Create a new function, CERT_DupCertList(), and call it instead of calling

CERT_CertChainFromCert in ssl_DupSocket(). This is MUCH faster. This is the first approximation of the right fix. The next step is to consider doing ref counting instead of actual duplication. Fixes bug 51425 .
author: nelsonb%netscape.com <devnull@localhost> 2000-09-09 06:08:46 +0000
committer: nelsonb%netscape.com <devnull@localhost> 2000-09-09 06:08:46 +0000
commit: 0e3d78dd165faa348df07345ffafbdbb789f469a (patch)
tree: 5d28323f12cbae67651d19e03c141d421e980dd2 /security/nss/lib/ssl
parent: 706090cc6485395e082bf76a3522f1466a344d9d (diff)
download: nss-hg-0e3d78dd165faa348df07345ffafbdbb789f469a.tar.gz
1 files changed, 3 insertions, 4 deletions
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
index 2921e3b6c..b55e170b5 100644
--- a/security/nss/lib/ssl/sslsock.c
+++ b/security/nss/lib/ssl/sslsock.c
@@ -285,11 +285,10 @@ ssl_DupSocket(sslSocket *os)
 	    int i;
 
 	    for (i=kt_null; i < kt_kea_size; i++) {
-		if (os->serverCert[i]) {
+		if (os->serverCert[i] && os->serverCertChain[i]) {
 		    ss->serverCert[i] = CERT_DupCertificate(os->serverCert[i]);
-		    ss->serverCertChain[i] = CERT_CertChainFromCert
-				(ss->serverCert[i], certUsageSSLServer, 
-				 PR_TRUE);
+		    ss->serverCertChain[i] = CERT_DupCertList(
+		                                       os->serverCertChain[i]);
 		} else {
 		    ss->serverCert[i]      = NULL;
 		    ss->serverCertChain[i] = NULL;
author	nelsonb%netscape.com <devnull@localhost>	2000-09-09 06:08:46 +0000
committer	nelsonb%netscape.com <devnull@localhost>	2000-09-09 06:08:46 +0000
commit	0e3d78dd165faa348df07345ffafbdbb789f469a (patch)
tree	5d28323f12cbae67651d19e03c141d421e980dd2 /security/nss/lib/ssl
parent	706090cc6485395e082bf76a3522f1466a344d9d (diff)
download	nss-hg-0e3d78dd165faa348df07345ffafbdbb789f469a.tar.gz