summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/certdb
diff options
context:
space:
mode:
authorJustOff <Off.Just.Off@gmail.com>2018-06-09 15:11:22 +0300
committerJustOff <Off.Just.Off@gmail.com>2018-06-11 16:42:50 +0300
commitf83f62e1bff0c2aedc32e67fe369ba923c5b104a (patch)
treefbb69e76754552dde5c3c5d4fe928ed9693f601a /security/nss/lib/certdb
parent75323087aea91719bbb4f766bc6298d0618f0163 (diff)
downloadUXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.gz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.lz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.tar.xz
UXP-f83f62e1bff0c2aedc32e67fe369ba923c5b104a.zip
Update NSS to 3.36.4-RTM
Diffstat (limited to 'security/nss/lib/certdb')
-rw-r--r--security/nss/lib/certdb/stanpcertdb.c15
1 files changed, 14 insertions, 1 deletions
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c
index beaa66040..d5d19c39d 100644
--- a/security/nss/lib/certdb/stanpcertdb.c
+++ b/security/nss/lib/certdb/stanpcertdb.c
@@ -30,6 +30,7 @@
#include "pkistore.h"
#include "dev3hack.h"
#include "dev.h"
+#include "secmodi.h"
PRBool
SEC_CertNicknameConflict(const char *nickname, const SECItem *derSubject,
@@ -280,6 +281,18 @@ __CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
nssCertificateStore_RemoveCertLOCKED(context->certStore, c);
nssCertificateStore_Unlock(context->certStore, &lockTrace, &unlockTrace);
c->object.cryptoContext = NULL;
+
+ /* if the id has not been set explicitly yet, create one from the public
+ * key. */
+ if (c->id.data == NULL) {
+ SECItem *keyID = pk11_mkcertKeyID(cert);
+ if (keyID) {
+ nssItem_Create(c->object.arena, &c->id, keyID->len, keyID->data);
+ SECITEM_FreeItem(keyID, PR_TRUE);
+ }
+ /* if any of these failed, continue with our null c->id */
+ }
+
/* Import the perm instance onto the internal token */
slot = PK11_GetInternalKeySlot();
internal = PK11Slot_GetNSSToken(slot);
@@ -343,7 +356,7 @@ CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
/* First, see if it is already a temp cert */
c = NSSCryptoContext_FindCertificateByEncodedCertificate(gCC,
&encoding);
- if (!c) {
+ if (!c && handle) {
/* Then, see if it is already a perm cert */
c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle,
&encoding);