++) {
|
||||||
oldie = STAN_GetCERTCertificate(*cp);
|
oldie = STAN_GetCERTCertificate(*cp);
|
||||||
if (!oldie) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if ((*callback)(oldie, arg) != SECSuccess) {
|
if ((*callback)(oldie, arg) != SECSuccess) {
|
||||||
nssrv = PR_FAILURE;
|
nssrv = PR_FAILURE;
|
||||||
break;
|
break;
|
||||||
|
@ -2205,9 +2183,6 @@ PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
|
||||||
NSSCertificate **cp;
|
NSSCertificate **cp;
|
||||||
for (cp = certs; *cp; cp++) {
|
for (cp = certs; *cp; cp++) {
|
||||||
oldie = STAN_GetCERTCertificate(*cp);
|
oldie = STAN_GetCERTCertificate(*cp);
|
||||||
if (!oldie) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if ((*callback)(oldie, arg) != SECSuccess) {
|
if ((*callback)(oldie, arg) != SECSuccess) {
|
||||||
nssrv = PR_FAILURE;
|
nssrv = PR_FAILURE;
|
||||||
break;
|
break;
|
||||||
|
@ -2267,7 +2242,10 @@ PK11_FindCertFromDERCertItem(PK11SlotInfo *slot, SECItem *inDerCert,
|
||||||
nssTokenArray_Destroy(tokens);
|
nssTokenArray_Destroy(tokens);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return c ? STAN_GetCERTCertificateOrRelease(c) : NULL;
|
if (c) {
|
||||||
|
rvCert = STAN_GetCERTCertificate(c);
|
||||||
|
}
|
||||||
|
return rvCert;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* mcgreer 3.4 -- nobody uses this, ignoring */
|
/* mcgreer 3.4 -- nobody uses this, ignoring */
|
||||||
|
@ -2597,7 +2575,6 @@ pk11ListCertCallback(NSSCertificate *c, void *arg)
|
||||||
return PR_SUCCESS;
|
return PR_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* caller still owns the reference to 'c' */
|
|
||||||
newCert = STAN_GetCERTCertificate(c);
|
newCert = STAN_GetCERTCertificate(c);
|
||||||
if (!newCert) {
|
if (!newCert) {
|
||||||
return PR_SUCCESS;
|
return PR_SUCCESS;
|
||||||
|
|
Загрузка…
Ссылка в новой задаче