b=249004 Do not import invalid/untrusted certs, prevent a DoS that disables SSL connections to trusted peers.MOZILLA_1_4_4_RELEASE MOZILLA_1_4_3_RELEASE

r=relyea sr=jst/brendan a=blizzard
author: kaie%kuix.de <devnull@localhost> 2004-07-27 22:23:44 +0000
committer: kaie%kuix.de <devnull@localhost> 2004-07-27 22:23:44 +0000
commit: 54e2c68caeb6e5dd2ae769581cd269fc44d6d393 (patch)
tree: ef7f01d0fc006ae9c6a67de2339be4aaf0e5f9e0
parent: 4554bc106340e0c3f99606fcd6c64f9a0cd2d27c (diff)
download: nss-hg-54e2c68caeb6e5dd2ae769581cd269fc44d6d393.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
index 5dfb471ec..de88d37a8 100644
--- a/security/nss/lib/certdb/certdb.c
+++ b/security/nss/lib/certdb/certdb.c
@@ -1140,6 +1140,7 @@ CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
 	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA;
 	    break;
 	  case certUsageAnyCA:
+	  case certUsageVerifyCA:
 	  case certUsageStatusResponder:
 	    requiredKeyUsage = KU_KEY_CERT_SIGN;
 	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA |
author	kaie%kuix.de <devnull@localhost>	2004-07-27 22:23:44 +0000
committer	kaie%kuix.de <devnull@localhost>	2004-07-27 22:23:44 +0000
commit	54e2c68caeb6e5dd2ae769581cd269fc44d6d393 (patch)
tree	ef7f01d0fc006ae9c6a67de2339be4aaf0e5f9e0
parent	4554bc106340e0c3f99606fcd6c64f9a0cd2d27c (diff)
download	nss-hg-54e2c68caeb6e5dd2ae769581cd269fc44d6d393.tar.gz