Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(546)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp

Issue 8566056: This applies GUIDs to certificate and key nicknames when (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Final review changes Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/base/x509_certificate_nss.cc ('k') | net/third_party/mozilla_security_manager/nsPKCS12Blob.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
diff --git a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
index 3e50cd1f41704b44f2e346f30ad29e7881af3d1e..0cf430d793195af800d8e5746bbdea134f892e0e 100644
--- a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
+++ b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
@@ -80,14 +80,12 @@ bool ImportCACerts(const net::CertificateList& certificates,
// Mozilla uses CERT_AddTempCertToPerm, however it is privately exported,
// and it doesn't take the slot as an argument either. Instead, we use
// PK11_ImportCert and CERT_ChangeCertTrust.
- char* nickname = CERT_MakeCANickname(root->os_cert_handle());
- if (!nickname)
- return false;
- SECStatus srv = PK11_ImportCert(slot.get(), root->os_cert_handle(),
- CK_INVALID_HANDLE,
- nickname,
- PR_FALSE /* includeTrust (unused) */);
- PORT_Free(nickname);
+ SECStatus srv = PK11_ImportCert(
+ slot.get(),
+ root->os_cert_handle(),
+ CK_INVALID_HANDLE,
+ root->GetDefaultNickname(net::CA_CERT).c_str(),
+ PR_FALSE /* includeTrust (unused) */);
if (srv != SECSuccess) {
LOG(ERROR) << "PK11_ImportCert failed with error " << PORT_GetError();
return false;
@@ -139,14 +137,12 @@ bool ImportCACerts(const net::CertificateList& certificates,
// Mozilla uses CERT_ImportCerts, which doesn't take a slot arg. We use
// PK11_ImportCert instead.
- char* nickname = CERT_MakeCANickname(cert->os_cert_handle());
- if (!nickname)
- return false;
- SECStatus srv = PK11_ImportCert(slot.get(), cert->os_cert_handle(),
- CK_INVALID_HANDLE,
- nickname,
- PR_FALSE /* includeTrust (unused) */);
- PORT_Free(nickname);
+ SECStatus srv = PK11_ImportCert(
+ slot.get(),
+ cert->os_cert_handle(),
+ CK_INVALID_HANDLE,
+ cert->GetDefaultNickname(net::CA_CERT).c_str(),
+ PR_FALSE /* includeTrust (unused) */);
if (srv != SECSuccess) {
LOG(ERROR) << "PK11_ImportCert failed with error " << PORT_GetError();
// TODO(mattm): Should we bail or continue on error here? Mozilla doesn't
@@ -174,10 +170,12 @@ bool ImportServerCert(const net::CertificateList& certificates,
// Mozilla uses CERT_ImportCerts, which doesn't take a slot arg. We use
// PK11_ImportCert instead.
- SECStatus srv = PK11_ImportCert(slot.get(), cert->os_cert_handle(),
- CK_INVALID_HANDLE,
- cert->subject().GetDisplayName().c_str(),
- PR_FALSE /* includeTrust (unused) */);
+ SECStatus srv = PK11_ImportCert(
+ slot.get(),
+ cert->os_cert_handle(),
+ CK_INVALID_HANDLE,
+ cert->GetDefaultNickname(net::SERVER_CERT).c_str(),
+ PR_FALSE /* includeTrust (unused) */);
if (srv != SECSuccess) {
LOG(ERROR) << "PK11_ImportCert failed with error " << PORT_GetError();
not_imported->push_back(net::CertDatabase::ImportCertFailure(
« no previous file with comments | « net/base/x509_certificate_nss.cc ('k') | net/third_party/mozilla_security_manager/nsPKCS12Blob.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698