Incomplete/confusing error handling in nsNSSBadCertHandler

RESOLVED DUPLICATE of bug 674147

Status

()

RESOLVED DUPLICATE of bug 674147
8 years ago
7 years ago

People

(Reporter: briansmith, Unassigned)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

See bug 642395 comment 36 and the following comments in that bug. 

The code is:

  if (!collected_errors)
  {
    NS_NOTREACHED("why did NSS call our bad cert handler if \
                   all looks good? Let's cancel the connection");
    return SECFailure;
  }

The assertion is reached when the fix for bug 642395 is used and (probably) when a revoked certificate has been encountered, so the NS_NOTREACHED assertion is invalid.

Additionally, all other return statements are of the form:

   nsHandleSSLError(infoObject, i_node->error);
   PR_SetError(...);
   return cancel_and_failure(infoObject);

If nsHandleSSLError and/or cancel_and_failure are not needed, then the code should be documented with a note as to why they are not needed in this specific case.
Fixed in the patch for bug 674147.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 674147
You need to log in before you can comment on or make changes to this bug.