| Index: nss/lib/certhigh/ocsp.c
|
| ===================================================================
|
| --- nss/lib/certhigh/ocsp.c (revision 203524)
|
| +++ nss/lib/certhigh/ocsp.c (working copy)
|
| @@ -57,7 +57,7 @@
|
| PRTime nextFetchAttemptTime;
|
|
|
| /* Cached contents. Use a separate arena, because lifetime is different */
|
| - PRArenaPool *certStatusArena; /* NULL means: no cert status cached */
|
| + PLArenaPool *certStatusArena; /* NULL means: no cert status cached */
|
| ocspCertStatus certStatus;
|
|
|
| /* This may contain an error code when no OCSP response is available. */
|
| @@ -101,9 +101,9 @@
|
|
|
| /* Forward declarations */
|
| static SECItem *
|
| -ocsp_GetEncodedOCSPResponseFromRequest(PRArenaPool *arena,
|
| +ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
|
| CERTOCSPRequest *request,
|
| - const char *location, int64 time,
|
| + const char *location, PRTime time,
|
| PRBool addServiceLocator,
|
| void *pwArg,
|
| CERTOCSPRequest **pRequest);
|
| @@ -111,7 +111,7 @@
|
| ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *cert,
|
| - int64 time,
|
| + PRTime time,
|
| void *pwArg,
|
| PRBool *certIDWasConsumed,
|
| SECStatus *rv_ocsp);
|
| @@ -120,7 +120,7 @@
|
| ocsp_CacheEncodedOCSPResponse(CERTCertDBHandle *handle,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *cert,
|
| - int64 time,
|
| + PRTime time,
|
| void *pwArg,
|
| const SECItem *encodedResponse,
|
| PRBool cacheInvalid,
|
| @@ -132,11 +132,11 @@
|
| CERTOCSPResponse *response,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *signerCert,
|
| - int64 time,
|
| + PRTime time,
|
| CERTOCSPSingleResponse **pSingleResponse);
|
|
|
| static SECStatus
|
| -ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, int64 time);
|
| +ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time);
|
|
|
| static CERTOCSPCertID *
|
| cert_DupOCSPCertID(CERTOCSPCertID *src);
|
| @@ -189,7 +189,7 @@
|
| }
|
|
|
| static void
|
| -ocsp_dumpStringWithTime(const char *str, int64 time)
|
| +ocsp_dumpStringWithTime(const char *str, PRTime time)
|
| {
|
| PRExplodedTime timePrintable;
|
| char timestr[256];
|
| @@ -230,7 +230,7 @@
|
| ocsp_Trace("OCSP ----------------\n");
|
| ocsp_Trace("OCSP ## SUBJECT: %s\n", cert->subjectName);
|
| {
|
| - int64 timeBefore, timeAfter;
|
| + PRTime timeBefore, timeAfter;
|
| PRExplodedTime beforePrintable, afterPrintable;
|
| char beforestr[256], afterstr[256];
|
| PRStatus rv1, rv2;
|
| @@ -335,7 +335,7 @@
|
| }
|
|
|
| static SECStatus
|
| -ocsp_CopyRevokedInfo(PRArenaPool *arena, ocspCertStatus *dest,
|
| +ocsp_CopyRevokedInfo(PLArenaPool *arena, ocspCertStatus *dest,
|
| ocspRevokedInfo *src)
|
| {
|
| SECStatus rv = SECFailure;
|
| @@ -375,7 +375,7 @@
|
| }
|
|
|
| static SECStatus
|
| -ocsp_CopyCertStatus(PRArenaPool *arena, ocspCertStatus *dest,
|
| +ocsp_CopyCertStatus(PLArenaPool *arena, ocspCertStatus *dest,
|
| ocspCertStatus*src)
|
| {
|
| SECStatus rv = SECFailure;
|
| @@ -610,7 +610,7 @@
|
| CERTOCSPCertID *certID,
|
| OCSPCacheItem **pCacheItem)
|
| {
|
| - PRArenaPool *arena;
|
| + PLArenaPool *arena;
|
| void *mark;
|
| PLHashEntry *new_hash_entry;
|
| OCSPCacheItem *item;
|
| @@ -1442,7 +1442,7 @@
|
| * DER encodes an OCSP Request, possibly adding a signature as well.
|
| * XXX Signing is not yet supported, however; see comments in code.
|
| * INPUTS:
|
| - * PRArenaPool *arena
|
| + * PLArenaPool *arena
|
| * The return value is allocated from here.
|
| * If a NULL is passed in, allocation is done from the heap instead.
|
| * CERTOCSPRequest *request
|
| @@ -1456,7 +1456,7 @@
|
| * (e.g. no memory).
|
| */
|
| SECItem *
|
| -CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request,
|
| +CERT_EncodeOCSPRequest(PLArenaPool *arena, CERTOCSPRequest *request,
|
| void *pwArg)
|
| {
|
| ocspTBSRequest *tbsRequest;
|
| @@ -1503,7 +1503,7 @@
|
| CERTOCSPRequest *
|
| CERT_DecodeOCSPRequest(const SECItem *src)
|
| {
|
| - PRArenaPool *arena = NULL;
|
| + PLArenaPool *arena = NULL;
|
| SECStatus rv = SECFailure;
|
| CERTOCSPRequest *dest = NULL;
|
| int i;
|
| @@ -1571,7 +1571,7 @@
|
| */
|
|
|
| SECItem *
|
| -ocsp_DigestValue(PRArenaPool *arena, SECOidTag digestAlg,
|
| +ocsp_DigestValue(PLArenaPool *arena, SECOidTag digestAlg,
|
| SECItem *fill, const SECItem *src)
|
| {
|
| const SECHashObject *digestObject;
|
| @@ -1635,7 +1635,7 @@
|
| * results in a NULL being returned (and an appropriate error set).
|
| */
|
| SECItem *
|
| -CERT_GetSPKIDigest(PRArenaPool *arena, const CERTCertificate *cert,
|
| +CERT_GetSPKIDigest(PLArenaPool *arena, const CERTCertificate *cert,
|
| SECOidTag digestAlg, SECItem *fill)
|
| {
|
| SECItem spk;
|
| @@ -1655,7 +1655,7 @@
|
| * Digest the cert's subject name using the specified algorithm.
|
| */
|
| static SECItem *
|
| -cert_GetSubjectNameDigest(PRArenaPool *arena, const CERTCertificate *cert,
|
| +cert_GetSubjectNameDigest(PLArenaPool *arena, const CERTCertificate *cert,
|
| SECOidTag digestAlg, SECItem *fill)
|
| {
|
| SECItem name;
|
| @@ -1680,7 +1680,7 @@
|
| * Other errors are low-level problems (no memory, bad database, etc.).
|
| */
|
| static CERTOCSPCertID *
|
| -ocsp_CreateCertID(PRArenaPool *arena, CERTCertificate *cert, int64 time)
|
| +ocsp_CreateCertID(PLArenaPool *arena, CERTCertificate *cert, PRTime time)
|
| {
|
| CERTOCSPCertID *certID;
|
| CERTCertificate *issuerCert = NULL;
|
| @@ -1760,9 +1760,9 @@
|
| }
|
|
|
| CERTOCSPCertID*
|
| -CERT_CreateOCSPCertID(CERTCertificate *cert, int64 time)
|
| +CERT_CreateOCSPCertID(CERTCertificate *cert, PRTime time)
|
| {
|
| - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| + PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| CERTOCSPCertID *certID;
|
| PORT_Assert(arena != NULL);
|
| if (!arena)
|
| @@ -1781,7 +1781,7 @@
|
| cert_DupOCSPCertID(CERTOCSPCertID *src)
|
| {
|
| CERTOCSPCertID *dest;
|
| - PRArenaPool *arena = NULL;
|
| + PLArenaPool *arena = NULL;
|
|
|
| if (!src) {
|
| PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| @@ -1920,8 +1920,8 @@
|
| * Other errors are low-level problems (no memory, bad database, etc.).
|
| */
|
| static ocspSingleRequest **
|
| -ocsp_CreateSingleRequestList(PRArenaPool *arena, CERTCertList *certList,
|
| - int64 time, PRBool includeLocator)
|
| +ocsp_CreateSingleRequestList(PLArenaPool *arena, CERTCertList *certList,
|
| + PRTime time, PRBool includeLocator)
|
| {
|
| ocspSingleRequest **requestList = NULL;
|
| CERTCertListNode *node = NULL;
|
| @@ -1975,10 +1975,10 @@
|
| }
|
|
|
| static ocspSingleRequest **
|
| -ocsp_CreateRequestFromCert(PRArenaPool *arena,
|
| +ocsp_CreateRequestFromCert(PLArenaPool *arena,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *singleCert,
|
| - int64 time,
|
| + PRTime time,
|
| PRBool includeLocator)
|
| {
|
| ocspSingleRequest **requestList = NULL;
|
| @@ -2015,7 +2015,7 @@
|
| static CERTOCSPRequest *
|
| ocsp_prepareEmptyOCSPRequest(void)
|
| {
|
| - PRArenaPool *arena = NULL;
|
| + PLArenaPool *arena = NULL;
|
| CERTOCSPRequest *request = NULL;
|
| ocspTBSRequest *tbsRequest = NULL;
|
|
|
| @@ -2047,7 +2047,7 @@
|
| CERTOCSPRequest *
|
| cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
|
| CERTCertificate *singleCert,
|
| - int64 time,
|
| + PRTime time,
|
| PRBool addServiceLocator,
|
| CERTCertificate *signerCert)
|
| {
|
| @@ -2095,7 +2095,7 @@
|
| * must be handled by the caller (and thus by having multiple calls
|
| * to this routine), who knows about where the request(s) are being
|
| * sent and whether there are any trusted responders in place.
|
| - * int64 time
|
| + * PRTime time
|
| * Indicates the time for which the certificate status is to be
|
| * determined -- this may be used in the search for the cert's issuer
|
| * but has no effect on the request itself.
|
| @@ -2114,7 +2114,7 @@
|
| * Other errors are low-level problems (no memory, bad database, etc.).
|
| */
|
| CERTOCSPRequest *
|
| -CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
|
| +CERT_CreateOCSPRequest(CERTCertList *certList, PRTime time,
|
| PRBool addServiceLocator,
|
| CERTCertificate *signerCert)
|
| {
|
| @@ -2384,7 +2384,7 @@
|
| * have allocated; it expects its caller to do that.
|
| */
|
| static SECStatus
|
| -ocsp_FinishDecodingSingleResponses(PRArenaPool *reqArena,
|
| +ocsp_FinishDecodingSingleResponses(PLArenaPool *reqArena,
|
| CERTOCSPSingleResponse **responses)
|
| {
|
| ocspCertStatus *certStatus;
|
| @@ -2468,7 +2468,7 @@
|
| * Decode "src" as a BasicOCSPResponse, returning the result.
|
| */
|
| static ocspBasicOCSPResponse *
|
| -ocsp_DecodeBasicOCSPResponse(PRArenaPool *arena, SECItem *src)
|
| +ocsp_DecodeBasicOCSPResponse(PLArenaPool *arena, SECItem *src)
|
| {
|
| void *mark;
|
| ocspBasicOCSPResponse *basicResponse;
|
| @@ -2558,7 +2558,7 @@
|
| * leaving the resulting translated/decoded information in there as well.
|
| */
|
| static SECStatus
|
| -ocsp_DecodeResponseBytes(PRArenaPool *arena, ocspResponseBytes *rbytes)
|
| +ocsp_DecodeResponseBytes(PLArenaPool *arena, ocspResponseBytes *rbytes)
|
| {
|
| PORT_Assert(rbytes != NULL); /* internal error, really */
|
| if (rbytes == NULL) {
|
| @@ -2610,7 +2610,7 @@
|
| CERTOCSPResponse *
|
| CERT_DecodeOCSPResponse(const SECItem *src)
|
| {
|
| - PRArenaPool *arena = NULL;
|
| + PLArenaPool *arena = NULL;
|
| CERTOCSPResponse *response = NULL;
|
| SECStatus rv = SECFailure;
|
| ocspResponseStatus sv;
|
| @@ -3101,7 +3101,7 @@
|
| * errors.
|
| */
|
| static SECItem *
|
| -ocsp_GetEncodedResponse(PRArenaPool *arena, PRFileDesc *sock)
|
| +ocsp_GetEncodedResponse(PLArenaPool *arena, PRFileDesc *sock)
|
| {
|
| /* first read HTTP status line and headers */
|
|
|
| @@ -3338,7 +3338,7 @@
|
| #define MAX_WANTED_OCSP_RESPONSE_LEN 64*1024
|
|
|
| static SECItem *
|
| -fetchOcspHttpClientV1(PRArenaPool *arena,
|
| +fetchOcspHttpClientV1(PLArenaPool *arena,
|
| const SEC_HttpClientFcnV1 *hcv1,
|
| const char *location,
|
| SECItem *encodedRequest)
|
| @@ -3447,7 +3447,7 @@
|
| * Creates and sends a request to an OCSP responder, then reads and
|
| * returns the (encoded) response.
|
| * INPUTS:
|
| - * PRArenaPool *arena
|
| + * PLArenaPool *arena
|
| * Pointer to arena from which return value will be allocated.
|
| * If NULL, result will be allocated from the heap (and thus should
|
| * be freed via SECITEM_FreeItem).
|
| @@ -3461,7 +3461,7 @@
|
| * sent and whether there are any trusted responders in place.
|
| * const char *location
|
| * The location of the OCSP responder (a URL).
|
| - * int64 time
|
| + * PRTime time
|
| * Indicates the time for which the certificate status is to be
|
| * determined -- this may be used in the search for the cert's issuer
|
| * but has no other bearing on the operation.
|
| @@ -3489,8 +3489,8 @@
|
| * Other errors are low-level problems (no memory, bad database, etc.).
|
| */
|
| SECItem *
|
| -CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
|
| - const char *location, int64 time,
|
| +CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
|
| + const char *location, PRTime time,
|
| PRBool addServiceLocator,
|
| CERTCertificate *signerCert, void *pwArg,
|
| CERTOCSPRequest **pRequest)
|
| @@ -3506,9 +3506,9 @@
|
| }
|
|
|
| static SECItem *
|
| -ocsp_GetEncodedOCSPResponseFromRequest(PRArenaPool *arena,
|
| +ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
|
| CERTOCSPRequest *request,
|
| - const char *location, int64 time,
|
| + const char *location, PRTime time,
|
| PRBool addServiceLocator,
|
| void *pwArg,
|
| CERTOCSPRequest **pRequest)
|
| @@ -3566,10 +3566,10 @@
|
| }
|
|
|
| static SECItem *
|
| -ocsp_GetEncodedOCSPResponseForSingleCert(PRArenaPool *arena,
|
| +ocsp_GetEncodedOCSPResponseForSingleCert(PLArenaPool *arena,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *singleCert,
|
| - const char *location, int64 time,
|
| + const char *location, PRTime time,
|
| PRBool addServiceLocator,
|
| void *pwArg,
|
| CERTOCSPRequest **pRequest)
|
| @@ -3878,7 +3878,7 @@
|
| SECItem *tbsResponseDataDER;
|
| CERTCertificate *signerCert = NULL;
|
| SECStatus rv = SECFailure;
|
| - int64 producedAt;
|
| + PRTime producedAt;
|
|
|
| /* ocsp_DecodeBasicOCSPResponse will fail if asn1 decoder is unable
|
| * to properly decode tbsData (see the function and
|
| @@ -4206,7 +4206,7 @@
|
| ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
|
| CERTCertificate *signerCert,
|
| CERTOCSPCertID *certID,
|
| - int64 thisUpdate)
|
| + PRTime thisUpdate)
|
| {
|
| CERTCertificate *issuerCert = NULL, *defRespCert;
|
| SECItem *keyHash = NULL;
|
| @@ -4328,10 +4328,10 @@
|
| #define OCSP_ALLOWABLE_LAPSE_SECONDS (24L * 60L * 60L)
|
|
|
| static PRBool
|
| -ocsp_TimeIsRecent(int64 checkTime)
|
| +ocsp_TimeIsRecent(PRTime checkTime)
|
| {
|
| - int64 now = PR_Now();
|
| - int64 lapse, tmp;
|
| + PRTime now = PR_Now();
|
| + PRTime lapse, tmp;
|
|
|
| LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
|
| LL_I2L(tmp, PR_USEC_PER_SEC);
|
| @@ -4403,10 +4403,10 @@
|
| ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
|
| CERTCertDBHandle *handle,
|
| CERTCertificate *signerCert,
|
| - int64 producedAt)
|
| + PRTime producedAt)
|
| {
|
| CERTOCSPCertID *certID = single->certID;
|
| - int64 now, thisUpdate, nextUpdate, tmstamp, tmp;
|
| + PRTime now, thisUpdate, nextUpdate, tmstamp, tmp;
|
| SECStatus rv;
|
|
|
| OCSP_TRACE(("OCSP ocsp_VerifySingleResponse, nextUpdate: %d\n",
|
| @@ -4492,7 +4492,7 @@
|
| SECItem *encodedAuthInfoAccess = NULL;
|
| CERTAuthInfoAccess **authInfoAccess = NULL;
|
| char *locURI = NULL;
|
| - PRArenaPool *arena = NULL;
|
| + PLArenaPool *arena = NULL;
|
| SECStatus rv;
|
| int i;
|
|
|
| @@ -4646,9 +4646,9 @@
|
| * SECFailure otherwise.
|
| */
|
| static SECStatus
|
| -ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, int64 time)
|
| +ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time)
|
| {
|
| - int64 revokedTime;
|
| + PRTime revokedTime;
|
| SECStatus rv;
|
|
|
| rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
|
| @@ -4671,7 +4671,7 @@
|
| * at the specified time.
|
| */
|
| static SECStatus
|
| -ocsp_CertHasGoodStatus(ocspCertStatus *status, int64 time)
|
| +ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time)
|
| {
|
| SECStatus rv;
|
| switch (status->certStatusType) {
|
| @@ -4697,7 +4697,7 @@
|
|
|
| static SECStatus
|
| ocsp_SingleResponseCertHasGoodStatus(CERTOCSPSingleResponse *single,
|
| - int64 time)
|
| + PRTime time)
|
| {
|
| return ocsp_CertHasGoodStatus(single->certStatus, time);
|
| }
|
| @@ -4713,7 +4713,7 @@
|
| */
|
| SECStatus
|
| ocsp_GetCachedOCSPResponseStatusIfFresh(CERTOCSPCertID *certID,
|
| - int64 time,
|
| + PRTime time,
|
| PRBool ignoreGlobalOcspFailureSetting,
|
| SECStatus *rvOcsp,
|
| SECErrorCodes *missingResponseError)
|
| @@ -4785,7 +4785,7 @@
|
| * XXX in the long term also need a boolean parameter that specifies
|
| * whether to check the cert chain, as well; for now we check only
|
| * the leaf (the specified certificate)
|
| - * int64 time
|
| + * PRTime time
|
| * time for which status is to be determined
|
| * void *pwArg
|
| * argument for password prompting, if needed
|
| @@ -4822,7 +4822,7 @@
|
| */
|
| SECStatus
|
| CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
|
| - int64 time, void *pwArg)
|
| + PRTime time, void *pwArg)
|
| {
|
| CERTOCSPCertID *certID;
|
| PRBool certIDWasConsumed = PR_FALSE;
|
| @@ -4876,7 +4876,7 @@
|
| * certificate DB of the cert that is being checked
|
| * CERTCertificate *cert
|
| * the certificate being checked
|
| - * int64 time
|
| + * PRTime time
|
| * time for which status is to be determined
|
| * SECItem *encodedResponse
|
| * the DER encoded bytes of the OCSP response
|
| @@ -4889,7 +4889,7 @@
|
| SECStatus
|
| CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
|
| CERTCertificate *cert,
|
| - int64 time,
|
| + PRTime time,
|
| const SECItem *encodedResponse,
|
| void *pwArg)
|
| {
|
| @@ -4976,7 +4976,7 @@
|
| ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *cert,
|
| - int64 time,
|
| + PRTime time,
|
| void *pwArg,
|
| PRBool *certIDWasConsumed,
|
| SECStatus *rv_ocsp)
|
| @@ -5082,7 +5082,7 @@
|
| * the cert ID corresponding to |cert|
|
| * CERTCertificate *cert
|
| * the certificate being checked
|
| - * int64 time
|
| + * PRTime time
|
| * time for which status is to be determined
|
| * void *pwArg
|
| * the opaque argument to the password prompting function.
|
| @@ -5104,7 +5104,7 @@
|
| ocsp_CacheEncodedOCSPResponse(CERTCertDBHandle *handle,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *cert,
|
| - int64 time,
|
| + PRTime time,
|
| void *pwArg,
|
| const SECItem *encodedResponse,
|
| PRBool cacheInvalid,
|
| @@ -5195,13 +5195,13 @@
|
| CERTOCSPResponse *response,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *signerCert,
|
| - int64 time,
|
| + PRTime time,
|
| CERTOCSPSingleResponse
|
| **pSingleResponse)
|
| {
|
| SECStatus rv;
|
| ocspResponseData *responseData;
|
| - int64 producedAt;
|
| + PRTime producedAt;
|
| CERTOCSPSingleResponse *single;
|
|
|
| /*
|
| @@ -5244,7 +5244,7 @@
|
| CERTOCSPResponse *response,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *signerCert,
|
| - int64 time)
|
| + PRTime time)
|
| {
|
| /*
|
| * We do not update the cache, because:
|
| @@ -5278,7 +5278,7 @@
|
| CERTOCSPResponse *response,
|
| CERTOCSPCertID *certID,
|
| CERTCertificate *signerCert,
|
| - int64 time,
|
| + PRTime time,
|
| PRBool *certIDWasConsumed,
|
| SECStatus *cacheUpdateStatus)
|
| {
|
|
|
Chromium Code Reviews
Issue 16132005:
Allow NSS to be built with NO_NSPR_10_SUPPORT. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/