Update to NSS 3.12.7 and NSPR 4.8.6....

nss/mozilla/security/nss/lib/certdb/certdb.c

Index: nss/mozilla/security/nss/lib/certdb/certdb.c
===================================================================
--- nss/mozilla/security/nss/lib/certdb/certdb.c	(revision 55475)
+++ nss/mozilla/security/nss/lib/certdb/certdb.c	(working copy)
@@ -39,7 +39,7 @@
 /*
  * Certificate handling code
  *
- * $Id: certdb.c,v 1.102 2010/02/10 02:00:57 wtc%google.com Exp $
+ * $Id: certdb.c,v 1.104 2010/04/25 00:44:55 nelson%bolyard.com Exp $
  */
 
 #include "nssilock.h"
@@ -569,7 +569,7 @@
 
     /* Assert that it is safe to cast &cert->nsCertType to "PRInt32 *" */
     PORT_Assert(sizeof(cert->nsCertType) == sizeof(PRInt32));
-    PR_AtomicSet((PRInt32 *)&cert->nsCertType, nsCertType);
+    PR_ATOMIC_SET((PRInt32 *)&cert->nsCertType, nsCertType);
     return SECSuccess;
 }
 
@@ -1829,13 +1829,7 @@
     }
 
     /* no SAN extension or no names found in extension */
-    /* now try the NS cert name extension first, then the common name */
-    singleName = 
-      CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-    if (!singleName) {
-      singleName = CERT_GetCommonName(&cert->subject);
-    }
-
+    singleName = CERT_GetCommonName(&cert->subject);
     if (singleName) {
       nickNames->numnicknames = 1;
       nickNames->nicknames = PORT_ArenaAlloc(arena, sizeof(char *));
@@ -1884,11 +1878,7 @@
     if (rv == SECSuccess || PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
     	return rv;
 
-    /* try the cert extension first, then the common name */
-    cn = CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-    if ( !cn ) {
-	cn = CERT_GetCommonName(&cert->subject);
-    }
+    cn = CERT_GetCommonName(&cert->subject);
     if ( cn ) {
 	rv = cert_TestHostName(cn, hn);
 	PORT_Free(cn);