mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-11 20:35:50 +00:00
NSSCryptoContext_ImportCertificate cannot inform the caller that the cert already exists as a temp cert, is is necessary to work around this in CERT_NewTempCertificate by doing a lookup on the cert after it was imported.
r=relyea
This commit is contained in:
parent
4121f4550e
commit
6958bd9af8
@ -180,6 +180,7 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
|
|||||||
NSSCryptoContext *context;
|
NSSCryptoContext *context;
|
||||||
NSSArena *arena;
|
NSSArena *arena;
|
||||||
CERTCertificate *cc;
|
CERTCertificate *cc;
|
||||||
|
NSSCertificate *tempCert;
|
||||||
NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext();
|
NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext();
|
||||||
if (!isperm) {
|
if (!isperm) {
|
||||||
NSSDER encoding;
|
NSSDER encoding;
|
||||||
@ -241,10 +242,26 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
|
|||||||
PORT_Strlen(cc->emailAddr));
|
PORT_Strlen(cc->emailAddr));
|
||||||
}
|
}
|
||||||
context = STAN_GetDefaultCryptoContext();
|
context = STAN_GetDefaultCryptoContext();
|
||||||
|
/* this function cannot detect if the cert exists as a temp cert now, but
|
||||||
|
* didn't when CERT_NewTemp was first called.
|
||||||
|
*/
|
||||||
nssrv = NSSCryptoContext_ImportCertificate(context, c);
|
nssrv = NSSCryptoContext_ImportCertificate(context, c);
|
||||||
if (nssrv != PR_SUCCESS) {
|
if (nssrv != PR_SUCCESS) {
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
|
/* so find the entry in the temp store */
|
||||||
|
tempCert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(context,
|
||||||
|
&c->issuer,
|
||||||
|
&c->serial);
|
||||||
|
/* destroy the copy */
|
||||||
|
NSSCertificate_Destroy(c);
|
||||||
|
if (tempCert) {
|
||||||
|
/* and use the "official" entry */
|
||||||
|
c = tempCert;
|
||||||
|
cc = STAN_GetCERTCertificate(c);
|
||||||
|
} else {
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
c->object.trustDomain = STAN_GetDefaultTrustDomain();
|
c->object.trustDomain = STAN_GetDefaultTrustDomain();
|
||||||
cc->istemp = PR_TRUE;
|
cc->istemp = PR_TRUE;
|
||||||
cc->isperm = PR_FALSE;
|
cc->isperm = PR_FALSE;
|
||||||
|
Loading…
Reference in New Issue
Block a user