Update NSS to NSS 3.14 pre-release snapshot 2012-06-26 01:00:00 PDT.

mozilla/security/nss/lib/certhigh/ocsp.h

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /*
  * Interface to the OCSP implementation.
  *
  * $Id: ocsp.h,v 1.21 2012/05/31 22:03:36 emaldona%redhat.com Exp $
  */
 
@@ skipping 103 matching lines @@
  * FUNCTION: CERT_SetOCSPDefaultResponder
  *   Specify the location and cert of the default responder.
  *   If OCSP checking is already enabled *and* use of a default responder
  *   is also already enabled, all OCSP checking from now on will go directly
  *   to the specified responder.  If OCSP checking is not enabled, or if
  *   it is but use of a default responder is not enabled, the information
  *   will be recorded and take effect whenever both are enabled.
  * INPUTS:
  *   CERTCertDBHandle *handle
  *     Cert database on which OCSP checking should use the default responder.
- *   char *url
+ *   const char *url
  *     The location of the default responder (e.g. "http://foo.com:80/ocsp")
  *     Note that the location will not be tested until the first attempt
  *     to send a request there.
- *   char *name
+ *   const char *name
  *     The nickname of the cert to trust (expected) to sign the OCSP responses.
  *     If the corresponding cert cannot be found, SECFailure is returned.
  * RETURN:
  *   Returns SECFailure if an error occurred; SECSuccess otherwise.
  *   The most likely error is that the cert for "name" could not be found
  *   (probably SEC_ERROR_UNKNOWN_CERT).  Other errors are low-level (no memory,
  *   bad database, etc.).
  */
 extern SECStatus
 CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
@@ skipping 126 matching lines @@
  *   Decode a DER encoded OCSP Request.
  * INPUTS:
  *   SECItem *src
  *     Pointer to a SECItem holding DER encoded OCSP Request.
  * RETURN:
  *   Returns a pointer to a CERTOCSPRequest containing the decoded request.
  *   On error, returns NULL.  Most likely error is trouble decoding
  *   (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
  */
 extern CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src);
+CERT_DecodeOCSPRequest(const SECItem *src);
 
 /*
  * FUNCTION: CERT_DestroyOCSPRequest
  *   Frees an OCSP Request structure.
  * INPUTS:
  *   CERTOCSPRequest *request
  *     Pointer to CERTOCSPRequest to be freed.
  * RETURN:
  *   No return value; no errors.
  */
@@ skipping 38 matching lines @@
  *     If NULL, result will be allocated from the heap (and thus should
  *     be freed via SECITEM_FreeItem).
  *   CERTCertList *certList
  *     A list of certs for which status will be requested.
  *     Note that all of these certificates should have the same issuer,
  *     or it's expected the response will be signed by a trusted responder.
  *     If the certs need to be broken up into multiple requests, that
  *     must be handled by the caller (and thus by having multiple calls
  *     to this routine), who knows about where the request(s) are being
  *     sent and whether there are any trusted responders in place.
- *   char *location
+ *   const char *location
  *     The location of the OCSP responder (a URL).
  *   PRTime time
  *     Indicates the time for which the certificate status is to be 
  *     determined -- this may be used in the search for the cert's issuer
  *     but has no other bearing on the operation.
  *   PRBool addServiceLocator
  *     If true, the Service Locator extension should be added to the
  *     single request(s) for each cert.
  *   CERTCertificate *signerCert
  *     If non-NULL, means sign the request using this cert.  Otherwise,
@@ skipping 10 matching lines @@
  * RETURN:
  *   Returns a pointer to the SECItem holding the response.
  *   On error, returns null with error set describing the reason:
  *      SEC_ERROR_UNKNOWN_ISSUER
  *      SEC_ERROR_CERT_BAD_ACCESS_LOCATION
  *      SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
  *   Other errors are low-level problems (no memory, bad database, etc.).
  */
 extern SECItem *
 CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
-                            char *location, PRTime time,
+                            const char *location, PRTime time,
                             PRBool addServiceLocator,
                             CERTCertificate *signerCert, void *pwArg,
                             CERTOCSPRequest **pRequest);
 
 /*
  * FUNCTION: CERT_VerifyOCSPResponseSignature
  *   Check the signature on an OCSP Response.  Will also perform a
  *   verification of the signer's certificate.  Note, however, that a
  *   successful verification does not make any statement about the
  *   signer's *authority* to provide status for the certificate(s),
@@ skipping 67 matching lines @@
                         CERT_StringFromCertFcn * oldCallback);
 
 /*
  * FUNCTION: CERT_ParseURL
  *   Parse a URI into hostname, port, and path.  The scheme in the URI must
  *   be "http".
  * INPUTS:
  *   const char *url
  *     The URI to be parsed
  * OUTPUTS:
- *   char *pHostname
+ *   char **pHostname
  *     Pointer to store the hostname obtained from the URI.
  *     This result should be freed (via PORT_Free) when no longer in use.
  *   PRUint16 *pPort
  *     Pointer to store the port number obtained from the URI.
- *   char *pPath
+ *   char **pPath
  *     Pointer to store the path obtained from the URI.
  *     This result should be freed (via PORT_Free) when no longer in use.
  * RETURN:
  *   Returns SECSuccess when parsing was successful. Returns SECFailure when
  *   problems were encountered.
  */
 extern SECStatus
 CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath);
 
 /*
@@ skipping 160 matching lines @@
  *  SECSuccess if freeing the memory was successful.  Returns
  *  SECFailure if the memory passed in was not allocated with
  *  a call to CERT_CreateOCSPCertID.
  */
 extern SECStatus
 CERT_DestroyOCSPCertID(CERTOCSPCertID* certID);
 /************************************************************************/
 SEC_END_PROTOS
 
 #endif /* _OCSP_H_ */