From 1e98db5857372d3d9e927a521c91abf3eedc0ba5 Mon Sep 17 00:00:00 2001
From: "relyea%netscape.com" <relyea%netscape.com>
Date: Fri, 18 Jan 2002 03:38:29 +0000
Subject: [PATCH] remove bogus verify step (the cert passed in is almost
 certainly a signing cert).

---
 security/nss/lib/smime/cmssiginfo.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c
index 3529ddbca6d..27f8e5075ae 100644
--- a/security/nss/lib/smime/cmssiginfo.c
+++ b/security/nss/lib/smime/cmssiginfo.c
@@ -34,7 +34,7 @@
 /*
  * CMS signerInfo methods.
  *
- * $Id: cmssiginfo.c,v 1.5 2001-01-07 07:56:35 nelsonb%netscape.com Exp $
+ * $Id: cmssiginfo.c,v 1.6 2002-01-18 03:38:29 relyea%netscape.com Exp $
  */
 
 #include "cmslocal.h"
@@ -806,10 +806,14 @@ NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo)
 	    return SECFailure;
     }
 
-    /* verify this cert for encryption (has been verified for signing so far) */
+    /* verify this cert for encryption (has been verified for signing so far) */    /* don't verify this cert for encryption. It may just be a signing cert.
+     * that's OK, we can still save the S/MIME profile. The encryption cert
+     * should have already been saved */
+#ifdef notdef
     if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
 	return SECFailure;
     }
+#endif
 
     /* XXX store encryption cert permanently? */