Closed Bug 232937 Opened 20 years ago Closed 20 years ago

crlutil returns 0 when import fails, invalidates pkits test results


(NSS :: Tools, defect, P2)



(Not tracked)



(Reporter: nelson, Assigned: nelson)



(1 file)

The nss utility command crlutil returns zero (success), even when it fails
to import the cert (under some conditions).  This causes the results of
the test script to be incorrect for numerous test cases.

Patch forthcoming.
Attached patch patch v1Splinter Review
This patch does the following things, all in function ImportCRL
a) sets rv=SECFailure if PK11_ImportCRL returns NULL.
b) conditionally compiles some time measurement code.
c) fixes some indentation and line wrapping.
Comment on attachment 140483 [details] [diff] [review]
patch v1

Julien, please review.
Attachment #140483 - Flags: review?(jpierre)
Comment on attachment 140483 [details] [diff] [review]
patch v1

I'm not sure about that "not up to date" message when errString is zero . I
don't know why that should be there. But you are only changing the

While you are at it, I think the SEC_DestroyCrl just below that I put last week
should be in an else statement, otherwise we will try to free NULL. Oops.
Attachment #140483 - Flags: review?(jpierre) → review+
The patch I checked in included the additional changes suggested by julien.

/cvsroot/mozilla/security/nss/cmd/crlutil/crlutil.c,v  <--  crlutil.c
new revision: 1.23; previous revision: 1.22

One immediate consequence of this path is that many more pkits test cases
appear to be broken.  However, in some cases, this is merely because 
the test script invokes crlImport instead of crlImportn
Closed: 20 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: --- → 3.10
You need to log in before you can comment on or make changes to this bug.