diff options
author | Moonchild <mcwerewolf@gmail.com> | 2018-02-06 12:02:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-06 12:02:47 +0100 |
commit | 389c60da5e01761f4a11ef539ffa26e4c1b17875 (patch) | |
tree | c6033924a0de9be1ab140596e305898c651bf57e /security/nss/lib/certhigh/certhigh.c | |
parent | 7c9b585349c985df0cf6ace83da5dadba8b5c677 (diff) | |
parent | f017b749ea9f1586d2308504553d40bf4cc5439d (diff) | |
download | UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.gz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.lz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.xz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.zip |
Merge pull request #13 from MoonchildProductions/ported-upstream
Ported upstream
Diffstat (limited to 'security/nss/lib/certhigh/certhigh.c')
-rw-r--r-- | security/nss/lib/certhigh/certhigh.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c index 55259898b..7ae80b193 100644 --- a/security/nss/lib/certhigh/certhigh.c +++ b/security/nss/lib/certhigh/certhigh.c @@ -11,6 +11,7 @@ #include "cert.h" #include "certxutl.h" +#include "certi.h" #include "nsspki.h" #include "pki.h" #include "pkit.h" @@ -289,7 +290,7 @@ CERT_FindUserCertByUsage(CERTCertDBHandle *handle, goto loser; } - if (!CERT_LIST_END(CERT_LIST_HEAD(certList), certList)) { + if (!CERT_LIST_EMPTY(certList)) { cert = CERT_DupCertificate(CERT_LIST_HEAD(certList)->cert); } @@ -872,6 +873,7 @@ cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool PRBool isca; char *nickname; unsigned int certtype; + PRBool istemp = PR_FALSE; handle = CERT_GetDefaultCertDB(); @@ -949,7 +951,11 @@ cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool } /* if the cert is temp, make it perm; otherwise we're done */ - if (cert->istemp) { + rv = CERT_GetCertIsTemp(cert, &istemp); + if (rv != SECSuccess) { + goto loser; + } + if (istemp) { /* get a default nickname for it */ nickname = CERT_MakeCANickname(cert); @@ -963,9 +969,6 @@ cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool rv = SECSuccess; } - CERT_DestroyCertificate(cert); - cert = NULL; - if (rv != SECSuccess) { goto loser; } @@ -1080,7 +1083,10 @@ CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage, derCert.len = (unsigned int)stanCert->encoding.size; derCert.data = (unsigned char *)stanCert->encoding.data; derCert.type = siBuffer; - SECITEM_CopyItem(arena, &chain->certs[i], &derCert); + if (SECITEM_CopyItem(arena, &chain->certs[i], &derCert) != SECSuccess) { + CERT_DestroyCertificate(cCert); + goto loser; + } stanCert = stanChain[++i]; if (!stanCert && !cCert->isRoot) { /* reached the end of the chain, but the final cert is |