diff options
author | kaie%kuix.de <devnull@localhost> | 2006-05-16 01:14:41 +0000 |
---|---|---|
committer | kaie%kuix.de <devnull@localhost> | 2006-05-16 01:14:41 +0000 |
commit | 1750eec57ab1ad5a82ec316d754f2c6adda72405 (patch) | |
tree | b2260163e383604bd9754d1f4a84c558aebc9a74 | |
parent | 617436e372f5b4ade30e234767bbf37401ea5e29 (diff) | |
download | nss-hg-1750eec57ab1ad5a82ec316d754f2c6adda72405.tar.gz |
bug 338058, Upgrade to NSS 3.11.2 second pre-release
r=wtchang, a=wtchang
-rw-r--r-- | security/nss/lib/certdb/crl.c | 2 | ||||
-rw-r--r-- | security/nss/lib/certdb/stanpcertdb.c | 19 | ||||
-rw-r--r-- | security/nss/lib/certdb/xauthkid.c | 4 | ||||
-rw-r--r-- | security/nss/lib/certhigh/ocsp.c | 6 | ||||
-rw-r--r-- | security/nss/lib/crmf/servget.c | 14 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/pk11akey.c | 5 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/pk11cert.c | 1 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/pk11pk12.c | 12 | ||||
-rw-r--r-- | security/nss/lib/softoken/dbmshim.c | 8 | ||||
-rw-r--r-- | security/nss/lib/softoken/keydb.c | 5 | ||||
-rw-r--r-- | security/nss/lib/ssl/ssl3con.c | 6 | ||||
-rw-r--r-- | security/nss/lib/ssl/sslproto.h | 2 |
12 files changed, 34 insertions, 50 deletions
diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index 7cd308c0a..0c30f3a26 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -2784,6 +2784,8 @@ SECStatus CERT_UncacheCRL(CERTCertDBHandle* dbhandle, SECItem* olddercrl) } DPCache_UnlockWrite(); + + rv = CachedCrl_Destroy(returned); } ReleaseDPCache(cache, writeLocked); diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c index ae5c15a11..ea04bb075 100644 --- a/security/nss/lib/certdb/stanpcertdb.c +++ b/security/nss/lib/certdb/stanpcertdb.c @@ -819,18 +819,13 @@ certdb_SaveSingleProfile(CERTCertificate *cert, const char *emailAddr, NSSItem profTime, profData; NSSItem *pprofTime, *pprofData; NSSITEM_FROM_SECITEM(&subject, &cert->derSubject); - if (profileTime) { - NSSITEM_FROM_SECITEM(&profTime, profileTime); - pprofTime = &profTime; - } else { - pprofTime = NULL; - } - if (emailProfile) { - NSSITEM_FROM_SECITEM(&profData, emailProfile); - pprofData = &profData; - } else { - pprofData = NULL; - } + + NSSITEM_FROM_SECITEM(&profTime, profileTime); + pprofTime = &profTime; + + NSSITEM_FROM_SECITEM(&profData, emailProfile); + pprofData = &profData; + stanProfile = nssSMIMEProfile_Create(c, pprofTime, pprofData); if (!stanProfile) goto loser; nssrv = nssCryptoContext_ImportSMIMEProfile(cc, stanProfile); diff --git a/security/nss/lib/certdb/xauthkid.c b/security/nss/lib/certdb/xauthkid.c index 8d9df2123..8fb5a0122 100644 --- a/security/nss/lib/certdb/xauthkid.c +++ b/security/nss/lib/certdb/xauthkid.c @@ -119,10 +119,10 @@ CERT_DecodeAuthKeyID (PRArenaPool *arena, SECItem *encodedValue) do { mark = PORT_ArenaMark (arena); - value = (CERTAuthKeyID*)PORT_ArenaZAlloc (arena, sizeof (*value)); - value->DERAuthCertIssuer = NULL; + value = (CERTAuthKeyID*)PORT_ArenaZAlloc (arena, sizeof (*value)); if (value == NULL) break; + value->DERAuthCertIssuer = NULL; /* copy the DER into the arena, since Quick DER returns data that points into the DER input, which may get freed by the caller */ rv = SECITEM_CopyItem(arena, &newEncodedValue, encodedValue); diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index c271c1866..12a059c76 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -1755,6 +1755,8 @@ ocsp_ParseURL(char *url, char **pHostname, PRUint16 *pPort, char **pPath) path[len] = '\0'; } else { path = PORT_Strdup("/"); + if (path == NULL) + goto loser; } *pHostname = hostname; @@ -1765,8 +1767,6 @@ ocsp_ParseURL(char *url, char **pHostname, PRUint16 *pPort, char **pPath) loser: if (hostname != NULL) PORT_Free(hostname); - if (path != NULL) - PORT_Free(path); PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION); return SECFailure; } @@ -3764,8 +3764,6 @@ ocsp_InitStatusChecking(CERTCertDBHandle *handle) return SECSuccess; loser: - if (statusContext != NULL) - PORT_Free(statusContext); if (statusConfig != NULL) PORT_Free(statusConfig); return SECFailure; diff --git a/security/nss/lib/crmf/servget.c b/security/nss/lib/crmf/servget.c index 165ce5924..85be9e556 100644 --- a/security/nss/lib/crmf/servget.c +++ b/security/nss/lib/crmf/servget.c @@ -409,7 +409,7 @@ crmf_copy_poposigningkey(PRArenaPool *poolp, } return SECSuccess; loser: - if (destPopoSignKey && poolp == NULL) { + if (poolp == NULL) { CRMF_DestroyPOPOSigningKey(destPopoSignKey); } return SECFailure; @@ -440,13 +440,10 @@ crmf_copy_popoprivkey(PRArenaPool *poolp, rv = SECFailure; } - if (rv != SECSuccess) { - if (destPrivKey && poolp == NULL) { - CRMF_DestroyPOPOPrivKey(destPrivKey); - } - return SECFailure; + if (rv != SECSuccess && poolp == NULL) { + CRMF_DestroyPOPOPrivKey(destPrivKey); } - return SECSuccess; + return rv; } static CRMFProofOfPossession* @@ -510,10 +507,11 @@ crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg) return NULL; } newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg); - newReqMsg->poolp = poolp; if (newReqMsg == NULL) { goto loser; } + + newReqMsg->poolp = poolp; newReqMsg->certReq = crmf_copy_cert_request(poolp, srcReqMsg->certReq); if (newReqMsg->certReq == NULL) { goto loser; diff --git a/security/nss/lib/pk11wrap/pk11akey.c b/security/nss/lib/pk11wrap/pk11akey.c index f63ff3b9f..9692d971f 100644 --- a/security/nss/lib/pk11wrap/pk11akey.c +++ b/security/nss/lib/pk11wrap/pk11akey.c @@ -1719,6 +1719,9 @@ pk11_DoKeys(PK11SlotInfo *slot, CK_OBJECT_HANDLE keyHandle, void *arg) SECStatus rv = SECSuccess; SECKEYPrivateKey *privKey; pk11KeyCallback *keycb = (pk11KeyCallback *) arg; + if (!arg) { + return SECFailure; + } privKey = PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,keycb->wincx); @@ -1726,7 +1729,7 @@ pk11_DoKeys(PK11SlotInfo *slot, CK_OBJECT_HANDLE keyHandle, void *arg) return SECFailure; } - if (keycb && (keycb->callback)) { + if (keycb->callback) { rv = (*keycb->callback)(privKey,keycb->callbackArg); } diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c index f4d6c9895..9d47fa9ef 100644 --- a/security/nss/lib/pk11wrap/pk11cert.c +++ b/security/nss/lib/pk11wrap/pk11cert.c @@ -1339,7 +1339,6 @@ pk11_AllFindCertObjectByRecipient(PK11SlotInfo **slotPtr, /* get them all! */ list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx); if (list == NULL) { - if (list) PK11_FreeSlotList(list); return CK_INVALID_HANDLE; } diff --git a/security/nss/lib/pk11wrap/pk11pk12.c b/security/nss/lib/pk11wrap/pk11pk12.c index 35a4cbc07..9c8afdf4e 100644 --- a/security/nss/lib/pk11wrap/pk11pk12.c +++ b/security/nss/lib/pk11wrap/pk11pk12.c @@ -250,7 +250,13 @@ PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI, SECStatus rv = SECFailure; temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); + if (!temparena) + return rv; pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo); + if (!pki) { + PORT_FreeArena(temparena, PR_FALSE); + return rv; + } pki->arena = temparena; rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate, @@ -263,10 +269,8 @@ PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI, publicValue, isPerm, isPrivate, keyUsage, privk, wincx); finish: - if( pki != NULL ) { - /* this zeroes the key and frees the arena */ - SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/); - } + /* this zeroes the key and frees the arena */ + SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/); return rv; } diff --git a/security/nss/lib/softoken/dbmshim.c b/security/nss/lib/softoken/dbmshim.c index 04c291d7f..f75f4d70d 100644 --- a/security/nss/lib/softoken/dbmshim.c +++ b/security/nss/lib/softoken/dbmshim.c @@ -406,14 +406,6 @@ dbs_readBlob(DBS *dbsp, DBT *data) loser: /* preserve the error code */ error = PR_GetError(); - if (addr) { - if (mapfile) { - PORT_Assert(len != -1); - PR_MemUnmap(addr,len); - } else { - PORT_Free(addr); - } - } if (mapfile) { PR_CloseFileMap(mapfile); } diff --git a/security/nss/lib/softoken/keydb.c b/security/nss/lib/softoken/keydb.c index 5dca43f40..cd3d61886 100644 --- a/security/nss/lib/softoken/keydb.c +++ b/security/nss/lib/softoken/keydb.c @@ -713,7 +713,6 @@ nsslowkey_UpdateKeyDBPass1(NSSLOWKEYDBHandle *handle) DBT key; DBT data; unsigned char version; - SECItem *rc4key = NULL; NSSLOWKEYDBKey *dbkey = NULL; NSSLOWKEYDBHandle *update = NULL; SECItem *oldSalt = NULL; @@ -882,10 +881,6 @@ done: nsslowkey_CloseKeyDB(update); - if ( rc4key ) { - SECITEM_FreeItem(rc4key, PR_TRUE); - } - if ( oldSalt ) { SECITEM_FreeItem(oldSalt, PR_TRUE); } diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 217060b95..586086f27 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -8019,9 +8019,9 @@ process_it: case content_handshake: rv = ssl3_HandleHandshake(ss, databuf); break; - case content_application_data: - rv = SECSuccess; - break; + /* + case content_application_data is handled before this switch + */ default: SSL_DBG(("%d: SSL3[%d]: bogus content type=%d", SSL_GETPID(), ss->fd, cText->type)); diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h index f96bb8da3..f94359cb4 100644 --- a/security/nss/lib/ssl/sslproto.h +++ b/security/nss/lib/ssl/sslproto.h @@ -165,7 +165,6 @@ #define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065 #define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066 -#ifdef NSS_ENABLE_ECC #define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 @@ -195,7 +194,6 @@ #define TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA 0xC017 #define TLS_ECDH_anon_WITH_AES_128_CBC_SHA 0xC018 #define TLS_ECDH_anon_WITH_AES_256_CBC_SHA 0xC019 -#endif /* NSS_ENABLE_ECC */ /* Netscape "experimental" cipher suites. */ #define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0 |