Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(67)

Unified Diff: nss/lib/certdb/certv3.c

Issue 1017413002: Uprev NSS to 3.18 RTM (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@nspr_uprev
Patch Set: Rebased Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « nss/lib/certdb/certt.h ('k') | nss/lib/certdb/crl.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: nss/lib/certdb/certv3.c
diff --git a/nss/lib/certdb/certv3.c b/nss/lib/certdb/certv3.c
index 2509d5d5195c572c00d518c7c49bd480abb92b6e..1735b5e44cd80cfdd6de06d943cf2221a8b956e8 100644
--- a/nss/lib/certdb/certv3.c
+++ b/nss/lib/certdb/certv3.c
@@ -43,142 +43,6 @@ CERT_StartCertExtensions(CERTCertificate *cert)
return (cert_StartExtensions ((void *)cert, cert->arena, SetExts));
}
-/* find the given extension in the certificate of the Issuer of 'cert' */
-SECStatus
-CERT_FindIssuerCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
- CERTCertificate *issuercert;
- SECStatus rv;
-
- issuercert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
- if ( issuercert ) {
- rv = cert_FindExtension(issuercert->extensions, tag, value);
- CERT_DestroyCertificate(issuercert);
- } else {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-/* find a URL extension in the cert or its CA
- * apply the base URL string if it exists
- */
-char *
-CERT_FindCertURLExtension(CERTCertificate *cert, int tag, int catag)
-{
- SECStatus rv;
- SECItem urlitem = {siBuffer,0};
- SECItem baseitem = {siBuffer,0};
- SECItem urlstringitem = {siBuffer,0};
- SECItem basestringitem = {siBuffer,0};
- PLArenaPool *arena = NULL;
- PRBool hasbase;
- char *urlstring;
- char *str;
- int len;
- unsigned int i;
-
- urlstring = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( ! arena ) {
- goto loser;
- }
-
- hasbase = PR_FALSE;
-
- rv = cert_FindExtension(cert->extensions, tag, &urlitem);
- if ( rv == SECSuccess ) {
- rv = cert_FindExtension(cert->extensions, SEC_OID_NS_CERT_EXT_BASE_URL,
- &baseitem);
- if ( rv == SECSuccess ) {
- hasbase = PR_TRUE;
- }
-
- } else if ( catag ) {
- /* if the cert doesn't have the extensions, see if the issuer does */
- rv = CERT_FindIssuerCertExtension(cert, catag, &urlitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = CERT_FindIssuerCertExtension(cert, SEC_OID_NS_CERT_EXT_BASE_URL,
- &baseitem);
- if ( rv == SECSuccess ) {
- hasbase = PR_TRUE;
- }
- } else {
- goto loser;
- }
-
- rv = SEC_QuickDERDecodeItem(arena, &urlstringitem,
- SEC_ASN1_GET(SEC_IA5StringTemplate), &urlitem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
- if ( hasbase ) {
- rv = SEC_QuickDERDecodeItem(arena, &basestringitem,
- SEC_ASN1_GET(SEC_IA5StringTemplate),
- &baseitem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- len = urlstringitem.len + ( hasbase ? basestringitem.len : 0 ) + 1;
-
- str = urlstring = (char *)PORT_Alloc(len);
- if ( urlstring == NULL ) {
- goto loser;
- }
-
- /* copy the URL base first */
- if ( hasbase ) {
-
- /* if the urlstring has a : in it, then we assume it is an absolute
- * URL, and will not get the base string pre-pended
- */
- for ( i = 0; i < urlstringitem.len; i++ ) {
- if ( urlstringitem.data[i] == ':' ) {
- goto nobase;
- }
- }
-
- PORT_Memcpy(str, basestringitem.data, basestringitem.len);
- str += basestringitem.len;
-
- }
-
-nobase:
- /* copy the rest (or all) of the URL */
- PORT_Memcpy(str, urlstringitem.data, urlstringitem.len);
- str += urlstringitem.len;
-
- *str = '\0';
- goto done;
-
-loser:
- if ( urlstring ) {
- PORT_Free(urlstring);
- }
-
- urlstring = NULL;
-done:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if ( baseitem.data ) {
- PORT_Free(baseitem.data);
- }
- if ( urlitem.data ) {
- PORT_Free(urlitem.data);
- }
-
- return(urlstring);
-}
-
/*
* get the value of the Netscape Certificate Type Extension
*/
« no previous file with comments | « nss/lib/certdb/certt.h ('k') | nss/lib/certdb/crl.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698