Closed
Bug 394206
Opened 17 years ago
Closed 17 years ago
PKIX_PL_Cert_IsCertTrusted checks wrong flag
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.12
People
(Reporter: KaiE, Assigned: KaiE)
Details
Attachments
(1 file)
900 bytes,
patch
|
nelson
:
review+
|
Details | Diff | Splinter Review |
Spun off from bug 391454 comment 9 and bug 391454 comment 19 and bug 391454 comment 22. PKIX_PL_Cert_IsCertTrusted checks the wrong flag. It checks CERTDB_VALID_CA, and treats any cert with that flag as trusted. Function CERT_TrustFlagsForCACertUsage returns the required set of flags. The correct patch for this code is: if (rv == SECSuccess) { certFlags = SEC_GET_TRUST_FLAGS((&trust), trustType); - if ((certFlags & CERTDB_VALID_CA) && - ((certFlags & requiredFlags) == requiredFlags)) { + if ((certFlags & requiredFlags) == requiredFlags) { trusted = PKIX_TRUE; }
Assignee | ||
Comment 1•17 years ago
|
||
Comment 2•17 years ago
|
||
Comment on attachment 278821 [details] [diff] [review] Patch v1 This looks familiar. :)
Attachment #278821 -
Flags: review?(nelson) → review+
Assignee | ||
Comment 3•17 years ago
|
||
fixed
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Updated•16 years ago
|
Target Milestone: --- → 3.12
You need to log in
before you can comment on or make changes to this bug.
Description
•