Closed Bug 257860 Opened 16 years ago Closed 13 years ago

Incorrect comment for SSL_SecurityStatus in ssl.h

Categories

(NSS :: Documentation, defect, P3)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: wtc, Assigned: julien.pierre)

Details

Attachments

(1 file)

The comment before the declaration for SSL_SecurityStatus
in ssl.h says:

/*
** Query security status of socket. *on is set to one if security is
** enabled. *keySize will contain the stream key size used. *issuer will
** contain the RFC1485 verison of the name of the issuer of the
** certificate at the other end of the connection. For a client, this is
** the issuer of the server's certificate; for a server, this is the
** issuer of the client's certificate (if any). Subject is the subject of
** the other end's certificate. The pointers can be zero if the desired
** data is not needed.  All strings returned by this function are owned
** by SSL, and will be freed when the socket is closed.
*/
SSL_IMPORT SECStatus SSL_SecurityStatus(PRFileDesc *fd, int *on, char **cipher,
                                        int *keySize, int *secretKeySize,
                                        char **issuer, char **subject);

I believe that the last sentence in the comment is wrong.
The caller needs to free *issuer and *subject with PORT_Free.
Nelson, could you confirm this?
I confirm.  The last sentence in that comment has never been correct.
There are actually 3 returned strings that need to be freed by the caller:
*cipher, *issuer, and *subject.  
The correct use is shown in 
http://lxr.mozilla.org/mozilla/source/security/nss/cmd/vfyserv/vfyutil.c#410
QA Contact: wtchang → documentation
Assignee: wtc → julien.pierre.boogz
Severity: major → normal
Priority: -- → P3
Target Milestone: --- → 3.12
Attached patch Fix commentSplinter Review
Attachment #271765 - Flags: review?(nelson)
Comment on attachment 271765 [details] [diff] [review]
Fix comment

r=nelson
Attachment #271765 - Flags: review?(nelson) → review+
Nelson,

Thanks for the review. I checked in the fix to the trunk.

Checking in ssl.h;
/cvsroot/mozilla/security/nss/lib/ssl/ssl.h,v  <--  ssl.h
new revision: 1.25; previous revision: 1.24
done
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.