b=249004 Do not import invalid/untrusted certs, prevent a DoS that disables SSL connections to trusted peers.THUNDERBIRD_0_8_RELEASE FIREFOX_0_10_RELEASE FIREFOX_0_10_1_RELEASE

r=relyea sr=jst/brendan a=asa
author: kaie%kuix.de <devnull@localhost> 2004-07-28 23:44:02 +0000
committer: kaie%kuix.de <devnull@localhost> 2004-07-28 23:44:02 +0000
commit: 9e9e5909bf6012b686940340312c80dab4660caf (patch)
tree: f2d83ec9af032cf712feadfce83b71e9743d67d0
parent: 4192c86b400d22e5312676d60b96fc730be6eeb4 (diff)
download: nss-hg-9e9e5909bf6012b686940340312c80dab4660caf.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
index 798a5ffe3..fee8ac903 100644
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@@ -1136,6 +1136,7 @@ CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
 	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA;
 	    break;
 	  case certUsageAnyCA:
+	  case certUsageVerifyCA:
 	  case certUsageStatusResponder:
 	    requiredKeyUsage = KU_KEY_CERT_SIGN;
 	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA |
author	kaie%kuix.de <devnull@localhost>	2004-07-28 23:44:02 +0000
committer	kaie%kuix.de <devnull@localhost>	2004-07-28 23:44:02 +0000
commit	9e9e5909bf6012b686940340312c80dab4660caf (patch)
tree	f2d83ec9af032cf712feadfce83b71e9743d67d0
parent	4192c86b400d22e5312676d60b96fc730be6eeb4 (diff)
download	nss-hg-9e9e5909bf6012b686940340312c80dab4660caf.tar.gz