diff options
| author | adeshkp <adeshkp@users.noreply.github.com> | 2020-09-12 04:08:43 -0400 |
|---|---|---|
| committer | Moonchild <moonchild@palemoon.org> | 2020-09-21 10:59:09 +0000 |
| commit | 10866dd35c4265049efff86b8cab89239804903c (patch) | |
| tree | f84aaf49b93eba6c1ae127a802d7afb5656ff5b7 /security/certverifier/CertVerifier.cpp | |
| parent | f43c37cabe419a38b64c68225a4256d795443aae (diff) | |
| download | UXP-10866dd35c4265049efff86b8cab89239804903c.tar UXP-10866dd35c4265049efff86b8cab89239804903c.tar.gz UXP-10866dd35c4265049efff86b8cab89239804903c.tar.lz UXP-10866dd35c4265049efff86b8cab89239804903c.tar.xz UXP-10866dd35c4265049efff86b8cab89239804903c.zip | |
Issue #1280 - Remove hostname parameter to trust domain.
Host name was purely being used for HPKP and since HPKP is killed,
this can also go. Currently it doesn't do anything other than
generating build warnings.
Diffstat (limited to 'security/certverifier/CertVerifier.cpp')
| -rw-r--r-- | security/certverifier/CertVerifier.cpp | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/security/certverifier/CertVerifier.cpp b/security/certverifier/CertVerifier.cpp index 1139ecae5..7f47de14f 100644 --- a/security/certverifier/CertVerifier.cpp +++ b/security/certverifier/CertVerifier.cpp @@ -422,7 +422,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, originAttributes, - builtChain, nullptr); + builtChain); rv = BuildCertChain(trustDomain, certDER, time, EndEntityOrCA::MustBeEndEntity, KeyUsage::digitalSignature, @@ -489,8 +489,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, mCertShortLifetimeInDays, mPinningMode, MIN_RSA_BITS, ValidityCheckingMode::CheckForEV, sha1ModeConfigurations[i], mNetscapeStepUpPolicy, - originAttributes, builtChain, - hostname); + originAttributes, builtChain); rv = BuildCertChainForOneKeyUsage(trustDomain, certDER, time, KeyUsage::digitalSignature,// (EC)DHE KeyUsage::keyEncipherment, // RSA @@ -572,8 +571,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, sha1ModeConfigurations[j], mNetscapeStepUpPolicy, - originAttributes, builtChain, - hostname); + originAttributes, builtChain); rv = BuildCertChainForOneKeyUsage(trustDomain, certDER, time, KeyUsage::digitalSignature,//(EC)DHE KeyUsage::keyEncipherment,//RSA @@ -635,7 +633,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, pinningDisabled, MIN_RSA_BITS_WEAK, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, mNetscapeStepUpPolicy, - originAttributes, builtChain, nullptr); + originAttributes, builtChain); rv = BuildCertChain(trustDomain, certDER, time, EndEntityOrCA::MustBeCA, KeyUsage::keyCertSign, KeyPurposeId::id_kp_serverAuth, @@ -651,7 +649,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, - originAttributes, builtChain, nullptr); + originAttributes, builtChain); rv = BuildCertChain(trustDomain, certDER, time, EndEntityOrCA::MustBeEndEntity, KeyUsage::digitalSignature, @@ -678,7 +676,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, - originAttributes, builtChain, nullptr); + originAttributes, builtChain); rv = BuildCertChain(trustDomain, certDER, time, EndEntityOrCA::MustBeEndEntity, KeyUsage::keyEncipherment, // RSA @@ -702,7 +700,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, - originAttributes, builtChain, nullptr); + originAttributes, builtChain); rv = BuildCertChain(trustDomain, certDER, time, EndEntityOrCA::MustBeEndEntity, KeyUsage::digitalSignature, @@ -735,7 +733,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, - originAttributes, builtChain, nullptr); + originAttributes, builtChain); rv = BuildCertChain(sslTrust, certDER, time, endEntityOrCA, keyUsage, eku, CertPolicyId::anyPolicy, stapledOCSPResponse); @@ -747,7 +745,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, - originAttributes, builtChain, nullptr); + originAttributes, builtChain); rv = BuildCertChain(emailTrust, certDER, time, endEntityOrCA, keyUsage, eku, CertPolicyId::anyPolicy, stapledOCSPResponse); @@ -761,8 +759,7 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage, ValidityCheckingMode::CheckingOff, SHA1Mode::Allowed, NetscapeStepUpPolicy::NeverMatch, - originAttributes, builtChain, - nullptr); + originAttributes, builtChain); rv = BuildCertChain(objectSigningTrust, certDER, time, endEntityOrCA, keyUsage, eku, CertPolicyId::anyPolicy, stapledOCSPResponse); |