Don't delete the nickname entry until we go to delete the subject entry as well.

1 files changed, 4 insertions, 8 deletions

diff --git a/security/nss/lib/softoken/pcertdb.c b/security/nss/lib/softoken/pcertdb.c
index 99c3789ba..d77dfae69 100644
--- a/security/nss/lib/softoken/pcertdb.c
+++ b/security/nss/lib/softoken/pcertdb.c
@@ -2894,6 +2894,9 @@ RemovePermSubjectNode(NSSLOWCERTCertificate *cert)
 	    /* if the subject had an email record, then delete it too */
 	    DeleteDBSMimeEntry(cert->dbhandle, entry->emailAddr);
 	}
+	if ( entry->nickname ) {
+	    DeleteDBNicknameEntry(cert->dbhandle, entry->nickname);
+	}
 	
 	DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
     }
@@ -3225,7 +3228,7 @@ AddCertToPermDB(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert,
 
     subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
 	
-    if ( subjectEntry ) {
+    if ( subjectEntry && subjectEntry->nickname ) {
 	donnentry = PR_FALSE;
 	nickname = subjectEntry->nickname;
     }
@@ -3907,13 +3910,6 @@ DeletePermCert(NSSLOWCERTCertificate *cert)
 	ret = SECFailure;
     }
     
-    if ( cert->nickname ) {
-	rv = DeleteDBNicknameEntry(cert->dbhandle, cert->nickname);
-	if ( rv != SECSuccess ) {
-	    ret = SECFailure;
-	}
-    }
-    
     rv = RemovePermSubjectNode(cert);