70aaeb7aa3
- Don't make the database unreadable just yet.
56 lines
1.5 KiB
Diff
56 lines
1.5 KiB
Diff
From 406a08cc45a2d0761294002d946ee3381a4706ee Mon Sep 17 00:00:00 2001
|
|
From: Peter Jones <pjones@redhat.com>
|
|
Date: Wed, 17 Oct 2012 09:53:07 -0400
|
|
Subject: [PATCH 1/4] Use PK11_TraverseCertsForNicknameInSlot after all.
|
|
|
|
As of 76bc13c it doesn't appear to be leaky any more, and it does a
|
|
better job of disinguishing between certificates with the same nickname
|
|
than we did when doing it by hand.
|
|
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
---
|
|
src/cms_common.c | 20 ++++++++++----------
|
|
1 file changed, 10 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/src/cms_common.c b/src/cms_common.c
|
|
index 644b44c..2d51979 100644
|
|
--- a/src/cms_common.c
|
|
+++ b/src/cms_common.c
|
|
@@ -465,23 +465,23 @@ err_slots:
|
|
goto err_slots_errmsg;
|
|
}
|
|
|
|
+ SECItem nickname = {
|
|
+ .data = (void *)cms->certname,
|
|
+ .len = strlen(cms->certname) + 1,
|
|
+ .type = siUTF8String,
|
|
+ };
|
|
struct cbdata cbdata = {
|
|
.cert = NULL,
|
|
.psle = psle,
|
|
.pwdata = pwdata,
|
|
};
|
|
|
|
- CERTCertListNode *node = NULL;
|
|
- for (node = CERT_LIST_HEAD(certlist); !CERT_LIST_END(node,certlist);
|
|
- node = CERT_LIST_NEXT(node)) {
|
|
- if (strcmp(cms->certname, node->cert->nickname))
|
|
- continue;
|
|
+ status = PK11_TraverseCertsForNicknameInSlot(&nickname, psle->slot,
|
|
+ is_valid_cert, &cbdata);
|
|
+ if (cbdata.cert == NULL)
|
|
+ goto err_slots;
|
|
|
|
- if (is_valid_cert(node->cert, &cbdata) == SECSuccess) {
|
|
- cms->cert = CERT_DupCertificate(cbdata.cert);
|
|
- break;
|
|
- }
|
|
- }
|
|
+ cms->cert = CERT_DupCertificate(cbdata.cert);
|
|
|
|
PK11_DestroySlotListElement(slots, &psle);
|
|
PK11_FreeSlotList(slots);
|
|
--
|
|
1.7.12.1
|
|
|