mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 938046 - Part 3. Iterate only through valid users on getchain r=dkeeler
This commit is contained in:
parent
77096198a8
commit
a07ba7e581
@ -856,10 +856,18 @@ nsNSSCertificate::GetChain(nsIArray **_rvChain)
|
||||
nullptr, /*XXX fixme*/
|
||||
CertVerifier::FLAG_LOCAL_ONLY,
|
||||
&pkixNssChain);
|
||||
// This is the whitelist of all non-SSLServer usages that are supported by
|
||||
// verifycert.
|
||||
const int otherUsagesToTest = certificateUsageSSLClient |
|
||||
certificateUsageSSLCA |
|
||||
certificateUsageEmailSigner |
|
||||
certificateUsageEmailRecipient |
|
||||
certificateUsageObjectSigner |
|
||||
certificateUsageStatusResponder;
|
||||
for (int usage = certificateUsageSSLClient;
|
||||
usage < certificateUsageAnyCA && !pkixNssChain;
|
||||
usage = usage << 1) {
|
||||
if (usage == certificateUsageSSLServer) {
|
||||
if ((usage & otherUsagesToTest) == 0) {
|
||||
continue;
|
||||
}
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("pipnss: PKIX attempting chain(%d) for '%s'\n",usage, mCert->nickname));
|
||||
|
Loading…
Reference in New Issue
Block a user