Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-11 12:25:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 978185: Improve error codes returned from nsIX509CertDB.addCert and nsIX50CertDB.setCertTrust, r=keeler

Browse Source 
--HG--
extra : rebase_source : e32a913f085524d113b17d03917c10ad92c7f6e1
This commit is contained in:
Brian Smith 2014-02-28 11:19:38 -08:00
parent bceb379d88
commit 7f631f3c6e
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
security/manager/ssl/src/nsNSSCertificateDB.cpp
View File

@ -970,13 +970,15 @@ nsNSSCertificateDB::SetCertTrust(nsIX509Cert *cert,
if (isAlreadyShutDown()) {
return NS_ERROR_NOT_AVAILABLE;
}
SECStatus srv;
nsNSSCertTrust trust;
nsCOMPtr<nsIX509Cert2> pipCert = do_QueryInterface(cert);
if (!pipCert)
return NS_ERROR_FAILURE;
nsresult rv;
nsCOMPtr<nsIX509Cert2> pipCert = do_QueryInterface(cert, &rv);
if (!pipCert) {
return rv;
}
insanity::pkix::ScopedCERTCertificate nsscert(pipCert->GetCert());
SECStatus srv;
if (type == nsIX509Cert::CA_CERT) {
// always start with untrusted and move up
trust.SetValidCA();
@ -1004,7 +1006,7 @@ nsNSSCertificateDB::SetCertTrust(nsIX509Cert *cert,
// ignore user certs
return NS_OK;
}
return (srv) ? NS_ERROR_FAILURE : NS_OK;
return MapSECStatus(srv);
}
NS_IMETHODIMP
@ -1591,7 +1593,7 @@ NS_IMETHODIMP nsNSSCertificateDB::AddCertFromBase64(const char *aBase64, const c
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Creating temp cert\n"));
CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
insanity::pkix::ScopedCERTCertificate tmpCert(CERT_FindCertByDERCert(certdb, &der));
if (!tmpCert)
if (!tmpCert)
tmpCert = CERT_NewTempCertificate(certdb, &der,
nullptr, false, true);
nsMemory::Free(der.data);
@ -1600,7 +1602,7 @@ NS_IMETHODIMP nsNSSCertificateDB::AddCertFromBase64(const char *aBase64, const c
if (!tmpCert) {
NS_ERROR("Couldn't create cert from DER blob");
return NS_ERROR_FAILURE;
return MapSECStatus(SECFailure);
}
if (tmpCert->isperm) {
@ -1615,9 +1617,7 @@ NS_IMETHODIMP nsNSSCertificateDB::AddCertFromBase64(const char *aBase64, const c
SECStatus srv = __CERT_AddTempCertToPerm(tmpCert.get(),
const_cast<char*>(nickname.get()),
trust.GetTrust());
return (srv == SECSuccess) ? NS_OK : NS_ERROR_FAILURE;
return MapSECStatus(srv);
}
NS_IMETHODIMP