Bug 169785: CERT_AddOCSPAcceptableResponses should have a second argument

of type SECOidTag, followed by the optional arguments ..., because it needs
at least one argument of type SECOidTag.  r=nelsonb.

security/nss/lib/certhigh/ocsp.c

@@ -35,7 +35,7 @@
  * Implementation of OCSP services, for both client and server.
  * (XXX, really, mostly just for client right now, but intended to do both.)
  *
- * $Id: ocsp.c,v 1.13 2002-08-31 00:37:33 jpierre%netscape.com Exp $
+ * $Id: ocsp.c,v 1.14 2002-09-23 23:47:49 wtc%netscape.com Exp $
  */
 
 #include "prerror.h"
@@ -1021,7 +1021,8 @@ void SetRequestExts(void *object, CERTCertExtension **exts)
 }
 
 SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...)
+CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
+				SECOidTag responseType0, ...)
 {
     void *extHandle;
     va_list ap;
@@ -1039,25 +1040,32 @@ CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...)
     }
 
     /* Count number of OIDS going into the extension value. */
-    count = 0;
-    va_start(ap, request);
-    do {
-	count++;
-	responseType = va_arg(ap, SECOidTag);
-    } while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-    va_end(ap);
+    count = 1;
+    if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
+	va_start(ap, responseType0);
+	do {
+	    count++;
+	    responseType = va_arg(ap, SECOidTag);
+	} while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
+	va_end(ap);
+    }
 
     acceptableResponses = PORT_NewArray(SECItem *, count + 1);
     if (acceptableResponses == NULL)
 	goto loser;
 
-    va_start(ap, request);
-    for (i = 0; i < count; i++) {
-	responseType = va_arg(ap, SECOidTag);
-	responseOid = SECOID_FindOIDByTag(responseType);
-	acceptableResponses[i] = &(responseOid->oid);
+    i = 0;
+    responseOid = SECOID_FindOIDByTag(responseType0);
+    acceptableResponses[i++] = &(responseOid->oid);
+    if (count > 1) {
+	va_start(ap, responseType0);
+	for ( ; i < count; i++) {
+	    responseType = va_arg(ap, SECOidTag);
+	    responseOid = SECOID_FindOIDByTag(responseType);
+	    acceptableResponses[i] = &(responseOid->oid);
+	}
+	va_end(ap);
     }
-    va_end(ap);
     acceptableResponses[i] = NULL;
 
     rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,

security/nss/lib/certhigh/ocsp.h

@@ -34,7 +34,7 @@
 /*
  * Interface to the OCSP implementation.
  *
- * $Id: ocsp.h,v 1.4 2002-07-03 20:18:07 javi%netscape.com Exp $
+ * $Id: ocsp.h,v 1.5 2002-09-23 23:47:49 wtc%netscape.com Exp $
  */
 
 #ifndef _OCSP_H_
@@ -197,7 +197,7 @@ CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
  * INPUTS:
  *   CERTOCSPRequest *request
  *     The request to which the extension should be added.
- *   ...
+ *   SECOidTag responseType0, ...
  *     A list (of one or more) of SECOidTag -- each of the response types
  *     to be added.  The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
  *     (This marks the end of the list, and it must be specified because a
@@ -208,7 +208,8 @@ CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
  *   All errors are internal or low-level problems (e.g. no memory).
  */
 extern SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...);
+CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
+				SECOidTag responseType0, ...);
 
 /* 
  * FUNCTION: CERT_EncodeOCSPRequest