diff options
author | alexei.volkov.bugs%sun.com <devnull@localhost> | 2007-09-12 20:22:14 +0000 |
---|---|---|
committer | alexei.volkov.bugs%sun.com <devnull@localhost> | 2007-09-12 20:22:14 +0000 |
commit | 23723ca0f2524a400493bbf7c9d74b1e9a8c4c8a (patch) | |
tree | 21b51bc087c7cbd32209225c56619f398038f6ed | |
parent | a799820e0375eb7763d7da72e3a86ae21ee8b0bc (diff) | |
download | nss-hg-23723ca0f2524a400493bbf7c9d74b1e9a8c4c8a.tar.gz |
390209 - pkix AIA manager tries to get certs using AIA url with OCSP access method. r=nelson
-rwxr-xr-x | security/nss/lib/libpkix/include/pkix_errorstrings.h | 1 | ||||
-rw-r--r-- | security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c | 11 |
2 files changed, 12 insertions, 0 deletions
diff --git a/security/nss/lib/libpkix/include/pkix_errorstrings.h b/security/nss/lib/libpkix/include/pkix_errorstrings.h index f72ea92ab..82af7c216 100755 --- a/security/nss/lib/libpkix/include/pkix_errorstrings.h +++ b/security/nss/lib/libpkix/include/pkix_errorstrings.h @@ -582,6 +582,7 @@ PKIX_ERRORENTRY(INFOACCESSCREATEFAILED,pkix_pl_InfoAccess_Create failed), PKIX_ERRORENTRY(INFOACCESSCREATELISTFAILED,pkix_pl_InfoAccess_CreateList failed), PKIX_ERRORENTRY(INFOACCESSGETLOCATIONFAILED,PKIX_PL_InfoAccess_GetLocation failed), PKIX_ERRORENTRY(INFOACCESSGETLOCATIONTYPEFAILED,PKIX_PL_InfoAccess_GetLocationType failed), +PKIX_ERRORENTRY(INFOACCESSGETMETHODFAILED,PKIX_PL_InfoAccess_GetMethod failed), PKIX_ERRORENTRY(INFOACCESSPARSELOCATIONFAILED,pkix_pl_InfoAccess_ParseLocation failed), PKIX_ERRORENTRY(INFOACCESSPARSETOKENSFAILED,pkix_pl_InfoAccess_ParseTokens failed), PKIX_ERRORENTRY(INITIALIZECHECKERSFAILED,pkix_InitializeCheckers failed), diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c index 6248a0315..fd04c6254 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c @@ -612,6 +612,7 @@ PKIX_PL_AIAMgr_GetAIACerts( for (aiaIndex = aiaMgr->aiaIndex; aiaIndex < aiaMgr->numAias; aiaIndex ++) { + PKIX_UInt32 method = 0; PKIX_CHECK(PKIX_List_GetItem (aiaMgr->aia, @@ -620,6 +621,16 @@ PKIX_PL_AIAMgr_GetAIACerts( plContext), PKIX_LISTGETITEMFAILED); + PKIX_CHECK(PKIX_PL_InfoAccess_GetMethod + (ia, &method, plContext), + PKIX_INFOACCESSGETMETHODFAILED); + + if (method != PKIX_INFOACCESS_CA_ISSUERS && + method != PKIX_INFOACCESS_CA_REPOSITORY) { + PKIX_DECREF(ia); + continue; + } + PKIX_CHECK(PKIX_PL_InfoAccess_GetLocationType (ia, &iaType, plContext), PKIX_INFOACCESSGETLOCATIONTYPEFAILED); |