diff options
author | ian.mcgreer%sun.com <devnull@localhost> | 2002-02-11 22:12:01 +0000 |
---|---|---|
committer | ian.mcgreer%sun.com <devnull@localhost> | 2002-02-11 22:12:01 +0000 |
commit | e20726f91c43449d822ec500aeab1809a152cf20 (patch) | |
tree | 73d42159e12ac9e43687bea67575238f8a33c016 | |
parent | cf317b788c6ada75617763a99cb66158777fac77 (diff) | |
download | nss-hg-e20726f91c43449d822ec500aeab1809a152cf20.tar.gz |
NSSCryptoContext_ImportCertificate cannot inform the caller that the cert already exists as a temp cert, is is necessary to work around this in CERT_NewTempCertificate by doing a lookup on the cert after it was imported.
r=relyea
-rw-r--r-- | security/nss/lib/certdb/stanpcertdb.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c index 1cf111a47..5bc46a139 100644 --- a/security/nss/lib/certdb/stanpcertdb.c +++ b/security/nss/lib/certdb/stanpcertdb.c @@ -180,6 +180,7 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, NSSCryptoContext *context; NSSArena *arena; CERTCertificate *cc; + NSSCertificate *tempCert; NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext(); if (!isperm) { NSSDER encoding; @@ -241,10 +242,26 @@ __CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, PORT_Strlen(cc->emailAddr)); } context = STAN_GetDefaultCryptoContext(); + /* this function cannot detect if the cert exists as a temp cert now, but + * didn't when CERT_NewTemp was first called. + */ nssrv = NSSCryptoContext_ImportCertificate(context, c); if (nssrv != PR_SUCCESS) { goto loser; } + /* so find the entry in the temp store */ + tempCert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(context, + &c->issuer, + &c->serial); + /* destroy the copy */ + NSSCertificate_Destroy(c); + if (tempCert) { + /* and use the "official" entry */ + c = tempCert; + cc = STAN_GetCERTCertificate(c); + } else { + return NULL; + } c->object.trustDomain = STAN_GetDefaultTrustDomain(); cc->istemp = PR_TRUE; cc->isperm = PR_FALSE; |