Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(30)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/libpkix/pkix/checker/pkix_revocationchecker.c

Issue 1504923011: Update NSS to 3.21 RTM and NSPR to 4.11 RTM (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/nss
Patch Set: Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« nss/lib/freebl/ecl/ecp_jac.c ('K') | « nss/lib/libpkix/pkix/checker/pkix_revocationchecker.h ('k') | nss/lib/libpkix/pkix/checker/pkix_revocationmethod.h » ('j') | nss/lib/util/pkcs11n.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * pkix_revocationchecker.c 5 * pkix_revocationchecker.c
6 * 6 *
7 * RevocationChecker Object Functions 7 * RevocationChecker Object Functions
8 * 8 *
9 */ 9 */
10 10
(...skipping 331 matching lines...) Expand 10 before | Expand all | Expand 10 after
342 342
343 PORT_Memset(methodStatus, PKIX_RevStatus_NoInfo, 343 PORT_Memset(methodStatus, PKIX_RevStatus_NoInfo,
344 sizeof(PKIX_RevocationStatus) * PKIX_RevocationMethod_MAX); 344 sizeof(PKIX_RevocationStatus) * PKIX_RevocationMethod_MAX);
345 345
346 date = procParams->date; 346 date = procParams->date;
347 347
348 /* Need to have two loops if we testing all local info first: 348 /* Need to have two loops if we testing all local info first:
349 * first we are going to test all local(cached) info 349 * first we are going to test all local(cached) info
350 * second, all remote info(fetching) */ 350 * second, all remote info(fetching) */
351 for (tries = 0;tries < 2;tries++) { 351 for (tries = 0;tries < 2;tries++) {
352 int methodNum = 0; 352 unsigned int methodNum = 0;
353 for (;methodNum < revList->length;methodNum++) { 353 for (;methodNum < revList->length;methodNum++) {
354 PKIX_UInt32 methodFlags = 0; 354 PKIX_UInt32 methodFlags = 0;
355 355
356 PKIX_DECREF(method); 356 PKIX_DECREF(method);
357 PKIX_CHECK( 357 PKIX_CHECK(
358 PKIX_List_GetItem(revList, methodNum, 358 PKIX_List_GetItem(revList, methodNum,
359 (PKIX_PL_Object**)&method, plContext), 359 (PKIX_PL_Object**)&method, plContext),
360 PKIX_LISTGETITEMFAILED); 360 PKIX_LISTGETITEMFAILED);
361 methodFlags = method->flags; 361 methodFlags = method->flags;
362 if (!(methodFlags & PKIX_REV_M_TEST_USING_THIS_METHOD)) { 362 if (!(methodFlags & PKIX_REV_M_TEST_USING_THIS_METHOD)) {
363 /* Will not check with this method. Skipping... */ 363 /* Will not check with this method. Skipping... */
364 continue; 364 continue;
365 } 365 }
366 if (!onlyUseRemoteMethods && 366 if (!onlyUseRemoteMethods &&
367 methodStatus[methodNum] == PKIX_RevStatus_NoInfo) { 367 methodStatus[methodNum] == PKIX_RevStatus_NoInfo) {
368 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; 368 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
369 PKIX_CHECK_NO_GOTO( 369 PKIX_CHECK_NO_GOTO(
370 (*method->localRevChecker)(cert, issuer, date, 370 (*method->localRevChecker)(cert, issuer, date,
371 method, procParams, 371 method, procParams,
372 methodFlags, 372 methodFlags,
373 chainVerificationState, 373 chainVerificationState,
374 &revStatus, 374 &revStatus,
375 pReasonCode, plContext), 375 (CERTCRLEntryReasonCode *)pReason Code,
376 plContext),
376 PKIX_REVCHECKERCHECKFAILED); 377 PKIX_REVCHECKERCHECKFAILED);
377 methodStatus[methodNum] = revStatus; 378 methodStatus[methodNum] = revStatus;
378 if (revStatus == PKIX_RevStatus_Revoked) { 379 if (revStatus == PKIX_RevStatus_Revoked) {
379 /* if error was generated use it as final error. */ 380 /* if error was generated use it as final error. */
380 overallStatus = PKIX_RevStatus_Revoked; 381 overallStatus = PKIX_RevStatus_Revoked;
381 goto cleanup; 382 goto cleanup;
382 } 383 }
383 if (pkixErrorResult) { 384 if (pkixErrorResult) {
384 /* Disregard errors. Only returned revStatus matters. */ 385 /* Disregard errors. Only returned revStatus matters. */
385 PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResult, 386 PKIX_PL_Object_DecRef((PKIX_PL_Object*)pkixErrorResult,
386 plContext); 387 plContext);
387 pkixErrorResult = NULL; 388 pkixErrorResult = NULL;
388 } 389 }
389 } 390 }
390 if ((!(revFlags & PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST) || 391 if ((!(revFlags & PKIX_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST) ||
391 onlyUseRemoteMethods) && 392 onlyUseRemoteMethods) &&
392 chainVerificationState && 393 chainVerificationState &&
393 methodStatus[methodNum] == PKIX_RevStatus_NoInfo) { 394 methodStatus[methodNum] == PKIX_RevStatus_NoInfo) {
394 if (!(methodFlags & PKIX_REV_M_FORBID_NETWORK_FETCHING)) { 395 if (!(methodFlags & PKIX_REV_M_FORBID_NETWORK_FETCHING)) {
395 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo; 396 PKIX_RevocationStatus revStatus = PKIX_RevStatus_NoInfo;
396 PKIX_CHECK_NO_GOTO( 397 PKIX_CHECK_NO_GOTO(
397 (*method->externalRevChecker)(cert, issuer, date, 398 (*method->externalRevChecker)(cert, issuer, date,
398 method, 399 method,
399 procParams, methodFlags, 400 procParams, methodFlags,
400 &revStatus, pReasonCode, 401 &revStatus,
402 (CERTCRLEntryReasonCode *) pReasonCode,
401 &nbioContext, plContext), 403 &nbioContext, plContext),
402 PKIX_REVCHECKERCHECKFAILED); 404 PKIX_REVCHECKERCHECKFAILED);
403 methodStatus[methodNum] = revStatus; 405 methodStatus[methodNum] = revStatus;
404 if (revStatus == PKIX_RevStatus_Revoked) { 406 if (revStatus == PKIX_RevStatus_Revoked) {
405 /* if error was generated use it as final error. */ 407 /* if error was generated use it as final error. */
406 overallStatus = PKIX_RevStatus_Revoked; 408 overallStatus = PKIX_RevStatus_Revoked;
407 goto cleanup; 409 goto cleanup;
408 } 410 }
409 if (pkixErrorResult) { 411 if (pkixErrorResult) {
410 /* Disregard errors. Only returned revStatus matters. */ 412 /* Disregard errors. Only returned revStatus matters. */
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
464 } 466 }
465 } 467 }
466 468
467 cleanup: 469 cleanup:
468 *pRevStatus = overallStatus; 470 *pRevStatus = overallStatus;
469 PKIX_DECREF(method); 471 PKIX_DECREF(method);
470 472
471 PKIX_RETURN(REVOCATIONCHECKER); 473 PKIX_RETURN(REVOCATIONCHECKER);
472 } 474 }
473 475
OLDNEW
« nss/lib/freebl/ecl/ecp_jac.c ('K') | « nss/lib/libpkix/pkix/checker/pkix_revocationchecker.h ('k') | nss/lib/libpkix/pkix/checker/pkix_revocationmethod.h » ('j') | nss/lib/util/pkcs11n.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698