Bug 193367: do not call PR_Now() in a loop. r=nelsonb.

Tag: NSS_3_7_BRANCH

1 files changed, 6 insertions, 2 deletions

diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c
index 00c3a4299..82c32be9f 100644
--- a/security/nss/lib/smime/cmssigdata.c
+++ b/security/nss/lib/smime/cmssigdata.c
@@ -466,6 +466,7 @@ NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
     SECStatus rv;
     SECItem **rawArray;
     int i;
+    PRTime now;
 
     certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
 
@@ -500,12 +501,13 @@ NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
     /* go down the remaining list of certs and verify that they have
      * valid chains, then import them.
      */
+    now = PR_Now();
     for (node = CERT_LIST_HEAD(certList) ; !CERT_LIST_END(node,certList);
 						node= CERT_LIST_NEXT(node)) {
 	CERTCertificateList *certChain;
 
 	if (CERT_VerifyCert(certdb, node->cert, 
-		PR_TRUE, certusage, PR_Now(), NULL, NULL) != SECSuccess) {
+		PR_TRUE, certusage, now, NULL, NULL) != SECSuccess) {
 	    continue;
 	}
 
@@ -609,6 +611,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
     SECStatus rv = SECSuccess;
     int i;
     int count;
+    PRTime now;
 
     if (!sigd || !certdb || !sigd->rawCerts) {
 	PORT_SetError(SEC_ERROR_INVALID_ARGS);
@@ -616,6 +619,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
     }
 
     count = NSS_CMSArray_Count((void**)sigd->rawCerts);
+    now = PR_Now();
     for (i=0; i < count; i++) {
 	if (sigd->certs && sigd->certs[i]) {
 	    cert = CERT_DupCertificate(sigd->certs[i]);
@@ -626,7 +630,7 @@ NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
 		break;
 	    }
 	}
-	rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, PR_Now(), 
+	rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, now, 
                               NULL, NULL);
 	CERT_DestroyCertificate(cert);
     }