Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(258)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c

Issue 195763027: Update NSS to NSS_3_16_RC0. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Use the RTM tag Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « nss/lib/libpkix/pkix/params/pkix_trustanchor.c ('k') | nss/lib/nss/nss.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * pkix_pl_cert.c 5 * pkix_pl_cert.c
6 * 6 *
7 * Certificate Object Functions 7 * Certificate Object Functions
8 * 8 *
9 */ 9 */
10 10
(...skipping 3117 matching lines...) Expand 10 before | Expand all | Expand 10 after
3128 } 3128 }
3129 3129
3130 /* 3130 /*
3131 * FUNCTION: PKIX_PL_Cert_CheckNameConstraints 3131 * FUNCTION: PKIX_PL_Cert_CheckNameConstraints
3132 * (see comments in pkix_pl_pki.h) 3132 * (see comments in pkix_pl_pki.h)
3133 */ 3133 */
3134 PKIX_Error * 3134 PKIX_Error *
3135 PKIX_PL_Cert_CheckNameConstraints( 3135 PKIX_PL_Cert_CheckNameConstraints(
3136 PKIX_PL_Cert *cert, 3136 PKIX_PL_Cert *cert,
3137 PKIX_PL_CertNameConstraints *nameConstraints, 3137 PKIX_PL_CertNameConstraints *nameConstraints,
3138 PKIX_Boolean treatCommonNameAsDNSName,
3138 void *plContext) 3139 void *plContext)
3139 { 3140 {
3140 PKIX_Boolean checkPass = PKIX_TRUE; 3141 PKIX_Boolean checkPass = PKIX_TRUE;
3141 CERTGeneralName *nssSubjectNames = NULL; 3142 CERTGeneralName *nssSubjectNames = NULL;
3142 PLArenaPool *arena = NULL; 3143 PLArenaPool *arena = NULL;
3143 3144
3144 PKIX_ENTER(CERT, "PKIX_PL_Cert_CheckNameConstraints"); 3145 PKIX_ENTER(CERT, "PKIX_PL_Cert_CheckNameConstraints");
3145 PKIX_NULLCHECK_ONE(cert); 3146 PKIX_NULLCHECK_ONE(cert);
3146 3147
3147 if (nameConstraints != NULL) { 3148 if (nameConstraints != NULL) {
3148 3149
3149 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); 3150 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
3150 if (arena == NULL) { 3151 if (arena == NULL) {
3151 PKIX_ERROR(PKIX_OUTOFMEMORY); 3152 PKIX_ERROR(PKIX_OUTOFMEMORY);
3152 } 3153 }
3153 3154
3154 /* This NSS call returns both Subject and Subject Alt Names */ 3155 /* This NSS call returns Subject Alt Names. If
3156 * treatCommonNameAsDNSName is true, it also returns the
3157 * Subject Common Name
3158 */
3155 PKIX_CERT_DEBUG 3159 PKIX_CERT_DEBUG
3156 ("\t\tCalling CERT_GetConstrainedCertificateNames\n"); 3160 ("\t\tCalling CERT_GetConstrainedCertificateNames\n");
3157 nssSubjectNames = CERT_GetConstrainedCertificateNames 3161 nssSubjectNames = CERT_GetConstrainedCertificateNames
3158 (cert->nssCert, arena, PR_TRUE); 3162 (cert->nssCert, arena, treatCommonNameAsDNSName);
3159 3163
3160 PKIX_CHECK(pkix_pl_CertNameConstraints_CheckNameSpaceNssNames 3164 PKIX_CHECK(pkix_pl_CertNameConstraints_CheckNameSpaceNssNames
3161 (nssSubjectNames, 3165 (nssSubjectNames,
3162 nameConstraints, 3166 nameConstraints,
3163 &checkPass, 3167 &checkPass,
3164 plContext), 3168 plContext),
3165 PKIX_CERTNAMECONSTRAINTSCHECKNAMESPACENSSNAMESFAILED); 3169 PKIX_CERTNAMECONSTRAINTSCHECKNAMESPACENSSNAMESFAILED);
3166 3170
3167 if (checkPass != PKIX_TRUE) { 3171 if (checkPass != PKIX_TRUE) {
3168 PKIX_ERROR(PKIX_CERTFAILEDNAMECONSTRAINTSCHECKING); 3172 PKIX_ERROR(PKIX_CERTFAILEDNAMECONSTRAINTSCHECKING);
(...skipping 534 matching lines...) Expand 10 before | Expand all | Expand 10 after
3703 CERTCertificate **pnssCert, 3707 CERTCertificate **pnssCert,
3704 void *plContext) 3708 void *plContext)
3705 { 3709 {
3706 PKIX_ENTER(CERT, "PKIX_PL_Cert_GetNssCert"); 3710 PKIX_ENTER(CERT, "PKIX_PL_Cert_GetNssCert");
3707 PKIX_NULLCHECK_TWO(cert, pnssCert); 3711 PKIX_NULLCHECK_TWO(cert, pnssCert);
3708 3712
3709 *pnssCert = CERT_DupCertificate(cert->nssCert); 3713 *pnssCert = CERT_DupCertificate(cert->nssCert);
3710 3714
3711 PKIX_RETURN(CERT); 3715 PKIX_RETURN(CERT);
3712 } 3716 }
OLDNEW
« no previous file with comments | « nss/lib/libpkix/pkix/params/pkix_trustanchor.c ('k') | nss/lib/nss/nss.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698