net/base/x509_certificate_nss.cc - Issue 165362: Try to fix crash in OCSP handlers.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/x509_certificate_nss.cc

Issue 165362: Try to fix crash in OCSP handlers. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: '' Created 11 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/x509_certificate_nss.cc

===================================================================

--- net/base/x509_certificate_nss.cc (revision 23680)

+++ net/base/x509_certificate_nss.cc (working copy)

@@ -344,10 +344,6 @@

const SECOidTag* policy_oids,

int num_policy_oids,

CERTValOutParam* cvout) {

- // TODO(wtc): Disable OCSP until we track down the crash in OCSP code.

- // See http://crbug.com/18907.

- bool use_ocsp = false;

PRUint64 revocation_method_flags =

CERT_REV_M_TEST_USING_THIS_METHOD |

CERT_REV_M_ALLOW_NETWORK_FETCHING |

@@ -361,8 +357,6 @@

// revoked if we don't have revocation info.

// TODO(wtc): Add a bool parameter to expressly specify we're doing EV

// verification or we want strict revocation flags.

- if (!use_ocsp)

- return SECFailure; // No OCSP, no EV.

revocation_method_flags |= CERT_REV_M_REQUIRE_INFO_ON_MISSING_SOURCE;

revocation_method_independent_flags |=

CERT_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE;

@@ -375,19 +369,12 @@

method_flags[cert_revocation_method_crl] = revocation_method_flags;

method_flags[cert_revocation_method_ocsp] = revocation_method_flags;

- int number_of_defined_methods;

CERTRevocationMethodIndex preferred_revocation_methods[1];

- if (use_ocsp) {

- number_of_defined_methods = arraysize(method_flags);

- preferred_revocation_methods[0] = cert_revocation_method_ocsp;

- } else {

- number_of_defined_methods = arraysize(method_flags) - 1;

- preferred_revocation_methods[0] = cert_revocation_method_crl;

- }

+ preferred_revocation_methods[0] = cert_revocation_method_ocsp;

CERTRevocationFlags revocation_flags;

revocation_flags.leafTests.number_of_defined_methods =

- number_of_defined_methods;

+ arraysize(method_flags);

revocation_flags.leafTests.cert_rev_flags_per_method = method_flags;

revocation_flags.leafTests.number_of_preferred_methods =

arraysize(preferred_revocation_methods);

@@ -396,7 +383,7 @@

revocation_method_independent_flags;

revocation_flags.chainTests.number_of_defined_methods =

- number_of_defined_methods;

+ arraysize(method_flags);

revocation_flags.chainTests.cert_rev_flags_per_method = method_flags;

revocation_flags.chainTests.number_of_preferred_methods =

arraysize(preferred_revocation_methods);

« no previous file with comments | « no previous file | net/ocsp/nss_ocsp.cc » ('j') | no next file with comments »