wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1241646 - remove unused token arguments from nsIX509CertDB r=keeler

Browse Source
This commit is contained in:
simplyblue 2016-01-30 13:50:58 +05:30
parent a36aa95b54
commit 964cc276c9
13 changed files with 55 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
devtools/shared/security/LocalCertService.cpp
View File

@ -258,7 +258,7 @@ private:
nsCOMPtr<nsIX509Cert> certFromDB;
nsresult rv;
rv = certDB->FindCertByNickname(nullptr, NS_ConvertASCIItoUTF16(mNickname),
rv = certDB->FindCertByNickname(NS_ConvertASCIItoUTF16(mNickname),
getter_AddRefs(certFromDB));
if (NS_FAILED(rv)) {
return rv;

6
security/manager/pki/resources/content/certManager.js
View File

@ -506,7 +506,7 @@ function addCACerts()
gCertFileTypes);
fp.appendFilters(nsIFilePicker.filterAll);
if (fp.show() == nsIFilePicker.returnOK) {
certdb.importCertsFromFile(null, fp.file, nsIX509Cert.CA_CERT);
certdb.importCertsFromFile(fp.file, nsIX509Cert.CA_CERT);
caTreeView.loadCerts(nsIX509Cert.CA_CERT);
caTreeView.selection.clearSelection();
}
@ -540,7 +540,7 @@ function addEmailCert()
gCertFileTypes);
fp.appendFilters(nsIFilePicker.filterAll);
if (fp.show() == nsIFilePicker.returnOK) {
certdb.importCertsFromFile(null, fp.file, nsIX509Cert.EMAIL_CERT);
certdb.importCertsFromFile(fp.file, nsIX509Cert.EMAIL_CERT);
var certcache = certdb.getCerts();
emailTreeView.loadCertsFromCache(certcache, nsIX509Cert.EMAIL_CERT);
emailTreeView.selection.clearSelection();
@ -560,7 +560,7 @@ function addWebSiteCert()
gCertFileTypes);
fp.appendFilters(nsIFilePicker.filterAll);
if (fp.show() == nsIFilePicker.returnOK) {
certdb.importCertsFromFile(null, fp.file, nsIX509Cert.SERVER_CERT);
certdb.importCertsFromFile(fp.file, nsIX509Cert.SERVER_CERT);
var certcache = certdb.getCerts();
serverTreeView.loadCertsFromCache(certcache, nsIX509Cert.SERVER_CERT);

2
security/manager/pki/resources/content/editcerts.js
View File

@ -22,7 +22,7 @@ function setWindowName()
// Get the cert from the cert database
certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
cert = certdb.findCertByDBKey(dbkey, null);
cert = certdb.findCertByDBKey(dbkey);
var bundle = document.getElementById("pippki_bundle");

6
security/manager/pki/resources/content/viewCertDetails.js
View File

@ -76,7 +76,7 @@ function setWindowName()
//var token = pk11db.findTokenByName(tokenName);
//var cert = certdb.findCertByNickname(token, myName);
cert = certdb.findCertByNickname(null, myName);
cert = certdb.findCertByNickname(myName);
} else {
var params = window.arguments[0].QueryInterface(nsIDialogParamBlock);
var cert = params.objects.queryElementAt(0, nsIX509Cert);
@ -265,7 +265,7 @@ function updateCertDump()
var dbKey = item.firstChild.firstChild.getAttribute('display');
// Get the cert from the cert database
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
var cert = certdb.findCertByDBKey(dbKey,null);
var cert = certdb.findCertByDBKey(dbKey);
asn1Tree.loadASN1Structure(cert.ASN1Structure);
}
displaySelected();
@ -290,7 +290,7 @@ function getCurrentCert()
var item = tree.contentView.getItemAtIndex(realIndex);
var dbKey = item.firstChild.firstChild.getAttribute('display');
var certdb = Components.classes[nsX509CertDB].getService(nsIX509CertDB);
var cert = certdb.findCertByDBKey(dbKey,null);
var cert = certdb.findCertByDBKey(dbKey);
return cert;
}
/* shouldn't really happen */

39
security/manager/ssl/nsIX509CertDB.idl
View File

@ -46,7 +46,7 @@ interface nsIVerifySignedManifestCallback : nsISupports
* This represents a service to access and manipulate
* X.509 certificates stored in a database.
*/
[scriptable, uuid(a36c45fb-f7b5-423e-a0f7-ea1eb4fd60b5)]
[scriptable, uuid(5c16cd9b-5a73-47f1-ab0f-11ede7495cce)]
interface nsIX509CertDB : nsISupports {
/**
@ -59,19 +59,15 @@ interface nsIX509CertDB : nsISupports {
const unsigned long TRUSTED_OBJSIGN = 1 << 2;
/**
* Given a nickname and optionally a token,
* Given a nickname,
* locate the matching certificate.
*
* @param aToken Optionally limits the scope of
* this function to a token device.
* Can be null to mean any token.
* @param aNickname The nickname to be used as the key
* to find a certificate.
*
* @return The matching certificate if found.
*/
nsIX509Cert findCertByNickname(in nsISupports aToken,
in AString aNickname);
nsIX509Cert findCertByNickname(in AString aNickname);
/**
* Will find a certificate based on its dbkey
@ -80,11 +76,8 @@ interface nsIX509CertDB : nsISupports {
*
* @param aDBkey Database internal key, as obtained using
* attribute dbkey in nsIX509Cert.
* @param aToken Optionally limits the scope of
* this function to a token device.
* Can be null to mean any token.
*/
nsIX509Cert findCertByDBKey(in string aDBkey, in nsISupports aToken);
nsIX509Cert findCertByDBKey(in string aDBkey);
/**
* Obtain a list of certificate nicknames from the database.
@ -92,16 +85,12 @@ interface nsIX509CertDB : nsISupports {
* user, ca, or server cert - the nickname
* email cert - the email address
*
* @param aToken Optionally limits the scope of
* this function to a token device.
* Can be null to mean any token.
* @param aType Type of certificate to obtain
* See certificate type constants in nsIX509Cert.
* @param count The number of nicknames in the returned array
* @param certNameList The returned array of certificate nicknames.
*/
void findCertNicknames(in nsISupports aToken,
in unsigned long aType,
void findCertNicknames(in unsigned long aType,
out unsigned long count,
[array, size_is(count)] out wstring certNameList);
@ -128,16 +117,12 @@ interface nsIX509CertDB : nsISupports {
/**
* Find a certificate by email address.
*
* @param aToken Optionally limits the scope of
* this function to a token device.
* Can be null to mean any token.
* @param aEmailAddress The email address to be used as the key
* to find the certificate.
*
* @return The matching certificate if found.
*/
nsIX509Cert findCertByEmailAddress(in nsISupports aToken,
in string aEmailAddress);
nsIX509Cert findCertByEmailAddress(in string aEmailAddress);
/**
* Use this to import a stream sent down as a mime type into
@ -229,23 +214,19 @@ interface nsIX509CertDB : nsISupports {
* @return Returns true if the certificate is trusted for the given use.
*/
boolean isCertTrusted(in nsIX509Cert cert,
in unsigned long certType,
in unsigned long trustType);
in unsigned long certType,
in unsigned long trustType);
/**
* Import certificate(s) from file
*
* @param aToken Optionally limits the scope of
* this function to a token device.
* Can be null to mean any token.
* @param aFile Identifies a file that contains the certificate
* to be imported.
* @param aType Describes the type of certificate that is going to
* be imported. See type constants in nsIX509Cert.
*/
void importCertsFromFile(in nsISupports aToken,
in nsIFile aFile,
in unsigned long aType);
void importCertsFromFile(in nsIFile aFile,
in unsigned long aType);
/**
* Import a PKCS#12 file containing cert(s) and key(s) into the database.

33
security/manager/ssl/nsNSSCertificateDB.cpp
View File

@ -96,9 +96,8 @@ nsNSSCertificateDB::~nsNSSCertificateDB()
}
NS_IMETHODIMP
nsNSSCertificateDB::FindCertByNickname(nsISupports *aToken,
const nsAString &nickname,
nsIX509Cert **_rvCert)
nsNSSCertificateDB::FindCertByNickname(const nsAString& nickname,
nsIX509Cert** _rvCert)
{
NS_ENSURE_ARG_POINTER(_rvCert);
*_rvCert = nullptr;
@ -128,8 +127,7 @@ nsNSSCertificateDB::FindCertByNickname(nsISupports *aToken,
}
NS_IMETHODIMP
nsNSSCertificateDB::FindCertByDBKey(const char *aDBkey, nsISupports *aToken,
nsIX509Cert **_cert)
nsNSSCertificateDB::FindCertByDBKey(const char* aDBkey,nsIX509Cert** _cert)
{
NS_ENSURE_ARG_POINTER(aDBkey);
NS_ENSURE_ARG(aDBkey[0]);
@ -199,10 +197,9 @@ nsNSSCertificateDB::FindCertByDBKey(const char *aDBkey, nsISupports *aToken,
}
NS_IMETHODIMP
nsNSSCertificateDB::FindCertNicknames(nsISupports *aToken,
uint32_t aType,
uint32_t *_count,
char16_t ***_certNames)
nsNSSCertificateDB::FindCertNicknames(uint32_t aType,
uint32_t* _count,
char16_t*** _certNames)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
@ -1085,9 +1082,7 @@ nsNSSCertificateDB::IsCertTrusted(nsIX509Cert *cert,
NS_IMETHODIMP
nsNSSCertificateDB::ImportCertsFromFile(nsISupports *aToken,
nsIFile *aFile,
uint32_t aType)
nsNSSCertificateDB::ImportCertsFromFile(nsIFile* aFile, uint32_t aType)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
@ -1155,8 +1150,7 @@ nsNSSCertificateDB::ImportCertsFromFile(nsISupports *aToken,
}
NS_IMETHODIMP
nsNSSCertificateDB::ImportPKCS12File(nsISupports *aToken,
nsIFile *aFile)
nsNSSCertificateDB::ImportPKCS12File(nsISupports* aToken, nsIFile* aFile)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
@ -1173,10 +1167,10 @@ nsNSSCertificateDB::ImportPKCS12File(nsISupports *aToken,
}
NS_IMETHODIMP
nsNSSCertificateDB::ExportPKCS12File(nsISupports *aToken,
nsIFile *aFile,
uint32_t count,
nsIX509Cert **certs)
nsNSSCertificateDB::ExportPKCS12File(nsISupports* aToken,
nsIFile* aFile,
uint32_t count,
nsIX509Cert** certs)
//const char16_t **aCertNames)
{
nsNSSShutDownPreventionLock locker;
@ -1343,7 +1337,8 @@ nsNSSCertificateDB::FindEmailSigningCert(const nsAString& aNickname,
}
NS_IMETHODIMP
nsNSSCertificateDB::FindCertByEmailAddress(nsISupports *aToken, const char *aEmailAddress, nsIX509Cert **_retval)
nsNSSCertificateDB::FindCertByEmailAddress(const char* aEmailAddress,
nsIX509Cert** _retval)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {

2
security/manager/ssl/nsNSSIOLayer.cpp
View File

@ -2237,7 +2237,7 @@ ClientAuthDataRunnable::RunOnTargetThread()
if (certdb) {
nsCOMPtr<nsIX509Cert> found_cert;
nsresult find_rv =
certdb->FindCertByDBKey(rememberedDBKey.get(), nullptr,
certdb->FindCertByDBKey(rememberedDBKey.get(),
getter_AddRefs(found_cert));
if (NS_SUCCEEDED(find_rv) && found_cert) {
nsNSSCertificate* obj_cert =

2
security/manager/ssl/tests/unit/test_add_preexisting_cert.js
View File

@ -39,7 +39,7 @@ function run_test() {
// Change the already existing intermediate certificate's trust using
// addCertFromBase64(). We use findCertByNickname first to ensure that the
// certificate already exists.
let int_cert = certDB.findCertByNickname(null, "int-limited-depth");
let int_cert = certDB.findCertByNickname("int-limited-depth");
notEqual(int_cert, null, "Intermediate cert should be in the cert DB");
let base64_cert = btoa(getDERString(int_cert));
certDB.addCertFromBase64(base64_cert, "p,p,p", "ignored_argument");

10
security/manager/ssl/tests/unit/test_cert_dbKey.js
View File

@ -55,7 +55,7 @@ function encodeCommonNameAsBytes(commonName) {
function testInvalidDBKey(certDB, dbKey) {
let exceptionCaught = false;
try {
let cert = certDB.findCertByDBKey(dbKey, null);
let cert = certDB.findCertByDBKey(dbKey);
} catch(e) {
do_print(e);
exceptionCaught = true;
@ -64,7 +64,7 @@ function testInvalidDBKey(certDB, dbKey) {
}
function testDBKeyForNonexistentCert(certDB, dbKey) {
let cert = certDB.findCertByDBKey(dbKey, null);
let cert = certDB.findCertByDBKey(dbKey);
ok(!cert, "shouldn't find cert for given dbKey");
}
@ -98,7 +98,7 @@ function run_test() {
equal(cert.dbKey, expectedDbKey,
"actual and expected dbKey values should match");
let certFromDbKey = certDB.findCertByDBKey(expectedDbKey, null);
let certFromDbKey = certDB.findCertByDBKey(expectedDbKey);
ok(certFromDbKey.equals(cert),
"nsIX509CertDB.findCertByDBKey should find the right certificate");
@ -107,14 +107,14 @@ function run_test() {
let expectedDbKeyWithCRLF = expectedDbKey.replace(/(.{64})/, "$1\r\n");
ok(expectedDbKeyWithCRLF.indexOf("\r\n") == 64,
"test self-check: adding CRLF to dbKey should succeed");
certFromDbKey = certDB.findCertByDBKey(expectedDbKeyWithCRLF, null);
certFromDbKey = certDB.findCertByDBKey(expectedDbKeyWithCRLF);
ok(certFromDbKey.equals(cert),
"nsIX509CertDB.findCertByDBKey should work with dbKey with CRLF");
let expectedDbKeyWithSpaces = expectedDbKey.replace(/(.{64})/, "$1 ");
ok(expectedDbKeyWithSpaces.indexOf(" ") == 64,
"test self-check: adding spaces to dbKey should succeed");
certFromDbKey = certDB.findCertByDBKey(expectedDbKeyWithSpaces, null);
certFromDbKey = certDB.findCertByDBKey(expectedDbKeyWithSpaces);
ok(certFromDbKey.equals(cert),
"nsIX509CertDB.findCertByDBKey should work with dbKey with spaces");

2
security/manager/ssl/tests/unit/test_cert_keyUsage.js
View File

@ -44,7 +44,7 @@ function run_test() {
caList.forEach(function(ca) {
addCertFromFile(certdb, "test_cert_keyUsage/" + ca + ".pem",
"CTu,CTu,CTu");
let caCert = certdb.findCertByNickname(null, ca);
let caCert = certdb.findCertByNickname(ca);
let usages = {};
caCert.getUsagesString(true, {}, usages); // true indicates local-only
equal(usages.value, expectedUsagesMap[ca],

6
security/manager/ssl/tests/unit/test_cert_trust.js
View File

@ -191,11 +191,11 @@ function run_test() {
load_cert(certList[i], ',,');
}
let ca_cert = certdb.findCertByNickname(null, 'ca');
let ca_cert = certdb.findCertByNickname('ca');
notEqual(ca_cert, null, "CA cert should be in the cert DB");
let int_cert = certdb.findCertByNickname(null, 'int');
let int_cert = certdb.findCertByNickname('int');
notEqual(int_cert, null, "Intermediate cert should be in the cert DB");
let ee_cert = certdb.findCertByNickname(null, 'ee');
let ee_cert = certdb.findCertByNickname('ee');
notEqual(ee_cert, null, "EE cert should be in the cert DB");
setup_basic_trusts(ca_cert, int_cert);

12
security/manager/ssl/tests/unit/test_ev_certs.js
View File

@ -46,13 +46,13 @@ function start_ocsp_responder(expectedCertNames) {
}
function check_cert_err(cert_name, expected_error) {
let cert = certdb.findCertByNickname(null, cert_name);
let cert = certdb.findCertByNickname(cert_name);
checkCertErrorGeneric(certdb, cert, expected_error, certificateUsageSSLServer);
}
function check_ee_for_ev(cert_name, expected_ev) {
let cert = certdb.findCertByNickname(null, cert_name);
let cert = certdb.findCertByNickname(cert_name);
checkEVStatus(certdb, cert, certificateUsageSSLServer, expected_ev);
}
@ -107,7 +107,7 @@ function run_test() {
// causes the root to be untrusted.
const nsIX509Cert = Ci.nsIX509Cert;
add_test(function() {
let evRootCA = certdb.findCertByNickname(null, evrootnick);
let evRootCA = certdb.findCertByNickname(evrootnick);
certdb.setCertTrust(evRootCA, nsIX509Cert.CA_CERT, 0);
clearOCSPCache();
@ -119,7 +119,7 @@ function run_test() {
// bug 917380: Check that a trusted EV root is trusted after disabling and
// re-enabling trust.
add_test(function() {
let evRootCA = certdb.findCertByNickname(null, evrootnick);
let evRootCA = certdb.findCertByNickname(evrootnick);
certdb.setCertTrust(evRootCA, nsIX509Cert.CA_CERT,
Ci.nsIX509CertDB.TRUSTED_SSL |
Ci.nsIX509CertDB.TRUSTED_EMAIL |
@ -240,7 +240,7 @@ function run_test() {
ocspResponder.stop(function () {
// without net it must be able to EV verify
let failingOcspResponder = failingOCSPResponder();
let cert = certdb.findCertByNickname(null, "ev-valid");
let cert = certdb.findCertByNickname("ev-valid");
let hasEVPolicy = {};
let verifiedChain = {};
let flags = Ci.nsIX509CertDB.FLAG_LOCAL_ONLY |
@ -321,7 +321,7 @@ function run_test() {
function check_no_ocsp_requests(cert_name, expected_error) {
clearOCSPCache();
let ocspResponder = failingOCSPResponder();
let cert = certdb.findCertByNickname(null, cert_name);
let cert = certdb.findCertByNickname(cert_name);
let hasEVPolicy = {};
let verifiedChain = {};
let flags = Ci.nsIX509CertDB.FLAG_LOCAL_ONLY |

2
security/manager/ssl/tests/unit/test_getchain.js
View File

@ -71,7 +71,7 @@ function run_test() {
addCertFromFile(certdb, `test_getchain/${cert}.pem`, ",,");
}
let ee_cert = certdb.findCertByNickname(null, 'ee');
let ee_cert = certdb.findCertByNickname('ee');
notEqual(ee_cert, null, "EE cert should be in the cert DB");
let ca = get_ca_array();