← Back to branch summary

~ubuntu-branches/ubuntu/maverick/nss/maverick

« back to all changes in this revision

Viewing changes to mozilla/security/nss/lib/libpkix/pkix/params/pkix_procparams.c

  • Committer: Bazaar Package Importer
  • Author(s): Alexander Sack
  • Date: 2009-06-16 13:23:47 UTC
  • mfrom: (1.1.9 upstream)
  • Revision ID: james.westby@ubuntu.com-20090616132347-311ysb8oep74b98y
Tags: 3.12.3-0ubuntu1
https://launchpad.net/bugs/387751
* new upstream release 3.12.3 RTM (NSS_3_12_3_RTM) (LP: #387751)
* adjust patches to changed upstream code base
  - update debian/patches/38_kbsd.patch
* needs nspr >= 4.7.4
  - update debian/control
* update 85_security_load.patch to latest debian version
  - update debian/patches/85_security_load.patch
* add new symbols for 3.12.3
  - update debian/libnss3-1d.symbols

Show diffs side-by-side

added added

removed removed

Lines of Context:
mozilla/security/nss/lib/libpkix/pkix/params/pkix_procparams.c
72
72
        PKIX_DECREF(params->date);
73
73
        PKIX_DECREF(params->initialPolicies);
74
74
        PKIX_DECREF(params->certChainCheckers);
75
 
        PKIX_DECREF(params->revCheckers);
 
75
        PKIX_DECREF(params->revChecker);
76
76
        PKIX_DECREF(params->certStores);
77
77
        PKIX_DECREF(params->resourceLimits);
78
78
 
224
224
        PKIX_UInt32 initialHash = 0;
225
225
        PKIX_UInt32 rejectedHash = 0;
226
226
        PKIX_UInt32 certChainCheckersHash = 0;
227
 
        PKIX_UInt32 revCheckersHash = 0;
 
227
        PKIX_UInt32 revCheckerHash = 0;
228
228
        PKIX_UInt32 certStoresHash = 0;
229
229
        PKIX_UInt32 resourceLimitsHash = 0;
230
230
 
268
268
                constraintsHash + initialHash + rejectedHash;
269
269
 
270
270
        hash += ((((certStoresHash + resourceLimitsHash) << 7) +
271
 
                certChainCheckersHash + revCheckersHash +
 
271
                certChainCheckersHash + revCheckerHash +
272
272
                procParams->isCrlRevocationCheckingEnabled +
273
273
                procParams->isCrlRevocationCheckingEnabledWithNISTPolicy) << 7);
274
274
 
471
471
                PKIX_OBJECTDUPLICATEFAILED);
472
472
 
473
473
        PKIX_DUPLICATE
474
 
                (params->revCheckers,
475
 
                &(paramsDuplicate->revCheckers),
 
474
                (params->revChecker,
 
475
                &(paramsDuplicate->revChecker),
476
476
                plContext,
477
477
                PKIX_OBJECTDUPLICATEFAILED);
478
478
 
567
567
        PKIX_CHECK(PKIX_List_SetImmutable(params->trustAnchors, plContext),
568
568
                    PKIX_LISTSETIMMUTABLEFAILED);
569
569
 
 
570
        PKIX_CHECK(PKIX_PL_Date_Create_UTCTime
 
571
                   (NULL, &params->date, plContext),
 
572
                   PKIX_DATECREATEUTCTIMEFAILED);
 
573
 
570
574
        params->hintCerts = NULL;
571
575
        params->constraints = NULL;
572
 
        params->date = NULL;
573
576
        params->initialPolicies = NULL;
574
577
        params->initialPolicyMappingInhibit = PKIX_FALSE;
575
578
        params->initialAnyPolicyInhibit = PKIX_FALSE;
576
579
        params->initialExplicitPolicy = PKIX_FALSE;
577
580
        params->qualifiersRejected = PKIX_FALSE;
578
581
        params->certChainCheckers = NULL;
579
 
        params->revCheckers = NULL;
 
582
        params->revChecker = NULL;
580
583
        params->certStores = NULL;
581
584
        params->resourceLimits = NULL;
582
585
 
993
996
}
994
997
 
995
998
/*
996
 
 * FUNCTION: PKIX_ProcessingParams_GetRevocationCheckers
 
999
 * FUNCTION: PKIX_ProcessingParams_GetRevocationChecker
997
1000
 * (see comments in pkix_params.h)
998
1001
 */
999
1002
PKIX_Error *
1000
 
PKIX_ProcessingParams_GetRevocationCheckers(
 
1003
PKIX_ProcessingParams_GetRevocationChecker(
1001
1004
        PKIX_ProcessingParams *params,
1002
 
        PKIX_List **pCheckers,  /* list of PKIX_RevocationChecker */
 
1005
        PKIX_RevocationChecker **pChecker,
1003
1006
        void *plContext)
1004
1007
{
1005
1008
 
1006
1009
        PKIX_ENTER
1007
1010
            (PROCESSINGPARAMS, "PKIX_ProcessingParams_GetRevocationCheckers");
1008
 
        PKIX_NULLCHECK_TWO(params, pCheckers);
1009
 
 
1010
 
        if (params->revCheckers == NULL) {
1011
 
                PKIX_CHECK(PKIX_List_Create
1012
 
                        (&(params->revCheckers), plContext),
1013
 
                        PKIX_LISTCREATEFAILED);
1014
 
        }
1015
 
 
1016
 
        PKIX_INCREF(params->revCheckers);
1017
 
 
1018
 
        *pCheckers = params->revCheckers;
1019
 
 
1020
 
cleanup:
1021
 
 
1022
 
        PKIX_RETURN(PROCESSINGPARAMS);
1023
 
}
1024
 
 
1025
 
/*
1026
 
 * FUNCTION: PKIX_ProcessingParams_SetRevocationCheckers
1027
 
 * (see comments in pkix_params.h)
1028
 
 */
1029
 
PKIX_Error *
1030
 
PKIX_ProcessingParams_SetRevocationCheckers(
1031
 
        PKIX_ProcessingParams *params,
1032
 
        PKIX_List *checkers,  /* list of PKIX_RevocationChecker */
1033
 
        void *plContext)
1034
 
{
1035
 
 
1036
 
        PKIX_ENTER(PROCESSINGPARAMS,
1037
 
                   "PKIX_ProcessingParams_SetRevocationCheckers");
1038
 
        PKIX_NULLCHECK_ONE(params);
1039
 
 
1040
 
        PKIX_DECREF(params->revCheckers);
1041
 
 
1042
 
        PKIX_INCREF(checkers);
1043
 
        params->revCheckers = checkers;
1044
 
 
1045
 
        PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1046
 
                ((PKIX_PL_Object *)params, plContext),
1047
 
                PKIX_OBJECTINVALIDATECACHEFAILED);
1048
 
 
1049
 
cleanup:
1050
 
 
1051
 
        if (PKIX_ERROR_RECEIVED && params) {
1052
 
            PKIX_DECREF(params->revCheckers);
1053
 
        }
1054
 
 
1055
 
        PKIX_RETURN(PROCESSINGPARAMS);
1056
 
}
1057
 
 
1058
 
/*
1059
 
 * FUNCTION: PKIX_ProcessingParams_AddRevocationCheckers
1060
 
 * (see comments in pkix_params.h)
1061
 
 */
1062
 
PKIX_Error *
1063
 
PKIX_ProcessingParams_AddRevocationChecker(
 
1011
        PKIX_NULLCHECK_TWO(params, pChecker);
 
1012
 
 
1013
        PKIX_INCREF(params->revChecker);
 
1014
        *pChecker = params->revChecker;
 
1015
 
 
1016
cleanup:
 
1017
 
 
1018
        PKIX_RETURN(PROCESSINGPARAMS);
 
1019
}
 
1020
 
 
1021
/*
 
1022
 * FUNCTION: PKIX_ProcessingParams_SetRevocationChecker
 
1023
 * (see comments in pkix_params.h)
 
1024
 */
 
1025
PKIX_Error *
 
1026
PKIX_ProcessingParams_SetRevocationChecker(
1064
1027
        PKIX_ProcessingParams *params,
1065
1028
        PKIX_RevocationChecker *checker,
1066
1029
        void *plContext)
1067
1030
{
1068
 
        PKIX_List *list = NULL;
1069
1031
 
1070
1032
        PKIX_ENTER(PROCESSINGPARAMS,
1071
 
                   "PKIX_ProcessingParams_AddRevocationChecker");
1072
 
        PKIX_NULLCHECK_TWO(params, checker);
1073
 
 
1074
 
        if (params->revCheckers == NULL) {
1075
 
 
1076
 
                PKIX_CHECK(PKIX_List_Create(&list, plContext),
1077
 
                    PKIX_LISTCREATEFAILED);
1078
 
 
1079
 
                params->revCheckers = list;
1080
 
        }
1081
 
 
1082
 
        PKIX_CHECK(PKIX_List_AppendItem
1083
 
            (params->revCheckers, (PKIX_PL_Object *)checker, plContext),
1084
 
            PKIX_LISTAPPENDITEMFAILED);
 
1033
                   "PKIX_ProcessingParams_InitRevocationChecker");
 
1034
        PKIX_NULLCHECK_ONE(params);
 
1035
 
 
1036
        PKIX_DECREF(params->revChecker);
 
1037
        PKIX_INCREF(checker);
 
1038
        params->revChecker = checker;
1085
1039
 
1086
1040
        PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1087
 
            ((PKIX_PL_Object *)params, plContext),
1088
 
            PKIX_OBJECTINVALIDATECACHEFAILED);
1089
 
 
1090
 
        list = NULL;
1091
 
 
 
1041
                ((PKIX_PL_Object *)params, plContext),
 
1042
                PKIX_OBJECTINVALIDATECACHEFAILED);
1092
1043
cleanup:
1093
1044
 
1094
 
        if (list && params) {
1095
 
            PKIX_DECREF(params->revCheckers);
1096
 
        }
1097
1045
        PKIX_RETURN(PROCESSINGPARAMS);
1098
1046
}
1099
1047
 
1190
1138
}
1191
1139
 
1192
1140
/*
1193
 
 * FUNCTION: PKIX_ProcessingParams_IsCRLRevocationCheckingEnabled
1194
 
 * (see comments in pkix_params.h)
1195
 
 */
1196
 
PKIX_Error *
1197
 
PKIX_ProcessingParams_IsCRLRevocationCheckingEnabled(
1198
 
        PKIX_ProcessingParams *params,
1199
 
        PKIX_Boolean *pEnabled,
1200
 
        void *plContext)
1201
 
{
1202
 
 
1203
 
        PKIX_ENTER(PROCESSINGPARAMS,
1204
 
                    "PKIX_ProcessingParams_IsCRLRevocationCheckingEnabled");
1205
 
        PKIX_NULLCHECK_TWO(params, pEnabled);
1206
 
 
1207
 
        *pEnabled = params->isCrlRevocationCheckingEnabled;
1208
 
 
1209
 
        PKIX_RETURN(PROCESSINGPARAMS);
1210
 
}
1211
 
 
1212
 
/*
1213
 
 * FUNCTION: PKIX_ProcessingParams_SetRevocationEnabled
1214
 
 * (see comments in pkix_params.h)
1215
 
 */
1216
 
PKIX_Error *
1217
 
PKIX_ProcessingParams_SetRevocationEnabled(
1218
 
        PKIX_ProcessingParams *params,
1219
 
        PKIX_Boolean enabled,
1220
 
        void *plContext)
1221
 
{
1222
 
 
1223
 
        PKIX_ENTER(PROCESSINGPARAMS,
1224
 
                    "PKIX_ProcessingParams_SetRevocationEnabled");
1225
 
        PKIX_NULLCHECK_ONE(params);
1226
 
 
1227
 
        params->isCrlRevocationCheckingEnabled = enabled;
1228
 
 
1229
 
        PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1230
 
                    ((PKIX_PL_Object *)params, plContext),
1231
 
                    PKIX_OBJECTINVALIDATECACHEFAILED);
1232
 
 
1233
 
cleanup:
1234
 
 
1235
 
        PKIX_RETURN(PROCESSINGPARAMS);
1236
 
}
1237
 
 
1238
 
/*
1239
 
 * FUNCTION: pkix_ProcessingParams_GetRevocationEnabled
1240
 
 *
1241
 
 * DESCRIPTION:
1242
 
 *  Retrieves the boolean value indicating whether Revocation Checking
1243
 
 *  should be performed, from the ProcessingParams pointed to by "params",
1244
 
 *  and stores the result at "pEnable".
1245
 
 *
1246
 
 * PARAMETERS:
1247
 
 *  "params"
1248
 
 *      Address of ProcessingParams whose revocationEnabled flag is to be
1249
 
 *      retrieved. Must be non-NULL.
1250
 
 *  "pEnable"
1251
 
 *      Address where Boolean value will be stored. Must be non-NULL.
1252
 
 *  "plContext"
1253
 
 *      Platform-specific context pointer.
1254
 
 *
1255
 
 * THREAD SAFETY:
1256
 
 *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
1257
 
 *
1258
 
 * RETURNS:
1259
 
 *  Returns NULL if the function succeeds.
1260
 
 *  Returns a Fatal Error if the function fails in an unrecoverable way.
1261
 
 */
1262
 
PKIX_Error *
1263
 
pkix_ProcessingParams_GetRevocationEnabled(
1264
 
        PKIX_ProcessingParams *params,
1265
 
        PKIX_Boolean *pEnabled,
1266
 
        void *plContext)
1267
 
{
1268
 
 
1269
 
        PKIX_ENTER(PROCESSINGPARAMS,
1270
 
                    "pkix_ProcessingParams_GetRevocationEnabled");
1271
 
 
1272
 
        PKIX_NULLCHECK_TWO(params, pEnabled);
1273
 
 
1274
 
        *pEnabled = params->isCrlRevocationCheckingEnabled;
1275
 
 
1276
 
        PKIX_RETURN(PROCESSINGPARAMS);
1277
 
}
1278
 
 
1279
 
/*
1280
 
 * FUNCTION: PKIX_ProcessingParams_IsNISTRevocationPolicyEnabled
1281
 
 * (see comments in pkix_params.h)
1282
 
 */
1283
 
PKIX_Error *
1284
 
PKIX_ProcessingParams_IsNISTRevocationPolicyEnabled(
1285
 
        PKIX_ProcessingParams *params,
1286
 
        PKIX_Boolean *pEnabled,
1287
 
        void *plContext)
1288
 
{
1289
 
 
1290
 
        PKIX_ENTER(PROCESSINGPARAMS,
1291
 
                    "PKIX_ProcessingParams_IsNISTRevocationPolicyEnabled");
1292
 
        PKIX_NULLCHECK_TWO(params, pEnabled);
1293
 
 
1294
 
        *pEnabled = params->isCrlRevocationCheckingEnabledWithNISTPolicy;
1295
 
 
1296
 
        PKIX_RETURN(PROCESSINGPARAMS);
1297
 
}
1298
 
 
1299
 
/*
1300
 
 * FUNCTION: PKIX_ProcessingParams_SetNISTRevocationPolicyEnabled
1301
 
 * (see comments in pkix_params.h)
1302
 
 */
1303
 
PKIX_Error *
1304
 
PKIX_ProcessingParams_SetNISTRevocationPolicyEnabled(
1305
 
        PKIX_ProcessingParams *params,
1306
 
        PKIX_Boolean enabled,
1307
 
        void *plContext)
1308
 
{
1309
 
 
1310
 
        PKIX_ENTER(PROCESSINGPARAMS,
1311
 
                    "PKIX_ProcessingParams_SetNISTRevocationPolicyEnabled");
1312
 
        PKIX_NULLCHECK_ONE(params);
1313
 
 
1314
 
        params->isCrlRevocationCheckingEnabledWithNISTPolicy = enabled;
1315
 
 
1316
 
        PKIX_CHECK(PKIX_PL_Object_InvalidateCache
1317
 
                    ((PKIX_PL_Object *)params, plContext),
1318
 
                    PKIX_OBJECTINVALIDATECACHEFAILED);
1319
 
 
1320
 
cleanup:
1321
 
 
1322
 
        PKIX_RETURN(PROCESSINGPARAMS);
1323
 
}
1324
 
 
1325
 
/*
1326
 
 * FUNCTION: pkix_ProcessingParams_GetNISTRevocationPolicyEnabled
1327
 
 *
1328
 
 * DESCRIPTION:
1329
 
 *  Retrieves the boolean value from the ProcessingParams pointed to by
1330
 
 *  "params", and stores the result at "pEnable". The value indicates
1331
 
 *  whether Revocation Checking should be performed according to nist
1332
 
 *  revocation policy.
1333
 
 *
1334
 
 * PARAMETERS:
1335
 
 *  "params"
1336
 
 *      Address of ProcessingParams whose revocationEnabledWithNistPolicy
1337
 
 *      flag is to be retrieved. Must be non-NULL.
1338
 
 *  "pEnable"
1339
 
 *      Address where Boolean value will be stored. Must be non-NULL.
1340
 
 *  "plContext"
1341
 
 *      Platform-specific context pointer.
1342
 
 *
1343
 
 * THREAD SAFETY:
1344
 
 *  Thread Safe (see Thread Safety Definitions in Programmer's Guide)
1345
 
 *
1346
 
 * RETURNS:
1347
 
 *  Returns NULL if the function succeeds.
1348
 
 *  Returns a Fatal Error if the function fails in an unrecoverable way.
1349
 
 */
1350
 
PKIX_Error *
1351
 
pkix_ProcessingParams_GetNISTRevocationPolicyEnabled(
1352
 
        PKIX_ProcessingParams *params,
1353
 
        PKIX_Boolean *pEnabled,
1354
 
        void *plContext)
1355
 
{
1356
 
 
1357
 
        PKIX_ENTER(PROCESSINGPARAMS,
1358
 
                    "pkix_ProcessingParams_GetNISTRevocationPolicyEnabled");
1359
 
 
1360
 
        PKIX_NULLCHECK_TWO(params, pEnabled);
1361
 
 
1362
 
        *pEnabled = params->isCrlRevocationCheckingEnabledWithNISTPolicy;
1363
 
 
1364
 
        PKIX_RETURN(PROCESSINGPARAMS);
1365
 
}
1366
 
 
1367
 
/*
1368
1141
 * FUNCTION: PKIX_ProcessingParams_SetResourceLimits
1369
1142
 * (see comments in pkix_params.h)
1370
1143
 */