summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorian.mcgreer%sun.com <devnull@localhost>2002-04-03 19:22:15 +0000
committerian.mcgreer%sun.com <devnull@localhost>2002-04-03 19:22:15 +0000
commit5fefdad2068b948feafaf0a505b1fbe8a59c6415 (patch)
tree8af50a3794b330962485e5a7b7be3824d85e8824
parentb6935d2f3fff19da56e494eefb6aa0799259845a (diff)
downloadnss-hg-5fefdad2068b948feafaf0a505b1fbe8a59c6415.tar.gz
merge branch fix for bug 115954 to tip
Diffstat
-rw-r--r--security/nss/lib/dev/devobject.c9
-rw-r--r--security/nss/lib/pki/pki3hack.c9
-rw-r--r--security/nss/lib/pki/pki3hack.h3
3 files changed, 21 insertions, 0 deletions
diff --git a/security/nss/lib/dev/devobject.c b/security/nss/lib/dev/devobject.c
index 06150df50..965a62eed 100644
--- a/security/nss/lib/dev/devobject.c
+++ b/security/nss/lib/dev/devobject.c
@@ -68,6 +68,7 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
#ifdef NSS_3_4_CODE
#include "pkim.h" /* for cert decoding */
#include "pk11func.h" /* for PK11_HasRootCerts */
+#include "pki3hack.h" /* for STAN_ForceCERTCertificateUpdate */
#endif
/* The number of object handles to grab during each call to C_FindObjects */
@@ -559,6 +560,14 @@ retrieve_cert(NSSToken *t, nssSession *session, CK_OBJECT_HANDLE h, void *arg)
/* XXX Fix this! */
nssListIterator_Destroy(cert->object.instances);
cert->object.instances = nssList_CreateIterator(cert->object.instanceList);
+ /* The cert was already discovered. If it was made into a
+ * CERTCertificate, we need to update it here, because we have found
+ * another instance of it. This new instance may cause the slot
+ * and nickname fields of the cert to change.
+ */
+ if (cert->decoding && inCache) {
+ (void)STAN_ForceCERTCertificateUpdate(cert);
+ }
}
if (!inCache) {
nssrv = (*search->callback)(cert, search->cbarg);
diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c
index 8a8d3bf63..3db025b37 100644
--- a/security/nss/lib/pki/pki3hack.c
+++ b/security/nss/lib/pki/pki3hack.c
@@ -888,6 +888,9 @@ fill_CERTCertificateFields(NSSCertificate *c, CERTCertificate *cc, PRBool forced
}
} else if (instance) {
/* slot */
+ if (cc->slot) {
+ PK11_FreeSlot(cc->slot);
+ }
cc->slot = PK11_ReferenceSlot(instance->token->pk11slot);
cc->ownSlot = PR_TRUE;
/* pkcs11ID */
@@ -933,6 +936,12 @@ stan_GetCERTCertificate(NSSCertificate *c, PRBool forceUpdate)
}
NSS_IMPLEMENT CERTCertificate *
+STAN_ForceCERTCertificateUpdate(NSSCertificate *c)
+{
+ return stan_GetCERTCertificate(c, PR_TRUE);
+}
+
+NSS_IMPLEMENT CERTCertificate *
STAN_GetCERTCertificate(NSSCertificate *c)
{
return stan_GetCERTCertificate(c, PR_FALSE);
diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h
index c79fc747b..be146e99d 100644
--- a/security/nss/lib/pki/pki3hack.h
+++ b/security/nss/lib/pki/pki3hack.h
@@ -111,6 +111,9 @@ STAN_RemoveModuleFromDefaultTrustDomain
);
NSS_EXTERN CERTCertificate *
+STAN_ForceCERTCertificateUpdate(NSSCertificate *c);
+
+NSS_EXTERN CERTCertificate *
STAN_GetCERTCertificate(NSSCertificate *c);
NSS_EXTERN NSSCertificate *
View Lorry Controller Status