Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-25 05:41:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 370136, Firefox 2.0.0.1 and later breaks automatic client certificate authentification.

Browse Source 
Fixes a regression introduced with the fix for bug 328346.
Thanks a lot to Momtchil Momtchev for identifying the cause and providing the initial patch.
r=kengert/rrelyea
This commit is contained in:
kaie%kuix.de 2007-02-16 08:01:40 +00:00
parent 7c16179182
commit 2ce19dbaa4
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security/manager/ssl/src/nsNSSIOLayer.cpp
View File

@ -79,6 +79,7 @@
#include "secasn1.h"
#include "certdb.h"
#include "cert.h"
#include "keyhi.h"
//#define DEBUG_SSL_VERBOSE //Enable this define to get minimal
@ -2245,6 +2246,8 @@ SECStatus nsNSS_SSLGetClientAuthData(void* arg, PRFileDesc* socket,
privKey = PK11_FindKeyByAnyCert(node->cert, wincx);
if (privKey != NULL) {
if (hasExplicitKeyUsageNonRepudiation(node->cert)) {
SECKEY_DestroyPrivateKey(privKey);
privKey = NULL;
// Not a prefered cert
if (!low_prio_nonrep_cert) // did not yet find a low prio cert
low_prio_nonrep_cert = CERT_DupCertificate(node->cert);
@ -2267,6 +2270,7 @@ SECStatus nsNSS_SSLGetClientAuthData(void* arg, PRFileDesc* socket,
if (!cert && low_prio_nonrep_cert) {
cert = low_prio_nonrep_cert;
low_prio_nonrep_cert = NULL; // take it away from the cleaner
privKey = PK11_FindKeyByAnyCert(cert, wincx);
}
if (cert == NULL) {