Closed Bug 642697 Opened 13 years ago Closed 13 years ago

Incomplete/confusing error handling in nsNSSBadCertHandler

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 674147

People

(Reporter: briansmith, Unassigned)

Details

See bug 642395 comment 36 and the following comments in that bug. 

The code is:

  if (!collected_errors)
  {
    NS_NOTREACHED("why did NSS call our bad cert handler if \
                   all looks good? Let's cancel the connection");
    return SECFailure;
  }

The assertion is reached when the fix for bug 642395 is used and (probably) when a revoked certificate has been encountered, so the NS_NOTREACHED assertion is invalid.

Additionally, all other return statements are of the form:

   nsHandleSSLError(infoObject, i_node->error);
   PR_SetError(...);
   return cancel_and_failure(infoObject);

If nsHandleSSLError and/or cancel_and_failure are not needed, then the code should be documented with a note as to why they are not needed in this specific case.
Fixed in the patch for bug 674147.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.