Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(1379)

Unified Diff: lib/ssl/authcert.c

Issue 201830043: Bug 1118245 - Apply uniform style across NSS
Patch Set: Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « lib/ssl/SSLerrs.h ('k') | lib/ssl/cmpcert.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: lib/ssl/authcert.c
===================================================================
--- a/lib/ssl/authcert.c
+++ b/lib/ssl/authcert.c
@@ -11,79 +11,72 @@
#include "secitem.h"
#include "prnetdb.h"
#include "cert.h"
#include "nspr.h"
#include "secder.h"
#include "key.h"
#include "nss.h"
#include "ssl.h"
-#include "pk11func.h" /* for PK11_ function calls */
+#include "pk11func.h" /* for PK11_ function calls */
/*
* This callback used by SSL to pull client sertificate upon
* server request
*/
-SECStatus
-NSS_GetClientAuthData(void * arg,
- PRFileDesc * socket,
- struct CERTDistNamesStr * caNames,
- struct CERTCertificateStr ** pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
- CERTCertificate * cert = NULL;
- SECKEYPrivateKey * privkey = NULL;
- char * chosenNickName = (char *)arg; /* CONST */
- void * proto_win = NULL;
- SECStatus rv = SECFailure;
-
+SECStatus NSS_GetClientAuthData(void *arg, PRFileDesc *socket,
+ struct CERTDistNamesStr *caNames,
+ struct CERTCertificateStr **pRetCert,
+ struct SECKEYPrivateKeyStr **pRetKey) {
+ CERTCertificate *cert = NULL;
+ SECKEYPrivateKey *privkey = NULL;
+ char *chosenNickName = (char *)arg; /* CONST */
+ void *proto_win = NULL;
+ SECStatus rv = SECFailure;
+
proto_win = SSL_RevealPinArg(socket);
-
+
if (chosenNickName) {
- cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
- chosenNickName, certUsageSSLClient,
- PR_FALSE, proto_win);
- if ( cert ) {
+ cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(), chosenNickName,
+ certUsageSSLClient, PR_FALSE, proto_win);
+ if (cert) {
privkey = PK11_FindKeyByAnyCert(cert, proto_win);
- if ( privkey ) {
- rv = SECSuccess;
+ if (privkey) {
+ rv = SECSuccess;
} else {
- CERT_DestroyCertificate(cert);
+ CERT_DestroyCertificate(cert);
}
}
- } else { /* no name given, automatically find the right cert. */
- CERTCertNicknames * names;
- int i;
-
+ } else {/* no name given, automatically find the right cert. */
+ CERTCertNicknames *names;
+ int i;
+
names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
+ SEC_CERT_NICKNAMES_USER, proto_win);
if (names != NULL) {
for (i = 0; i < names->numnicknames; i++) {
- cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
- names->nicknames[i], certUsageSSLClient,
- PR_FALSE, proto_win);
- if ( !cert )
- continue;
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) !=
- secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
- rv = NSS_CmpCertChainWCANames(cert, caNames);
- if ( rv == SECSuccess ) {
- privkey = PK11_FindKeyByAnyCert(cert, proto_win);
- if ( privkey )
- break;
- }
- rv = SECFailure;
- CERT_DestroyCertificate(cert);
- }
+ cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
+ names->nicknames[i], certUsageSSLClient,
+ PR_FALSE, proto_win);
+ if (!cert) continue;
+ /* Only check unexpired certs */
+ if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) !=
+ secCertTimeValid) {
+ CERT_DestroyCertificate(cert);
+ continue;
+ }
+ rv = NSS_CmpCertChainWCANames(cert, caNames);
+ if (rv == SECSuccess) {
+ privkey = PK11_FindKeyByAnyCert(cert, proto_win);
+ if (privkey) break;
+ }
+ rv = SECFailure;
+ CERT_DestroyCertificate(cert);
+ }
CERT_FreeNicknames(names);
}
}
if (rv == SECSuccess) {
*pRetCert = cert;
- *pRetKey = privkey;
+ *pRetKey = privkey;
}
return rv;
}
-
« no previous file with comments | « lib/ssl/SSLerrs.h ('k') | lib/ssl/cmpcert.c » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b