Update NSS to 3.36.4-RTM

author: JustOff <Off.Just.Off@gmail.com> 2018-06-09 15:11:22 +0300
committer: JustOff <Off.Just.Off@gmail.com> 2018-06-11 16:42:50 +0300
commit: f83f62e1bff0c2aedc32e67fe369ba923c5b104a (patch)
tree: fbb69e76754552dde5c3c5d4fe928ed9693f601a /security/nss/lib/certdb/stanpcertdb.c
parent: 75323087aea91719bbb4f766bc6298d0618f0163 (diff)
download: UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.gz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.lz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.xz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.zip
1 files changed, 14 insertions, 1 deletions
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c
index beaa66040..d5d19c39d 100644
--- a/security/nss/lib/certdb/stanpcertdb.c
+++ b/security/nss/lib/certdb/stanpcertdb.c
@@ -30,6 +30,7 @@
 #include "pkistore.h"
 #include "dev3hack.h"
 #include "dev.h"
+#include "secmodi.h"
 
 PRBool
 SEC_CertNicknameConflict(const char *nickname, const SECItem *derSubject,
@@ -280,6 +281,18 @@ __CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
     nssCertificateStore_RemoveCertLOCKED(context->certStore, c);
     nssCertificateStore_Unlock(context->certStore, &lockTrace, &unlockTrace);
     c->object.cryptoContext = NULL;
+
+    /* if the id has not been set explicitly yet, create one from the public
+     * key. */
+    if (c->id.data == NULL) {
+        SECItem *keyID = pk11_mkcertKeyID(cert);
+        if (keyID) {
+            nssItem_Create(c->object.arena, &c->id, keyID->len, keyID->data);
+            SECITEM_FreeItem(keyID, PR_TRUE);
+        }
+        /* if any of these failed, continue with our null c->id */
+    }
+
     /* Import the perm instance onto the internal token */
     slot = PK11_GetInternalKeySlot();
     internal = PK11Slot_GetNSSToken(slot);
@@ -343,7 +356,7 @@ CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
         /* First, see if it is already a temp cert */
         c = NSSCryptoContext_FindCertificateByEncodedCertificate(gCC,
                                                                  &encoding);
-        if (!c) {
+        if (!c && handle) {
             /* Then, see if it is already a perm cert */
             c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
                                                                    &encoding);
author	JustOff <Off.Just.Off@gmail.com>	2018-06-09 15:11:22 +0300
committer	JustOff <Off.Just.Off@gmail.com>	2018-06-11 16:42:50 +0300
commit	f83f62e1bff0c2aedc32e67fe369ba923c5b104a (patch)
tree	fbb69e76754552dde5c3c5d4fe928ed9693f601a /security/nss/lib/certdb/stanpcertdb.c
parent	75323087aea91719bbb4f766bc6298d0618f0163 (diff)
download	UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.gz UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.lz UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.xz UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.zip