From 4553b718c8e0da824def0b97d7eef741daf92529 Mon Sep 17 00:00:00 2001 From: "kaie%kuix.de" Date: Sat, 6 Jan 2007 16:36:19 +0000 Subject: [PATCH] Bug 164707, Provide a way to view/delete orphan certs Supplemental patch r=rrelyea --- .../locales/en-US/chrome/pippki/pippki.properties | 2 -- security/manager/pki/resources/content/deletecert.js | 6 ++++++ security/manager/ssl/src/nsNSSCertHelper.cpp | 2 +- security/manager/ssl/src/nsNSSCertificate.cpp | 10 ++++++++-- 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/security/manager/locales/en-US/chrome/pippki/pippki.properties b/security/manager/locales/en-US/chrome/pippki/pippki.properties index ee9a81b7a9dd..6006fa5959fe 100644 --- a/security/manager/locales/en-US/chrome/pippki/pippki.properties +++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties @@ -70,9 +70,7 @@ deleteEmailCertConfirm=Are you sure you want to delete these people's e-mail cer deleteEmailCertImpact=If you delete an e-mail certificate, your will no longer be able to send encrypted e-mail to those people. deleteEmailCertTitle=Delete E-Mail Certificates -deleteOrphanCertFlag=deleteOrphanFlag deleteOrphanCertConfirm=Are you sure you want to delete these certificates? -deleteOrphanCertImpact= deleteOrphanCertTitle=Delete Certificates diff --git a/security/manager/pki/resources/content/deletecert.js b/security/manager/pki/resources/content/deletecert.js index bb77a17f7a0a..65434d09cd05 100644 --- a/security/manager/pki/resources/content/deletecert.js +++ b/security/manager/pki/resources/content/deletecert.js @@ -90,6 +90,12 @@ function setWindowName() confirm = bundle.GetStringFromName("deleteEmailCertConfirm"); impact = bundle.GetStringFromName("deleteEmailCertImpact"); } + else if(typeFlag == "orphan_tab") + { + title = bundle.GetStringFromName("deleteOrphanCertTitle"); + confirm = bundle.GetStringFromName("deleteOrphanCertConfirm"); + impact = ""; + } else { return; diff --git a/security/manager/ssl/src/nsNSSCertHelper.cpp b/security/manager/ssl/src/nsNSSCertHelper.cpp index cb5ce7776c62..fa9a8d3348c3 100644 --- a/security/manager/ssl/src/nsNSSCertHelper.cpp +++ b/security/manager/ssl/src/nsNSSCertHelper.cpp @@ -2142,7 +2142,7 @@ getCertType(CERTCertificate *cert) return nsIX509Cert::CA_CERT; if (cert->emailAddr) return nsIX509Cert::EMAIL_CERT; - return nsIX509Cert::SERVER_CERT; + return nsIX509Cert::UNKNOWN_CERT; } CERTCertNicknames * diff --git a/security/manager/ssl/src/nsNSSCertificate.cpp b/security/manager/ssl/src/nsNSSCertificate.cpp index 7a402b8e5954..93db52376eb0 100644 --- a/security/manager/ssl/src/nsNSSCertificate.cpp +++ b/security/manager/ssl/src/nsNSSCertificate.cpp @@ -89,6 +89,11 @@ extern PRLogModuleInfo* gPIPNSSLog; static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID); +// This is being stored in an PRUint32 that can otherwise +// only take values from nsIX509Cert's list of cert types. +// As nsIX509Cert is frozen, we choose a value not contained +// in the list to mean not yet initialized. +#define CERT_TYPE_NOT_YET_INITIALIZED (1 << 30) /* nsNSSCertificate */ @@ -123,7 +128,7 @@ nsNSSCertificate::ConstructFromDER(char *certDER, int derLen) nsNSSCertificate::nsNSSCertificate(CERTCertificate *cert) : mCert(nsnull), mPermDelete(PR_FALSE), - mCertType(nsIX509Cert::UNKNOWN_CERT) + mCertType(CERT_TYPE_NOT_YET_INITIALIZED) { nsNSSShutDownPreventionLock locker; if (isAlreadyShutDown()) @@ -174,7 +179,8 @@ void nsNSSCertificate::destructorSafeDestroyNSSReference() nsresult nsNSSCertificate::GetCertType(PRUint32 *aCertType) { - if (mCertType == nsIX509Cert::UNKNOWN_CERT) { + if (mCertType == CERT_TYPE_NOT_YET_INITIALIZED) { + // only determine cert type once and cache it mCertType = getCertType(mCert); } *aCertType = mCertType;