Port some tiny bug fixes from NSS trunk back to NSS 3_2 branch to

facilitate binary compatibility testing between NSS 3_2 branch
programs and NSS 3.3 (trunk) libraries.  These fix bugs in the test
programs that were not revealed until newer libs were tested.

4 files changed, 4 insertions, 27 deletions

diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c
index a68fcb678..30b7de93b 100644
--- a/security/nss/cmd/SSLsample/client.c
+++ b/security/nss/cmd/SSLsample/client.c
@@ -64,7 +64,6 @@
 
 #define RD_BUF_SIZE (60 * 1024)
 
-extern int cipherSuites[];
 extern int ssl2CipherSuites[];
 extern int ssl3CipherSuites[];
 
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c
index 77c543e12..47b7d0d4f 100644
--- a/security/nss/cmd/SSLsample/sslsample.c
+++ b/security/nss/cmd/SSLsample/sslsample.c
@@ -36,19 +36,6 @@
 
 /* Declare SSL cipher suites. */
 
-int cipherSuites[] = {
-	SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
-	SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
-	SSL_RSA_WITH_RC4_128_MD5,
-	SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-	SSL_RSA_WITH_DES_CBC_SHA,
-	SSL_RSA_EXPORT_WITH_RC4_40_MD5,
-	SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-	SSL_FORTEZZA_DMS_WITH_NULL_SHA,
-	SSL_RSA_WITH_NULL_MD5,
-	0
-};
-
 int ssl2CipherSuites[] = {
 	SSL_EN_RC4_128_WITH_MD5,              /* A */
 	SSL_EN_RC4_128_EXPORT40_WITH_MD5,     /* B */
@@ -140,6 +127,7 @@ myAuthCertificate(void *arg, PRFileDesc *socket,
 
 	/* If this is a server, we're finished. */
 	if (isServer || secStatus != SECSuccess) {
+		CERT_DestroyCertificate(cert);
 		return secStatus;
 	}
 
@@ -162,6 +150,7 @@ myAuthCertificate(void *arg, PRFileDesc *socket,
 	if (hostName)
 		PR_Free(hostName);
 
+	CERT_DestroyCertificate(cert);
 	return secStatus;
 }
 
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
index 16ce65cd3..70b952340 100644
--- a/security/nss/cmd/selfserv/selfserv.c
+++ b/security/nss/cmd/selfserv/selfserv.c
@@ -88,19 +88,6 @@ static int handle_connection( PRFileDesc *, PRFileDesc *, int );
 static const char envVarName[] = { SSL_ENV_VAR_NAME };
 static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" };
 
-const int cipherSuites[] = {
-    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
-    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
-    SSL_RSA_WITH_RC4_128_MD5,
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-    SSL_RSA_WITH_DES_CBC_SHA,
-    SSL_RSA_EXPORT_WITH_RC4_40_MD5,
-    SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-    SSL_FORTEZZA_DMS_WITH_NULL_SHA,
-    SSL_RSA_WITH_NULL_MD5,
-    0
-};
-
 const int ssl2CipherSuites[] = {
     SSL_EN_RC4_128_WITH_MD5,			/* A */
     SSL_EN_RC4_128_EXPORT40_WITH_MD5,		/* B */
@@ -276,6 +263,7 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
 	FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n", 
                 err, SECU_Strerror(err));
     }
+    CERT_DestroyCertificate(peerCert);
     FLUSH;
     return rv;  
 }
diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c
index 5a4ce56b0..3bcfb894c 100644
--- a/security/nss/cmd/strsclnt/strsclnt.c
+++ b/security/nss/cmd/strsclnt/strsclnt.c
@@ -213,6 +213,7 @@ mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
     if (rv == SECSuccess) {
 	fputs("strsclnt: -- SSL: Server Certificate Validated.\n", stderr);
     } 
+    CERT_DestroyCertificate(peerCert);
     /* error, if any, will be displayed by the Bad Cert Handler. */
     return rv;  
 }