Closed Bug 597624 Opened 14 years ago Closed 13 years ago

pp -t certificate should identify and indent the DistributionPoints in the CRL distribution points extension

Categories

(NSS :: Tools, defect, P2)

Product:
NSS
Component:
Tools
Version:
3.12
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.10

People

(Reporter: wtc, Assigned: wtc)

Details

Attachments

(1 file)

Proposed patch
4.65 KB, patch
nelson
: review+
Details | Diff | Splinter Review
Attached patch Proposed patchSplinter Review 
pp -t certificate should identify and ident the DistributionPoints
in the CRL distribution points extension.

This elimates the following ambiguity when the CRL distribution points
extension contains multiple URLs:

   CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint

   DistributionPoint ::= SEQUENCE {
        distributionPoint       [0]     DistributionPointName OPTIONAL,
        reasons                 [1]     ReasonFlags OPTIONAL,
        cRLIssuer               [2]     GeneralNames OPTIONAL }

   DistributionPointName ::= CHOICE {
        fullName                [0]     GeneralNames,
        nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }

   GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName

Note that both CRLDistributionPoints and GeneralNames are
SEQUENCE OF.  So if "pp -t certificate" prints multiple URLs,
it's not clear whether the URLs are in a single or multiple
DistributionPoint.

The patch also adds 'const' to the char* msg arguments to three functions.
Attachment #476465 - Flags: review?(nelson)
Comment on attachment 476465 [details] [diff] [review]
Proposed patch

r=nelson
Attachment #476465 - Flags: review?(nelson) → review+
Version: unspecified → 3.12
Patch checked in on the NSS trunk (NSS 3.13) and the
NSS_3_12_BRANCH (NSS 3.12.10).

Checking in secutil.c;
/cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v  <--  secutil.c
new revision: 1.104; previous revision: 1.103
done
Checking in secutil.h;
/cvsroot/mozilla/security/nss/cmd/lib/secutil.h,v  <--  secutil.h
new revision: 1.35; previous revision: 1.34
done

Checking in secutil.c;
/cvsroot/mozilla/security/nss/cmd/lib/secutil.c,v  <--  secutil.c
new revision: 1.99.2.3; previous revision: 1.99.2.2
done
Checking in secutil.h;
/cvsroot/mozilla/security/nss/cmd/lib/secutil.h,v  <--  secutil.h
new revision: 1.32.2.2; previous revision: 1.32.2.1
done
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Component: Libraries → Tools
QA Contact: libraries → tools
Resolution: --- → FIXED
Target Milestone: 3.12.9 → 3.12.10
Summary: pp -t certificate should identify and ident the DistributionPoints in the CRL distribution points extension → pp -t certificate should identify and indent the DistributionPoints in the CRL distribution points extension
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: