diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2018-11-03 09:06:25 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-11-03 09:06:25 +0100 |
| commit | 1626b5d7041ea9c3db92200f91542da46e49dde6 (patch) | |
| tree | e99c393052ef818645027da57774672990e29514 /security/manager/ssl/nsNSSIOLayer.cpp | |
| parent | 314fb761d144b160d3aeb72840c89e31c4f21a4a (diff) | |
| parent | 1d55939c7ca0e80555a24b240ff68d5bdbb48b4a (diff) | |
| download | UXP-1626b5d7041ea9c3db92200f91542da46e49dde6.tar UXP-1626b5d7041ea9c3db92200f91542da46e49dde6.tar.gz UXP-1626b5d7041ea9c3db92200f91542da46e49dde6.tar.lz UXP-1626b5d7041ea9c3db92200f91542da46e49dde6.tar.xz UXP-1626b5d7041ea9c3db92200f91542da46e49dde6.zip | |
Merge branch 'master' into Basilisk-releasev2018.11.04
Diffstat (limited to 'security/manager/ssl/nsNSSIOLayer.cpp')
| -rw-r--r-- | security/manager/ssl/nsNSSIOLayer.cpp | 58 |
1 files changed, 1 insertions, 57 deletions
diff --git a/security/manager/ssl/nsNSSIOLayer.cpp b/security/manager/ssl/nsNSSIOLayer.cpp index 93fca396b..d2549c52d 100644 --- a/security/manager/ssl/nsNSSIOLayer.cpp +++ b/security/manager/ssl/nsNSSIOLayer.cpp @@ -1916,59 +1916,12 @@ nsConvertCANamesToStrings(const UniquePLArenaPool& arena, char** caNameStrings, } SECItem* dername; - SECStatus rv; - int headerlen; - uint32_t contentlen; - SECItem newitem; int n; char* namestring; for (n = 0; n < caNames->nnames; n++) { - newitem.data = nullptr; dername = &caNames->names[n]; - rv = DER_Lengths(dername, &headerlen, &contentlen); - - if (rv != SECSuccess) { - goto loser; - } - - if (headerlen + contentlen != dername->len) { - // This must be from an enterprise 2.x server, which sent - // incorrectly formatted der without the outer wrapper of type and - // length. Fix it up by adding the top level header. - if (dername->len <= 127) { - newitem.data = (unsigned char*) PR_Malloc(dername->len + 2); - if (!newitem.data) { - goto loser; - } - newitem.data[0] = (unsigned char) 0x30; - newitem.data[1] = (unsigned char) dername->len; - (void) memcpy(&newitem.data[2], dername->data, dername->len); - } else if (dername->len <= 255) { - newitem.data = (unsigned char*) PR_Malloc(dername->len + 3); - if (!newitem.data) { - goto loser; - } - newitem.data[0] = (unsigned char) 0x30; - newitem.data[1] = (unsigned char) 0x81; - newitem.data[2] = (unsigned char) dername->len; - (void) memcpy(&newitem.data[3], dername->data, dername->len); - } else { - // greater than 256, better be less than 64k - newitem.data = (unsigned char*) PR_Malloc(dername->len + 4); - if (!newitem.data) { - goto loser; - } - newitem.data[0] = (unsigned char) 0x30; - newitem.data[1] = (unsigned char) 0x82; - newitem.data[2] = (unsigned char) ((dername->len >> 8) & 0xff); - newitem.data[3] = (unsigned char) (dername->len & 0xff); - memcpy(&newitem.data[4], dername->data, dername->len); - } - dername = &newitem; - } - namestring = CERT_DerNameToAscii(dername); if (!namestring) { // XXX - keep going until we fail to convert the name @@ -1977,21 +1930,12 @@ nsConvertCANamesToStrings(const UniquePLArenaPool& arena, char** caNameStrings, caNameStrings[n] = PORT_ArenaStrdup(arena.get(), namestring); PR_Free(namestring); if (!caNameStrings[n]) { - goto loser; + return SECFailure; } } - - if (newitem.data) { - PR_Free(newitem.data); - } } return SECSuccess; -loser: - if (newitem.data) { - PR_Free(newitem.data); - } - return SECFailure; } // Possible behaviors for choosing a cert for client auth. |