391
|
1 |
# HG changeset patch
|
|
2 |
# Parent f241f48841a5d480f898cb7c34f3438aaa9a6c40
|
|
3 |
# User Brian Smith <bsmith@mozilla.com>
|
|
4 |
Bug 713934, Part 2, version 1: Update SetCertVerificationResult to use SSL_AuthCertificateComplete, r?honzab
|
|
5 |
|
|
6 |
diff --git a/security/manager/ssl/src/nsNSSIOLayer.cpp b/security/manager/ssl/src/nsNSSIOLayer.cpp
|
|
7 |
--- a/security/manager/ssl/src/nsNSSIOLayer.cpp
|
|
8 |
+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
|
|
9 |
@@ -964,31 +964,31 @@ nsNSSSocketInfo::SetCertVerificationWait
|
|
10 |
|
|
11 |
void
|
|
12 |
nsNSSSocketInfo::SetCertVerificationResult(PRErrorCode errorCode,
|
|
13 |
SSLErrorMessageType errorMessageType)
|
|
14 |
{
|
|
15 |
NS_ASSERTION(mCertVerificationState == waiting_for_cert_verification,
|
|
16 |
"Invalid state transition to cert_verification_finished");
|
|
17 |
|
|
18 |
- if (errorCode != 0) {
|
|
19 |
- SetCanceled(errorCode, errorMessageType);
|
|
20 |
- } else if (mFd) {
|
|
21 |
- // We haven't closed the connection already, so restart it
|
|
22 |
- SECStatus rv = SSL_RestartHandshakeAfterAuthCertificate(mFd);
|
|
23 |
- if (rv != SECSuccess) {
|
|
24 |
+ if (mFd) {
|
|
25 |
+ SECStatus rv = SSL_AuthCertificateComplete(mFd, errorCode);
|
|
26 |
+ // Only replace errorCode if there was originally no error
|
|
27 |
+ if (rv != SECSuccess && errorCode == 0) {
|
|
28 |
errorCode = PR_GetError();
|
|
29 |
+ errorMessageType = PlainErrorMessage;
|
|
30 |
if (errorCode == 0) {
|
|
31 |
- NS_ERROR("SSL_RestartHandshakeAfterAuthCertificate didn't set error code");
|
|
32 |
+ NS_ERROR("SSL_AuthCertificateComplete didn't set error code");
|
|
33 |
errorCode = PR_INVALID_STATE_ERROR;
|
|
34 |
}
|
|
35 |
- SetCanceled(errorCode, PlainErrorMessage);
|
|
36 |
}
|
|
37 |
- } else {
|
|
38 |
- // If we closed the connection alreay, we don't have anything to do
|
|
39 |
+ }
|
|
40 |
+
|
|
41 |
+ if (errorCode) {
|
|
42 |
+ SetCanceled(errorCode, errorMessageType);
|
|
43 |
}
|
|
44 |
|
|
45 |
mCertVerificationState = after_cert_verification;
|
|
46 |
}
|
|
47 |
|
|
48 |
nsresult nsNSSSocketInfo::GetSSLStatus(nsISSLStatus** _result)
|
|
49 |
{
|
|
50 |
NS_ENSURE_ARG_POINTER(_result);
|