From 46c4d5f8340ae768541ba561d5268084090fde50 Mon Sep 17 00:00:00 2001
From: "Raymond Etornam Agbeame(:retornam)" <mozbugs.retornam@gmail.com>
Date: Mon, 24 Feb 2014 09:41:55 -0500
Subject: [PATCH] Bug 970614 - Remove code wrapped in #if 0 ... #endif blocks
 in PSM. r=keeler

---
 .../manager/ssl/src/nsCMSSecureMessage.cpp    |  4 --
 .../manager/ssl/src/nsNSSCertificateDB.cpp    | 19 +-----
 security/manager/ssl/src/nsPKCS12Blob.cpp     | 60 -------------------
 security/manager/ssl/src/nsPKCS12Blob.h       |  4 --
 4 files changed, 1 insertion(+), 86 deletions(-)

diff --git a/security/manager/ssl/src/nsCMSSecureMessage.cpp b/security/manager/ssl/src/nsCMSSecureMessage.cpp
index 71830149aba1..1155ca79140f 100644
--- a/security/manager/ssl/src/nsCMSSecureMessage.cpp
+++ b/security/manager/ssl/src/nsCMSSecureMessage.cpp
@@ -167,10 +167,6 @@ SendMessage(const char *msg, const char *base64Cert, char ** _retval)
     goto done;
   }
 
-#if 0
-  cert->dbhandle = CERT_GetDefaultCertDB();  /* work-around */
-#endif
-
   /* Step 2.  Get a signature cert */
 
   /* Step 3. Build inner (signature) content */
diff --git a/security/manager/ssl/src/nsNSSCertificateDB.cpp b/security/manager/ssl/src/nsNSSCertificateDB.cpp
index d7a3c92e6ce8..0623e22eb3fe 100644
--- a/security/manager/ssl/src/nsNSSCertificateDB.cpp
+++ b/security/manager/ssl/src/nsNSSCertificateDB.cpp
@@ -93,14 +93,6 @@ nsNSSCertificateDB::FindCertByNickname(nsISupports *aToken,
   NS_ConvertUTF16toUTF8 aUtf8Nickname(nickname);
   asciiname = const_cast<char*>(aUtf8Nickname.get());
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting \"%s\"\n", asciiname));
-#if 0
-  // what it should be, but for now...
-  if (aToken) {
-    cert = PK11_FindCertFromNickname(asciiname, nullptr);
-  } else {
-    cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), asciiname);
-  }
-#endif
   cert = PK11_FindCertFromNickname(asciiname, nullptr);
   if (!cert) {
     cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), asciiname);
@@ -187,16 +179,7 @@ nsNSSCertificateDB::FindCertNicknames(nsISupports *aToken,
    * obtain the cert list from NSS
    */
   insanity::pkix::ScopedCERTCertList certList;
-  PK11CertListType pk11type;
-#if 0
-  // this would seem right, but it didn't work...
-  // oh, I know why - bonks out on internal slot certs
-  if (aType == nsIX509Cert::USER_CERT)
-    pk11type = PK11CertListUser;
-  else 
-#endif
-    pk11type = PK11CertListUnique;
-  certList = PK11_ListCerts(pk11type, nullptr);
+  certList = PK11_ListCerts(PK11CertListUnique, nullptr);
   if (!certList)
     goto cleanup;
   /*
diff --git a/security/manager/ssl/src/nsPKCS12Blob.cpp b/security/manager/ssl/src/nsPKCS12Blob.cpp
index ed8bbe6bf0c4..6898d8ac50aa 100644
--- a/security/manager/ssl/src/nsPKCS12Blob.cpp
+++ b/security/manager/ssl/src/nsPKCS12Blob.cpp
@@ -237,46 +237,6 @@ finish:
   return NS_OK;
 }
 
-#if 0
-// nsPKCS12Blob::LoadCerts
-//
-// Given an array of certificate nicknames, load the corresponding
-// certificates into a local array.
-nsresult
-nsPKCS12Blob::LoadCerts(const char16_t **certNames, int numCerts)
-{
-  nsresult rv;
-  char namecpy[256];
-  /* Create the local array if needed */
-  if (!mCertArray) {
-    rv = NS_NewISupportsArray(getter_AddRefs(mCertArray));
-    if (NS_FAILED(rv)) {
-      if (!handleError())
-        return NS_ERROR_OUT_OF_MEMORY;
-    }
-  }
-  /* Add the certs */
-  for (int i=0; i<numCerts; i++) {
-    strcpy(namecpy, NS_ConvertUTF16toUTF8(certNames[i]));
-    CERTCertificate *nssCert = PK11_FindCertFromNickname(namecpy, nullptr);
-    if (!nssCert) {
-      if (!handleError())
-        return NS_ERROR_FAILURE;
-      else continue; /* user may request to keep going */
-    }
-    nsCOMPtr<nsIX509Cert> cert = nsNSSCertificate::Create(nssCert);
-    CERT_DestroyCertificate(nssCert);
-    if (!cert) {
-      if (!handleError())
-        return NS_ERROR_OUT_OF_MEMORY;
-    } else {
-      mCertArray->AppendElement(cert);
-    }
-  }
-  return NS_OK;
-}
-#endif
-
 static bool
 isExtractable(SECKEYPrivateKey *privKey)
 {
@@ -344,18 +304,7 @@ nsPKCS12Blob::ExportToFile(nsIFile *file,
   // add password integrity
   srv = SEC_PKCS12AddPasswordIntegrity(ecx, &unicodePw, SEC_OID_SHA1);
   if (srv) goto finish;
-#if 0
-  // count the number of certs to export
-  nrv = mCertArray->Count(&numCerts);
-  if (NS_FAILED(nrv)) goto finish;
-  // loop over the certs
   for (i=0; i<numCerts; i++) {
-    nsCOMPtr<nsIX509Cert> cert;
-    nrv = mCertArray->GetElementAt(i, getter_AddRefs(cert));
-    if (NS_FAILED(nrv)) goto finish;
-#endif
-  for (i=0; i<numCerts; i++) {
-//    nsNSSCertificate *cert = reinterpret_cast<nsNSSCertificate *>(certs[i]);
     nsNSSCertificate *cert = (nsNSSCertificate *)certs[i];
     // get it as a CERTCertificate XXX
     insanity::pkix::ScopedCERTCertificate nssCert(cert->GetCert());
@@ -802,15 +751,6 @@ nsPKCS12Blob::handleError(int myerr)
       /* ask to keep going?  what happens if one collision but others ok? */
       // The following errors cannot be "handled", notify the user (via an alert)
       // that the operation failed.
-#if 0
-      // XXX a boy can dream...
-      //     but the PKCS12 lib never throws this error
-      //     but then again, how would it?  anyway, convey the info below
-    case SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT:
-      msgID = "PKCS12PasswordInvalid";
-      break;
-#endif
-
     case SEC_ERROR_BAD_PASSWORD: msgID = "PK11BadPassword"; break;
 
     case SEC_ERROR_BAD_DER:
diff --git a/security/manager/ssl/src/nsPKCS12Blob.h b/security/manager/ssl/src/nsPKCS12Blob.h
index 027ad63464ab..9aadd27c8199 100644
--- a/security/manager/ssl/src/nsPKCS12Blob.h
+++ b/security/manager/ssl/src/nsPKCS12Blob.h
@@ -39,10 +39,6 @@ public:
   nsresult ImportFromFile(nsIFile *file);
 
   // PKCS#12 Export
-#if 0
-  //nsresult LoadCerts(const char16_t **certNames, int numCerts);
-  nsresult LoadCerts(nsIX509Cert **certs, int numCerts);
-#endif
   nsresult ExportToFile(nsIFile *file, nsIX509Cert **certs, int numCerts);
 
 private: