diff options
Diffstat (limited to 'security/nss/lib/ssl/cmpcert.c')
| -rw-r--r-- | security/nss/lib/ssl/cmpcert.c | 31 |
1 files changed, 3 insertions, 28 deletions
diff --git a/security/nss/lib/ssl/cmpcert.c b/security/nss/lib/ssl/cmpcert.c index e6edbee83..8ab4a7f8d 100644 --- a/security/nss/lib/ssl/cmpcert.c +++ b/security/nss/lib/ssl/cmpcert.c @@ -13,7 +13,7 @@ #include "cert.h" #include "nspr.h" #include "secder.h" -#include "key.h" +#include "keyhi.h" #include "nss.h" /* @@ -27,13 +27,9 @@ NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames) SECItem *caname; CERTCertificate *curcert; CERTCertificate *oldcert; - PRInt32 contentlen; int j; - int headerlen; int depth; - SECStatus rv; SECItem issuerName; - SECItem compatIssuerName; if (!cert || !caNames || !caNames->nnames || !caNames->names || !caNames->names->data) @@ -44,29 +40,11 @@ NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames) while (curcert) { issuerName = curcert->derIssuer; - /* compute an alternate issuer name for compatibility with 2.0 - * enterprise server, which send the CA names without - * the outer layer of DER header - */ - rv = DER_Lengths(&issuerName, &headerlen, (PRUint32 *)&contentlen); - if (rv == SECSuccess) { - compatIssuerName.data = &issuerName.data[headerlen]; - compatIssuerName.len = issuerName.len - headerlen; - } else { - compatIssuerName.data = NULL; - compatIssuerName.len = 0; - } - for (j = 0; j < caNames->nnames; j++) { caname = &caNames->names[j]; if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) { - rv = SECSuccess; CERT_DestroyCertificate(curcert); - goto done; - } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) { - rv = SECSuccess; - CERT_DestroyCertificate(curcert); - goto done; + return SECSuccess; } } if ((depth <= 20) && @@ -82,8 +60,5 @@ NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames) curcert = NULL; } } - rv = SECFailure; - -done: - return rv; + return SECFailure; } |