| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 /* | 4 /* |
| 5 * pkix_build.c | 5 * pkix_build.c |
| 6 * | 6 * |
| 7 * Top level buildChain function | 7 * Top level buildChain function |
| 8 * | 8 * |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 245 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 256 state->buildConstants.anchors = | 256 state->buildConstants.anchors = |
| 257 parentState->buildConstants.anchors; | 257 parentState->buildConstants.anchors; |
| 258 state->buildConstants.userCheckers = | 258 state->buildConstants.userCheckers = |
| 259 parentState->buildConstants.userCheckers; | 259 parentState->buildConstants.userCheckers; |
| 260 state->buildConstants.hintCerts = | 260 state->buildConstants.hintCerts = |
| 261 parentState->buildConstants.hintCerts; | 261 parentState->buildConstants.hintCerts; |
| 262 state->buildConstants.revChecker = | 262 state->buildConstants.revChecker = |
| 263 parentState->buildConstants.revChecker; | 263 parentState->buildConstants.revChecker; |
| 264 state->buildConstants.aiaMgr = | 264 state->buildConstants.aiaMgr = |
| 265 parentState->buildConstants.aiaMgr; | 265 parentState->buildConstants.aiaMgr; |
| 266 state->buildConstants.trustOnlyUserAnchors = |
| 267 parentState->buildConstants.trustOnlyUserAnchors; |
| 266 } | 268 } |
| 267 | 269 |
| 268 *pState = state; | 270 *pState = state; |
| 269 state = NULL; | 271 state = NULL; |
| 270 cleanup: | 272 cleanup: |
| 271 | 273 |
| 272 PKIX_DECREF(state); | 274 PKIX_DECREF(state); |
| 273 | 275 |
| 274 PKIX_RETURN(FORWARDBUILDERSTATE); | 276 PKIX_RETURN(FORWARDBUILDERSTATE); |
| 275 } | 277 } |
| (...skipping 564 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 840 PKIX_ENTER(BUILD, "pkix_Build_VerifyCertificate"); | 842 PKIX_ENTER(BUILD, "pkix_Build_VerifyCertificate"); |
| 841 PKIX_NULLCHECK_THREE(state, pTrusted, pNeedsCRLChecking); | 843 PKIX_NULLCHECK_THREE(state, pTrusted, pNeedsCRLChecking); |
| 842 PKIX_NULLCHECK_THREE | 844 PKIX_NULLCHECK_THREE |
| 843 (state->candidateCerts, state->prevCert, state->trustChain); | 845 (state->candidateCerts, state->prevCert, state->trustChain); |
| 844 | 846 |
| 845 *pNeedsCRLChecking = PKIX_FALSE; | 847 *pNeedsCRLChecking = PKIX_FALSE; |
| 846 | 848 |
| 847 PKIX_INCREF(state->candidateCert); | 849 PKIX_INCREF(state->candidateCert); |
| 848 candidateCert = state->candidateCert; | 850 candidateCert = state->candidateCert; |
| 849 | 851 |
| 850 /* If user defined trust anchor list is not empty, do not | |
| 851 * trust any certs except to the ones that are in the list */ | |
| 852 if (state->buildConstants.numAnchors) { | 852 if (state->buildConstants.numAnchors) { |
| 853 trustOnlyUserAnchors = PKIX_TRUE; | 853 trustOnlyUserAnchors = state->buildConstants.trustOnlyUserAnchors; |
| 854 } | 854 } |
| 855 | 855 |
| 856 PKIX_CHECK( | 856 PKIX_CHECK( |
| 857 PKIX_PL_Cert_IsCertTrusted(candidateCert, | 857 PKIX_PL_Cert_IsCertTrusted(candidateCert, |
| 858 trustOnlyUserAnchors, | 858 trustOnlyUserAnchors, |
| 859 &trusted, plContext), | 859 &trusted, plContext), |
| 860 PKIX_CERTISCERTTRUSTEDFAILED); | 860 PKIX_CERTISCERTTRUSTEDFAILED); |
| 861 | 861 |
| 862 *pTrusted = trusted; | 862 *pTrusted = trusted; |
| 863 | 863 |
| (...skipping 2606 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3470 buildConstants.testDate = testDate; | 3470 buildConstants.testDate = testDate; |
| 3471 buildConstants.timeLimit = NULL; | 3471 buildConstants.timeLimit = NULL; |
| 3472 buildConstants.targetCert = targetCert; | 3472 buildConstants.targetCert = targetCert; |
| 3473 buildConstants.targetPubKey = targetPubKey; | 3473 buildConstants.targetPubKey = targetPubKey; |
| 3474 buildConstants.certStores = certStores; | 3474 buildConstants.certStores = certStores; |
| 3475 buildConstants.anchors = anchors; | 3475 buildConstants.anchors = anchors; |
| 3476 buildConstants.userCheckers = userCheckers; | 3476 buildConstants.userCheckers = userCheckers; |
| 3477 buildConstants.hintCerts = hintCerts; | 3477 buildConstants.hintCerts = hintCerts; |
| 3478 buildConstants.revChecker = revChecker; | 3478 buildConstants.revChecker = revChecker; |
| 3479 buildConstants.aiaMgr = aiaMgr; | 3479 buildConstants.aiaMgr = aiaMgr; |
| 3480 | 3480 buildConstants.trustOnlyUserAnchors = |
| 3481 procParams->useOnlyTrustAnchors; |
| 3482 |
| 3481 PKIX_CHECK(pkix_Build_GetResourceLimits(&buildConstants, plContext), | 3483 PKIX_CHECK(pkix_Build_GetResourceLimits(&buildConstants, plContext), |
| 3482 PKIX_BUILDGETRESOURCELIMITSFAILED); | 3484 PKIX_BUILDGETRESOURCELIMITSFAILED); |
| 3483 | 3485 |
| 3484 PKIX_CHECK(pkix_ForwardBuilderState_Create | 3486 PKIX_CHECK(pkix_ForwardBuilderState_Create |
| 3485 (0, /* PKIX_UInt32 traversedCACerts */ | 3487 (0, /* PKIX_UInt32 traversedCACerts */ |
| 3486 buildConstants.maxFanout, | 3488 buildConstants.maxFanout, |
| 3487 buildConstants.maxDepth, | 3489 buildConstants.maxDepth, |
| 3488 PKIX_FALSE, /* PKIX_Boolean revCheckDelayed */ | 3490 PKIX_FALSE, /* PKIX_Boolean revCheckDelayed */ |
| 3489 PKIX_TRUE, /* PKIX_Boolean canBeCached */ | 3491 PKIX_TRUE, /* PKIX_Boolean canBeCached */ |
| 3490 NULL, /* PKIX_Date *validityDate */ | 3492 NULL, /* PKIX_Date *validityDate */ |
| (...skipping 26 matching lines...) Expand all Loading... |
| 3517 state->buildConstants.anchors = buildConstants.anchors; | 3519 state->buildConstants.anchors = buildConstants.anchors; |
| 3518 PKIX_INCREF(buildConstants.userCheckers); | 3520 PKIX_INCREF(buildConstants.userCheckers); |
| 3519 state->buildConstants.userCheckers = | 3521 state->buildConstants.userCheckers = |
| 3520 buildConstants.userCheckers; | 3522 buildConstants.userCheckers; |
| 3521 PKIX_INCREF(buildConstants.hintCerts); | 3523 PKIX_INCREF(buildConstants.hintCerts); |
| 3522 state->buildConstants.hintCerts = buildConstants.hintCerts; | 3524 state->buildConstants.hintCerts = buildConstants.hintCerts; |
| 3523 PKIX_INCREF(buildConstants.revChecker); | 3525 PKIX_INCREF(buildConstants.revChecker); |
| 3524 state->buildConstants.revChecker = buildConstants.revChecker; | 3526 state->buildConstants.revChecker = buildConstants.revChecker; |
| 3525 state->buildConstants.aiaMgr = buildConstants.aiaMgr; | 3527 state->buildConstants.aiaMgr = buildConstants.aiaMgr; |
| 3526 aiaMgr = NULL; | 3528 aiaMgr = NULL; |
| 3529 state->buildConstants.trustOnlyUserAnchors = |
| 3530 buildConstants.trustOnlyUserAnchors; |
| 3527 | 3531 |
| 3528 if (buildConstants.maxTime != 0) { | 3532 if (buildConstants.maxTime != 0) { |
| 3529 PKIX_CHECK(PKIX_PL_Date_Create_CurrentOffBySeconds | 3533 PKIX_CHECK(PKIX_PL_Date_Create_CurrentOffBySeconds |
| 3530 (buildConstants.maxTime, | 3534 (buildConstants.maxTime, |
| 3531 &state->buildConstants.timeLimit, | 3535 &state->buildConstants.timeLimit, |
| 3532 plContext), | 3536 plContext), |
| 3533 PKIX_DATECREATECURRENTOFFBYSECONDSFAILED); | 3537 PKIX_DATECREATECURRENTOFFBYSECONDSFAILED); |
| 3534 } | 3538 } |
| 3535 | 3539 |
| 3536 if (pVerifyNode != NULL) { | 3540 if (pVerifyNode != NULL) { |
| (...skipping 271 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3808 *pBuildResult = buildResult; | 3812 *pBuildResult = buildResult; |
| 3809 buildResult = NULL; | 3813 buildResult = NULL; |
| 3810 } | 3814 } |
| 3811 | 3815 |
| 3812 cleanup: | 3816 cleanup: |
| 3813 PKIX_DECREF(buildResult); | 3817 PKIX_DECREF(buildResult); |
| 3814 PKIX_DECREF(state); | 3818 PKIX_DECREF(state); |
| 3815 | 3819 |
| 3816 PKIX_RETURN(BUILD); | 3820 PKIX_RETURN(BUILD); |
| 3817 } | 3821 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12197027:
Merge NSS_3_14_2_RTM. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/