Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-25 13:51:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bug 130747, update trust after login to catch user certs when token doesn't return public key (ncipher)

Browse Source
This commit is contained in:
ian.mcgreer%sun.com 2002-03-15 19:23:14 +00:00
parent 0c941eae07
commit f6f58a33ec
3 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
security/nss/lib/pk11wrap/dev3hack.h
View File

@ -35,7 +35,7 @@
#define DEVNSS3HACK_H #define DEVNSS3HACK_H
#ifdef DEBUG #ifdef DEBUG
static const char DEVNSS3HACK_CVS_ID[] = "@(#) $RCSfile: dev3hack.h,v $ $Revision: 1.5 $ $Date: 2002/03/06 01:44:50 $ $Name: $"; static const char DEVNSS3HACK_CVS_ID[] = "@(#) $RCSfile: dev3hack.h,v $ $Revision: 1.6 $ $Date: 2002/03/15 19:23:14 $ $Name: $";
#endif /* DEBUG */ #endif /* DEBUG */
#include "cert.h" #include "cert.h"
@ -58,9 +58,12 @@ void PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst);
NSSToken * PK11Slot_GetNSSToken(PK11SlotInfo *sl); NSSToken * PK11Slot_GetNSSToken(PK11SlotInfo *sl);
NSS_IMPLEMENT PRStatus NSS_EXTERN PRStatus
nssToken_LoadCerts(NSSToken *token); nssToken_LoadCerts(NSSToken *token);
NSS_EXTERN void
nssToken_UpdateTrustForCerts(NSSToken *token);
PR_END_EXTERN_C PR_END_EXTERN_C
#endif /* DEVNSS3HACK_H */ #endif /* DEVNSS3HACK_H */

1
security/nss/lib/pk11wrap/pk11slot.c
View File

@ -1149,6 +1149,7 @@ PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
if (rv == SECSuccess && slot->nssToken && !PK11_IsFriendly(slot)) { if (rv == SECSuccess && slot->nssToken && !PK11_IsFriendly(slot)) {
/* notify stan about the login if certs are not public readable */ /* notify stan about the login if certs are not public readable */
nssToken_LoadCerts(slot->nssToken); nssToken_LoadCerts(slot->nssToken);
nssToken_UpdateTrustForCerts(slot->nssToken);
} }
} else if (!attempt) PORT_SetError(SEC_ERROR_BAD_PASSWORD); } else if (!attempt) PORT_SetError(SEC_ERROR_BAD_PASSWORD);
return rv; return rv;

21
security/nss/lib/pki/pki3hack.c
View File

@ -32,7 +32,7 @@
*/ */
#ifdef DEBUG #ifdef DEBUG
static const char CVS_ID[] = "@(#) $RCSfile: pki3hack.c,v $ $Revision: 1.44 $ $Date: 2002/03/08 00:02:35 $ $Name: $"; static const char CVS_ID[] = "@(#) $RCSfile: pki3hack.c,v $ $Revision: 1.45 $ $Date: 2002/03/15 19:23:10 $ $Name: $";
#endif /* DEBUG */ #endif /* DEBUG */
/* /*
@ -282,6 +282,25 @@ nssToken_LoadCerts(NSSToken *token)
return nssrv; return nssrv;
} }
NSS_IMPLEMENT void
nssToken_UpdateTrustForCerts(NSSToken *token)
{
nssListIterator *certs;
NSSCertificate *cert;
certs = nssList_CreateIterator(token->certList);
for (cert = (NSSCertificate *)nssListIterator_Start(certs);
cert != (NSSCertificate *)NULL;
cert = (NSSCertificate *)nssListIterator_Next(certs))
{
CERTCertificate *cc = STAN_GetCERTCertificate(cert);
cc->trust = NULL;
/* force an update of the trust fields of the CERTCertificate */
(void)stan_GetCERTCertificate(cert, PR_FALSE);
}
nssListIterator_Finish(certs);
nssListIterator_Destroy(certs);
}
NSS_IMPLEMENT PRBool NSS_IMPLEMENT PRBool
nssToken_SearchCerts nssToken_SearchCerts
( (