390209 - pkix AIA manager tries to get certs using AIA url with OCSP access method. r=nelson

author: alexei.volkov.bugs%sun.com <devnull@localhost> 2007-09-12 20:22:14 +0000
committer: alexei.volkov.bugs%sun.com <devnull@localhost> 2007-09-12 20:22:14 +0000
commit: 23723ca0f2524a400493bbf7c9d74b1e9a8c4c8a (patch)
tree: 21b51bc087c7cbd32209225c56619f398038f6ed
parent: a799820e0375eb7763d7da72e3a86ae21ee8b0bc (diff)
download: nss-hg-23723ca0f2524a400493bbf7c9d74b1e9a8c4c8a.tar.gz
2 files changed, 12 insertions, 0 deletions
diff --git a/security/nss/lib/libpkix/include/pkix_errorstrings.h b/security/nss/lib/libpkix/include/pkix_errorstrings.h
index f72ea92ab..82af7c216 100755
--- a/security/nss/lib/libpkix/include/pkix_errorstrings.h
+++ b/security/nss/lib/libpkix/include/pkix_errorstrings.h
@@ -582,6 +582,7 @@ PKIX_ERRORENTRY(INFOACCESSCREATEFAILED,pkix_pl_InfoAccess_Create failed),
 PKIX_ERRORENTRY(INFOACCESSCREATELISTFAILED,pkix_pl_InfoAccess_CreateList failed),
 PKIX_ERRORENTRY(INFOACCESSGETLOCATIONFAILED,PKIX_PL_InfoAccess_GetLocation failed),
 PKIX_ERRORENTRY(INFOACCESSGETLOCATIONTYPEFAILED,PKIX_PL_InfoAccess_GetLocationType failed),
+PKIX_ERRORENTRY(INFOACCESSGETMETHODFAILED,PKIX_PL_InfoAccess_GetMethod failed),
 PKIX_ERRORENTRY(INFOACCESSPARSELOCATIONFAILED,pkix_pl_InfoAccess_ParseLocation failed),
 PKIX_ERRORENTRY(INFOACCESSPARSETOKENSFAILED,pkix_pl_InfoAccess_ParseTokens failed),
 PKIX_ERRORENTRY(INITIALIZECHECKERSFAILED,pkix_InitializeCheckers failed),
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
index 6248a0315..fd04c6254 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
@@ -612,6 +612,7 @@ PKIX_PL_AIAMgr_GetAIACerts(
         for (aiaIndex = aiaMgr->aiaIndex;
                 aiaIndex < aiaMgr->numAias;
                 aiaIndex ++) {
+                PKIX_UInt32 method = 0;
 
                 PKIX_CHECK(PKIX_List_GetItem
                         (aiaMgr->aia,
@@ -620,6 +621,16 @@ PKIX_PL_AIAMgr_GetAIACerts(
                         plContext),
                         PKIX_LISTGETITEMFAILED);
 
+                PKIX_CHECK(PKIX_PL_InfoAccess_GetMethod
+                        (ia, &method, plContext),
+                        PKIX_INFOACCESSGETMETHODFAILED);
+
+                if (method != PKIX_INFOACCESS_CA_ISSUERS &&
+                    method != PKIX_INFOACCESS_CA_REPOSITORY) {
+                    PKIX_DECREF(ia);
+                    continue;
+                }
+                
                 PKIX_CHECK(PKIX_PL_InfoAccess_GetLocationType
                         (ia, &iaType, plContext),
                         PKIX_INFOACCESSGETLOCATIONTYPEFAILED);
author	alexei.volkov.bugs%sun.com <devnull@localhost>	2007-09-12 20:22:14 +0000
committer	alexei.volkov.bugs%sun.com <devnull@localhost>	2007-09-12 20:22:14 +0000
commit	23723ca0f2524a400493bbf7c9d74b1e9a8c4c8a (patch)
tree	21b51bc087c7cbd32209225c56619f398038f6ed
parent	a799820e0375eb7763d7da72e3a86ae21ee8b0bc (diff)
download	nss-hg-23723ca0f2524a400493bbf7c9d74b1e9a8c4c8a.tar.gz