Index: net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp |
diff --git a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp |
index 6db75f3662ac7bc72a56a7c059785df9b02a8e62..3ab4cbec33e794583eef85f3532fb336236a41f0 100644 |
--- a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp |
+++ b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp |
@@ -45,7 +45,6 @@ |
#include "base/logging.h" |
#include "crypto/nss_util_internal.h" |
-#include "crypto/scoped_nss_types.h" |
#include "net/base/net_errors.h" |
#include "net/cert/x509_certificate.h" |
#include "net/cert/x509_util_nss.h" |
@@ -61,19 +60,14 @@ |
namespace mozilla_security_manager { |
// Based on nsNSSCertificateDB::handleCACertDownload, minus the UI bits. |
-bool ImportCACerts(const net::CertificateList& certificates, |
+bool ImportCACerts(crypto::ScopedPK11Slot slot, |
+ const net::CertificateList& certificates, |
net::X509Certificate* root, |
net::NSSCertDatabase::TrustBits trustBits, |
net::NSSCertDatabase::ImportCertFailureList* not_imported) { |
- if (certificates.empty() || !root) |
+ if (certificates.empty() || !root || !slot.get()) |
return false; |
- crypto::ScopedPK11Slot slot(crypto::GetPublicNSSKeySlot()); |
- if (!slot.get()) { |
- LOG(ERROR) << "Couldn't get internal key slot!"; |
- return false; |
- } |
- |
// Mozilla had some code here to check if a perm version of the cert exists |
// already and use that, but CERT_NewTempCertificate actually does that |
// itself, so we skip it here. |
@@ -176,18 +170,13 @@ bool ImportCACerts(const net::CertificateList& certificates, |
// Based on nsNSSCertificateDB::ImportServerCertificate. |
bool ImportServerCert( |
+ crypto::ScopedPK11Slot slot, |
const net::CertificateList& certificates, |
net::NSSCertDatabase::TrustBits trustBits, |
net::NSSCertDatabase::ImportCertFailureList* not_imported) { |
- if (certificates.empty()) |
+ if (certificates.empty() || !slot.get()) |
return false; |
- crypto::ScopedPK11Slot slot(crypto::GetPublicNSSKeySlot()); |
- if (!slot.get()) { |
- LOG(ERROR) << "Couldn't get internal key slot!"; |
- return false; |
- } |
- |
for (size_t i = 0; i < certificates.size(); ++i) { |
const scoped_refptr<net::X509Certificate>& cert = certificates[i]; |