summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwtc%google.com <devnull@localhost>2011-08-05 02:55:24 +0000
committerwtc%google.com <devnull@localhost>2011-08-05 02:55:24 +0000
commit5d637b0677a2ac4cdace073f30934eea27bd5230 (patch)
tree6425a762690ce5feaad0e43388f37d1312cff680
parentb80b279ddcecdb09e2ccfd2b4c1be2277025c24b (diff)
downloadnss-hg-5d637b0677a2ac4cdace073f30934eea27bd5230.tar.gz
Bug 662557: Set pkixErrorClass and pkixErrorCode if localRevChecker orexternalRevChecker fails, otherwise we would end up reporting the default
error code PKIX_ALLOCERROR (value 0). Add the PKIX_CHECK_NO_GOTO macro. The patch is written by Kai Engert <kaie@kuix.de>. r=wtc. Modified Files: Tag: NSS_3_12_BRANCH pkix/checker/pkix_revocationchecker.c pkix/util/pkix_tools.h
Diffstat
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c22
-rwxr-xr-xsecurity/nss/lib/libpkix/pkix/util/pkix_tools.h11
2 files changed, 21 insertions, 12 deletions
diff --git a/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c b/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c
index 82bbac967..ded71021f 100755
--- a/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c
+++ b/security/nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c
@@ -381,13 +381,10 @@ PKIX_RevocationChecker_Check(
PKIX_UInt32 methodFlags = 0;
PKIX_DECREF(method);
- pkixErrorResult = PKIX_List_GetItem(revList, methodNum,
- (PKIX_PL_Object**)&method,
- plContext);
- if (pkixErrorResult) {
- /* Return error. Should not shappen in normal conditions. */
- goto cleanup;
- }
+ PKIX_CHECK(
+ PKIX_List_GetItem(revList, methodNum,
+ (PKIX_PL_Object**)&method, plContext),
+ PKIX_LISTGETITEMFAILED);
methodFlags = method->flags;
if (!(methodFlags & PKIX_REV_M_TEST_USING_THIS_METHOD)) {
/* Will not check with this method. Skipping... */
@@ -396,14 +393,14 @@ PKIX_RevocationChecker_Check(
if (!onlyUseRemoteMethods &&
methodStatus[methodNum] == PKIX_RevStatus_NoInfo) {
PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
-
- pkixErrorResult =
+ PKIX_CHECK_NO_GOTO(
(*method->localRevChecker)(cert, issuer, date,
method, procParams,
methodFlags,
chainVerificationState,
&revStatus,
- pReasonCode, plContext);
+ pReasonCode, plContext),
+ PKIX_REVCHECKERCHECKFAILED);
methodStatus[methodNum] = revStatus;
if (revStatus == PKIX_RevStatus_Revoked) {
/* if error was generated use it as final error. */
@@ -423,12 +420,13 @@ PKIX_RevocationChecker_Check(
methodStatus[methodNum] == PKIX_RevStatus_NoInfo) {
if (!(methodFlags & PKIX_REV_M_FORBID_NETWORK_FETCHING)) {
PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
- pkixErrorResult =
+ PKIX_CHECK_NO_GOTO(
(*method->externalRevChecker)(cert, issuer, date,
method,
procParams, methodFlags,
&revStatus, pReasonCode,
- &nbioContext, plContext);
+ &nbioContext, plContext),
+ PKIX_REVCHECKERCHECKFAILED);
methodStatus[methodNum] = revStatus;
if (revStatus == PKIX_RevStatus_Revoked) {
/* if error was generated use it as final error. */
diff --git a/security/nss/lib/libpkix/pkix/util/pkix_tools.h b/security/nss/lib/libpkix/pkix/util/pkix_tools.h
index 7ace5a329..8ac4261fa 100755
--- a/security/nss/lib/libpkix/pkix/util/pkix_tools.h
+++ b/security/nss/lib/libpkix/pkix/util/pkix_tools.h
@@ -349,6 +349,17 @@ extern PLHashNumber PR_CALLBACK pkix_ErrorGen_Hash (const void *key);
} \
} while (0)
+/* like PKIX_CHECK but without goto cleanup */
+#define PKIX_CHECK_NO_GOTO(func, descNum) \
+ do { \
+ pkixErrorResult = (func); \
+ if (pkixErrorResult) { \
+ TRACE_CHECK_FAILURE((func), PKIX_ErrorText[descNum]) \
+ pkixErrorClass = pkixErrorResult->errClass; \
+ pkixErrorCode = descNum; \
+ } \
+ } while (0)
+
#define PKIX_CHECK_ONLY_FATAL(func, descNum) \
do { \
pkixTempErrorReceived = PKIX_FALSE; \
View Lorry Controller Status