diff options
author | nelsonb%netscape.com <devnull@localhost> | 2000-09-09 06:08:46 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2000-09-09 06:08:46 +0000 |
commit | 0e3d78dd165faa348df07345ffafbdbb789f469a (patch) | |
tree | 5d28323f12cbae67651d19e03c141d421e980dd2 /security/nss/lib/ssl | |
parent | 706090cc6485395e082bf76a3522f1466a344d9d (diff) | |
download | nss-hg-0e3d78dd165faa348df07345ffafbdbb789f469a.tar.gz |
Create a new function, CERT_DupCertList(), and call it instead of calling
CERT_CertChainFromCert in ssl_DupSocket(). This is MUCH faster. This is
the first approximation of the right fix. The next step is to consider
doing ref counting instead of actual duplication. Fixes bug 51425 .
Diffstat (limited to 'security/nss/lib/ssl')
-rw-r--r-- | security/nss/lib/ssl/sslsock.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index 2921e3b6c..b55e170b5 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -285,11 +285,10 @@ ssl_DupSocket(sslSocket *os) int i; for (i=kt_null; i < kt_kea_size; i++) { - if (os->serverCert[i]) { + if (os->serverCert[i] && os->serverCertChain[i]) { ss->serverCert[i] = CERT_DupCertificate(os->serverCert[i]); - ss->serverCertChain[i] = CERT_CertChainFromCert - (ss->serverCert[i], certUsageSSLServer, - PR_TRUE); + ss->serverCertChain[i] = CERT_DupCertList( + os->serverCertChain[i]); } else { ss->serverCert[i] = NULL; ss->serverCertChain[i] = NULL; |