Bug Summary

File:s/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c
Warning:line 371, column 19
Access to field 'freeFcn' results in a dereference of a null pointer (loaded from variable 'hcv1')

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name pkix_pl_aiamgr.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/lib/libpkix/pkix_pl_nss/module -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/lib/libpkix/pkix_pl_nss/module -resource-dir /usr/lib/llvm-19/lib/clang/19 -D HAVE_STRERROR -D LINUX -D linux -D XP_UNIX -D XP_UNIX -D SHLIB_SUFFIX="so" -D SHLIB_PREFIX="lib" -D SHLIB_VERSION="" -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D NSS_DISABLE_SSE3 -D NSS_NO_INIT_SUPPORT -D USE_UTIL_DIRECTLY -D NO_NSPR_10_SUPPORT -D SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES -I ../../../../../dist/Linux6.12_x86_64_gcc_glibc_PTH_64_DBG.OBJ/include -I ../../../../../dist/public/nss -I ../../../../../dist/private/nss -internal-isystem /usr/lib/llvm-19/lib/clang/19/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -std=c99 -ferror-limit 19 -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2025-01-06-222215-268153-1 -x c pkix_pl_aiamgr.c
1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4/*
5 * pkix_pl_aiamgr.c
6 *
7 * AIAMgr Object Definitions
8 *
9 */
10
11#include "pkix_pl_aiamgr.h"
12extern PKIX_PL_HashTable *aiaConnectionCache;
13
14#ifndef NSS_PKIX_NO_LDAP
15/* --Virtual-LdapClient-Functions------------------------------------ */
16
17PKIX_Error *
18PKIX_PL_LdapClient_InitiateRequest(
19 PKIX_PL_LdapClient *client,
20 LDAPRequestParams *requestParams,
21 void **pNBIO,
22 PKIX_List **pResponse,
23 void *plContext)
24{
25 PKIX_ENTER(LDAPCLIENT, "PKIX_PL_LdapClient_InitiateRequest")static const char cMyFuncName[] = {"PKIX_PL_LdapClient_InitiateRequest"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_LDAPCLIENT_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
26 PKIX_NULLCHECK_TWO(client, client->initiateFcn)do { if (((client) == ((void*)0)) || ((client->initiateFcn
) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean
) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn
(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext
);; } } while (0);
27
28 PKIX_CHECK(client->initiateFcndo { stdVars.aPkixErrorResult = (client->initiateFcn (client
, requestParams, pNBIO, pResponse, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED
; goto cleanup; } } while (0)
29 (client, requestParams, pNBIO, pResponse, plContext),do { stdVars.aPkixErrorResult = (client->initiateFcn (client
, requestParams, pNBIO, pResponse, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED
; goto cleanup; } } while (0)
30 PKIX_LDAPCLIENTINITIATEREQUESTFAILED)do { stdVars.aPkixErrorResult = (client->initiateFcn (client
, requestParams, pNBIO, pResponse, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED
; goto cleanup; } } while (0);
31cleanup:
32
33 PKIX_RETURN(LDAPCLIENT)return PKIX_DoReturn(&stdVars, (PKIX_LDAPCLIENT_ERROR), (
(PKIX_Boolean) 1), plContext);;
34
35}
36
37PKIX_Error *
38PKIX_PL_LdapClient_ResumeRequest(
39 PKIX_PL_LdapClient *client,
40 void **pNBIO,
41 PKIX_List **pResponse,
42 void *plContext)
43{
44 PKIX_ENTER(LDAPCLIENT, "PKIX_PL_LdapClient_ResumeRequest")static const char cMyFuncName[] = {"PKIX_PL_LdapClient_ResumeRequest"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_LDAPCLIENT_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
45 PKIX_NULLCHECK_TWO(client, client->resumeFcn)do { if (((client) == ((void*)0)) || ((client->resumeFcn) ==
((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1
); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn
(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext
);; } } while (0);
46
47 PKIX_CHECK(client->resumeFcndo { stdVars.aPkixErrorResult = (client->resumeFcn (client
, pNBIO, pResponse, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED
; goto cleanup; } } while (0)
48 (client, pNBIO, pResponse, plContext),do { stdVars.aPkixErrorResult = (client->resumeFcn (client
, pNBIO, pResponse, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED
; goto cleanup; } } while (0)
49 PKIX_LDAPCLIENTRESUMEREQUESTFAILED)do { stdVars.aPkixErrorResult = (client->resumeFcn (client
, pNBIO, pResponse, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED
; goto cleanup; } } while (0);
50cleanup:
51
52 PKIX_RETURN(LDAPCLIENT)return PKIX_DoReturn(&stdVars, (PKIX_LDAPCLIENT_ERROR), (
(PKIX_Boolean) 1), plContext);;
53
54}
55#endif /* !NSS_PKIX_NO_LDAP */
56
57/* --Private-AIAMgr-Functions----------------------------------*/
58
59/*
60 * FUNCTION: pkix_pl_AIAMgr_Destroy
61 * (see comments for PKIX_PL_DestructorCallback in pkix_pl_pki.h)
62 */
63static PKIX_Error *
64pkix_pl_AIAMgr_Destroy(
65 PKIX_PL_Object *object,
66 void *plContext)
67{
68 PKIX_PL_AIAMgr *aiaMgr = NULL((void*)0);
69
70 PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_Destroy")static const char cMyFuncName[] = {"pkix_pl_AIAMgr_Destroy"};
PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
71 PKIX_NULLCHECK_ONE(object)do { if ((object) == ((void*)0)){ stdVars.aPkixErrorReceived =
((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT
; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean
) 1), plContext);; } } while (0);
72
73 PKIX_CHECK(pkix_CheckType(object, PKIX_AIAMGR_TYPE, plContext),do { stdVars.aPkixErrorResult = (pkix_CheckType(object, PKIX_AIAMGR_TYPE
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_OBJECTNOTAIAMGR; goto cleanup; } } while (0)
74 PKIX_OBJECTNOTAIAMGR)do { stdVars.aPkixErrorResult = (pkix_CheckType(object, PKIX_AIAMGR_TYPE
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_OBJECTNOTAIAMGR; goto cleanup; } } while (0);
75
76 aiaMgr = (PKIX_PL_AIAMgr *)object;
77
78 /* pointer to cert cache */
79 /* pointer to crl cache */
80 aiaMgr->method = 0;
81 aiaMgr->aiaIndex = 0;
82 aiaMgr->numAias = 0;
83 PKIX_DECREF(aiaMgr->aia)do { if (aiaMgr->aia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(aiaMgr->aia), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } aiaMgr->
aia = ((void*)0); } } while (0);
84 PKIX_DECREF(aiaMgr->location)do { if (aiaMgr->location){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(aiaMgr->location), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } aiaMgr->
location = ((void*)0); } } while (0);
85 PKIX_DECREF(aiaMgr->results)do { if (aiaMgr->results){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(aiaMgr->results), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } aiaMgr->
results = ((void*)0); } } while (0);
86#ifndef NSS_PKIX_NO_LDAP
87 PKIX_DECREF(aiaMgr->client.ldapClient)do { if (aiaMgr->client.ldapClient){ stdVars.aPkixTempResult
= PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(aiaMgr->client
.ldapClient), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError
(&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult
= ((void*)0); } aiaMgr->client.ldapClient = ((void*)0); }
} while (0);
88#endif
89
90cleanup:
91
92 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
93}
94
95/*
96 * FUNCTION: pkix_pl_AIAMgr_RegisterSelf
97 * DESCRIPTION:
98 * Registers PKIX_AIAMGR_TYPE and its related functions with systemClasses[]
99 * THREAD SAFETY:
100 * Not Thread Safe - for performance and complexity reasons
101 *
102 * Since this function is only called by PKIX_PL_Initialize, which should
103 * only be called once, it is acceptable that this function is not
104 * thread-safe.
105 */
106PKIX_Error *
107pkix_pl_AIAMgr_RegisterSelf(void *plContext)
108{
109 extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES];
110 pkix_ClassTable_Entry *entry = &systemClasses[PKIX_AIAMGR_TYPE];
111
112 PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_RegisterSelf")static const char cMyFuncName[] = {"pkix_pl_AIAMgr_RegisterSelf"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
113
114 entry->description = "AIAMgr";
115 entry->typeObjectSize = sizeof(PKIX_PL_AIAMgr);
116 entry->destructor = pkix_pl_AIAMgr_Destroy;
117
118 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
119}
120
121#ifndef NSS_PKIX_NO_LDAP
122/*
123 * FUNCTION: pkix_pl_AiaMgr_FindLDAPClient
124 * DESCRIPTION:
125 *
126 * This function checks the collection of LDAPClient connections held by the
127 * AIAMgr pointed to by "aiaMgr" for one matching the domain name given by
128 * "domainName". The string may include a port number: e.g., "betty.nist.gov"
129 * or "nss.red.iplanet.com:1389". If a match is found, that LDAPClient is
130 * stored at "pClient". Otherwise, an LDAPClient is created and added to the
131 * collection, and then stored at "pClient".
132 *
133 * PARAMETERS:
134 * "aiaMgr"
135 * The AIAMgr whose LDAPClient connected are to be managed. Must be
136 * non-NULL.
137 * "domainName"
138 * Address of a string pointing to a server name. Must be non-NULL.
139 * An empty string (which means no <host> is given in the LDAP URL) is
140 * not supported.
141 * "pClient"
142 * Address at which the returned LDAPClient is stored. Must be non-NULL.
143 * "plContext"
144 * Platform-specific context pointer.
145 * THREAD SAFETY:
146 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
147 * RETURNS:
148 * Returns NULL if the function succeeds.
149 * Returns an AIAMgr Error if the function fails in a non-fatal way
150 * Returns a Fatal Error if the function fails in an unrecoverable way.
151 */
152static PKIX_Error *
153pkix_pl_AiaMgr_FindLDAPClient(
154 PKIX_PL_AIAMgr *aiaMgr,
155 char *domainName,
156 PKIX_PL_LdapClient **pClient,
157 void *plContext)
158{
159 PKIX_PL_String *domainString = NULL((void*)0);
160 PKIX_PL_LdapDefaultClient *client = NULL((void*)0);
161
162 PKIX_ENTER(AIAMGR, "pkix_pl_AiaMgr_FindLDAPClient")static const char cMyFuncName[] = {"pkix_pl_AiaMgr_FindLDAPClient"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
163 PKIX_NULLCHECK_THREE(aiaMgr, domainName, pClient)do { if (((aiaMgr) == ((void*)0)) || ((domainName) == ((void*
)0)) || ((pClient) == ((void*)0))){ stdVars.aPkixErrorReceived
= ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT
; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean
) 1), plContext);; } } while (0);
164
165 /*
166 * An LDAP URL may not have a <host> part, for example,
167 * ldap:///o=University%20of%20Michigan,c=US
168 * PKIX_PL_LdapDefaultClient doesn't know how to discover the default
169 * LDAP server, so we don't support this kind of LDAP URL.
170 */
171 if (*domainName == '\0') {
172 /* Simulate a PKIX_PL_LdapDefaultClient_CreateByName failure. */
173 PKIX_ERROR(PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED, ((void*)0), stdVars
.aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = (
(PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; };
174 }
175
176 /* create PKIX_PL_String from domain name */
177 PKIX_CHECK(PKIX_PL_String_Createdo { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, domainName
, 0, &domainString, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup
; } } while (0)
178 (PKIX_ESCASCII, domainName, 0, &domainString, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, domainName
, 0, &domainString, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup
; } } while (0)
179 PKIX_STRINGCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_Create (0, domainName
, 0, &domainString, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_STRINGCREATEFAILED; goto cleanup
; } } while (0);
180
181 /* Is this domainName already in cache? */
182 PKIX_CHECK(PKIX_PL_HashTable_Lookupdo { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Lookup (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object **)&client
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLELOOKUPFAILED; goto cleanup; } } while (0)
183 (aiaConnectionCache,do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Lookup (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object **)&client
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLELOOKUPFAILED; goto cleanup; } } while (0)
184 (PKIX_PL_Object *)domainString,do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Lookup (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object **)&client
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLELOOKUPFAILED; goto cleanup; } } while (0)
185 (PKIX_PL_Object **)&client,do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Lookup (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object **)&client
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLELOOKUPFAILED; goto cleanup; } } while (0)
186 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Lookup (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object **)&client
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLELOOKUPFAILED; goto cleanup; } } while (0)
187 PKIX_HASHTABLELOOKUPFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Lookup (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object **)&client
, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass
= stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLELOOKUPFAILED; goto cleanup; } } while (0);
188
189 if (client == NULL((void*)0)) {
190
191 /* No, create a connection (and cache it) */
192 PKIX_CHECK(PKIX_PL_LdapDefaultClient_CreateByNamedo { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
193 (domainName,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
194 /* Do not use NBIO until we verify, thatdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
195 * it is working. For now use 1 min timeout. */do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
196 PR_SecondsToInterval(do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
197 ((PKIX_PL_NssContext*)plContext)->timeoutSeconds),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
198 NULL,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
199 &client,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
200 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0)
201 PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapDefaultClient_CreateByName
(domainName, PR_SecondsToInterval( ((PKIX_PL_NssContext*)plContext
)->timeoutSeconds), ((void*)0), &client, plContext)); if
(stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPDEFAULTCLIENTCREATEBYNAMEFAILED
; goto cleanup; } } while (0);
202
203 PKIX_CHECK(PKIX_PL_HashTable_Adddo { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Add (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object *)client, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLEADDFAILED; goto cleanup; } } while (0)
204 (aiaConnectionCache,do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Add (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object *)client, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLEADDFAILED; goto cleanup; } } while (0)
205 (PKIX_PL_Object *)domainString,do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Add (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object *)client, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLEADDFAILED; goto cleanup; } } while (0)
206 (PKIX_PL_Object *)client,do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Add (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object *)client, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLEADDFAILED; goto cleanup; } } while (0)
207 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Add (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object *)client, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLEADDFAILED; goto cleanup; } } while (0)
208 PKIX_HASHTABLEADDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_HashTable_Add (aiaConnectionCache
, (PKIX_PL_Object *)domainString, (PKIX_PL_Object *)client, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_HASHTABLEADDFAILED; goto cleanup; } } while (0);
209
210 }
211
212 *pClient = (PKIX_PL_LdapClient *)client;
213
214cleanup:
215
216 PKIX_DECREF(domainString)do { if (domainString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(domainString), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } domainString = ((void
*)0); } } while (0);
217
218 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
219}
220#endif /* !NSS_PKIX_NO_LDAP */
221
222PKIX_Error *
223pkix_pl_AIAMgr_GetHTTPCerts(
224 PKIX_PL_AIAMgr *aiaMgr,
225 PKIX_PL_InfoAccess *ia,
226 void **pNBIOContext,
227 PKIX_List **pCerts,
228 void *plContext)
229{
230 PKIX_PL_GeneralName *location = NULL((void*)0);
231 PKIX_PL_String *locationString = NULL((void*)0);
232 PKIX_UInt32 len = 0;
233 PRUint16 port = 0;
234 const SEC_HttpClientFcn *httpClient = NULL((void*)0);
235 const SEC_HttpClientFcnV1 *hcv1 = NULL((void*)0);
1
'hcv1' initialized to a null pointer value
236 SECStatus rv = SECFailure;
237 SEC_HTTP_SERVER_SESSION serverSession = NULL((void*)0);
238 SEC_HTTP_REQUEST_SESSION requestSession = NULL((void*)0);
239 char *path = NULL((void*)0);
240 char *hostname = NULL((void*)0);
241 char *locationAscii = NULL((void*)0);
242 void *nbio = NULL((void*)0);
243 PRUint16 responseCode = 0;
244 const char *responseContentType = NULL((void*)0);
245 const char *responseData = NULL((void*)0);
246
247 PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_GetHTTPCerts")static const char cMyFuncName[] = {"pkix_pl_AIAMgr_GetHTTPCerts"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
2
Assuming 'pkixLoggersDebugTrace' is null
3
Taking false branch
248 PKIX_NULLCHECK_FOUR(aiaMgr, ia, pNBIOContext, pCerts)do { if (((aiaMgr) == ((void*)0)) || ((ia) == ((void*)0)) || (
(pNBIOContext) == ((void*)0)) || ((pCerts) == ((void*)0))){ stdVars
.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode
= PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR
), ((PKIX_Boolean) 1), plContext);; } } while (0);
4
Loop condition is false. Exiting loop
5
Assuming 'aiaMgr' is not equal to null
6
Assuming 'ia' is not equal to null
7
Assuming 'pNBIOContext' is not equal to null
8
Assuming 'pCerts' is not equal to null
9
Taking false branch
10
Loop condition is false. Exiting loop
249
250 nbio = *pNBIOContext;
251 *pNBIOContext = NULL((void*)0);
252 *pCerts = NULL((void*)0);
253
254 if (nbio == NULL((void*)0)) { /* a new request */
11
Assuming 'nbio' is not equal to NULL
12
Taking false branch
255
256 PKIX_CHECK(PKIX_PL_InfoAccess_GetLocationdo { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONFAILED; goto
cleanup; } } while (0)
257 (ia, &location, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONFAILED; goto
cleanup; } } while (0)
258 PKIX_INFOACCESSGETLOCATIONFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONFAILED; goto
cleanup; } } while (0);
259
260 /* find or create httpClient = default client */
261 httpClient = SEC_GetRegisteredHttpClient();
262 aiaMgr->client.hdata.httpClient = httpClient;
263 if (!httpClient)
264 PKIX_ERROR(PKIX_OUTOFMEMORY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_OUTOFMEMORY, ((void*)0), stdVars.aPkixType, 2, plContext
); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars
.aPkixErrorCode = PKIX_OUTOFMEMORY; goto cleanup; };
265
266 if (httpClient->version == 1) {
267
268 PKIX_UInt32 timeout =
269 ((PKIX_PL_NssContext*)plContext)->timeoutSeconds;
270
271 hcv1 = &(httpClient->fcnTable.ftable1);
272
273 /* create server session */
274 PKIX_TOSTRING(location, &locationString, plContext,do { int descNum; if ((location) != ((void*)0)) { stdVars.aPkixErrorResult
= PKIX_PL_Object_ToString((PKIX_PL_Object *)(location), (&
locationString), (plContext)); descNum = (PKIX_GENERALNAMETOSTRINGFAILED
); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(
0, "(null)", 0, (&locationString), (plContext)); descNum =
PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (
stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = descNum; goto cleanup; } } while (0); } while
(0)
275 PKIX_GENERALNAMETOSTRINGFAILED)do { int descNum; if ((location) != ((void*)0)) { stdVars.aPkixErrorResult
= PKIX_PL_Object_ToString((PKIX_PL_Object *)(location), (&
locationString), (plContext)); descNum = (PKIX_GENERALNAMETOSTRINGFAILED
); } else { stdVars.aPkixErrorResult = PKIX_PL_String_Create(
0, "(null)", 0, (&locationString), (plContext)); descNum =
PKIX_STRINGCREATEFAILED; } do { stdVars.aPkixErrorResult = (
stdVars.aPkixErrorResult); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = descNum; goto cleanup; } } while (0); } while
(0);
276
277 PKIX_CHECK(PKIX_PL_String_GetEncodeddo { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0)
278 (locationString,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0)
279 PKIX_ESCASCII,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0)
280 (void **)&locationAscii,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0)
281 &len,do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0)
282 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0)
283 PKIX_STRINGGETENCODEDFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_String_GetEncoded (locationString
, 0, (void **)&locationAscii, &len, plContext)); if (
stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_STRINGGETENCODEDFAILED
; goto cleanup; } } while (0);
284
285 rv = CERT_ParseURL(locationAscii, &hostname, &port,
286 &path);
287 if ((rv != SECSuccess) ||
288 (hostname == NULL((void*)0)) ||
289 (path == NULL((void*)0))) {
290 PKIX_ERROR(PKIX_URLPARSINGFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_URLPARSINGFAILED, ((void*)0), stdVars.aPkixType, 2, plContext
); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars
.aPkixErrorCode = PKIX_URLPARSINGFAILED; goto cleanup; };
291 }
292
293 rv = (*hcv1->createSessionFcn)(hostname, port,
294 &serverSession);
295 if (rv != SECSuccess) {
296 PKIX_ERROR(PKIX_HTTPCLIENTCREATESESSIONFAILED){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_HTTPCLIENTCREATESESSIONFAILED, ((void*)0), stdVars.aPkixType
, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean
) 1); stdVars.aPkixErrorCode = PKIX_HTTPCLIENTCREATESESSIONFAILED
; goto cleanup; };
297 }
298
299 aiaMgr->client.hdata.serverSession = serverSession;
300
301 /* create request session */
302 rv = (*hcv1->createFcn)(serverSession, "http", path,
303 "GET", PR_SecondsToInterval(timeout),
304 &requestSession);
305 if (rv != SECSuccess) {
306 PKIX_ERROR(PKIX_HTTPSERVERERROR){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_HTTPSERVERERROR, ((void*)0), stdVars.aPkixType, 2, plContext
); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars
.aPkixErrorCode = PKIX_HTTPSERVERERROR; goto cleanup; };
307 }
308
309 aiaMgr->client.hdata.requestSession = requestSession;
310 } else {
311 PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT, ((void*)0), stdVars.aPkixType
, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean
) 1); stdVars.aPkixErrorCode = PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT
; goto cleanup; };
312 }
313 }
314
315 httpClient = aiaMgr->client.hdata.httpClient;
316
317 if (httpClient->version == 1) {
13
Assuming field 'version' is not equal to 1
14
Taking false branch
318 PRUint32 responseDataLen =
319 ((PKIX_PL_NssContext*)plContext)->maxResponseLength;
320
321 hcv1 = &(httpClient->fcnTable.ftable1);
322 requestSession = aiaMgr->client.hdata.requestSession;
323
324 /* trySendAndReceive */
325 rv = (*hcv1->trySendAndReceiveFcn)(requestSession,
326 (PRPollDesc **)&nbio,
327 &responseCode,
328 (const char **)&responseContentType,
329 NULL((void*)0), /* &responseHeaders */
330 (const char **)&responseData,
331 &responseDataLen);
332
333 if (rv != SECSuccess) {
334 PKIX_ERROR(PKIX_HTTPSERVERERROR){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_HTTPSERVERERROR, ((void*)0), stdVars.aPkixType, 2, plContext
); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars
.aPkixErrorCode = PKIX_HTTPSERVERERROR; goto cleanup; };
335 }
336
337 if (nbio != 0) {
338 *pNBIOContext = nbio;
339 goto cleanup;
340 }
341
342 PKIX_CHECK(pkix_pl_HttpCertStore_ProcessCertResponsedo { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
343 (responseCode,do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
344 responseContentType,do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
345 responseData,do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
346 responseDataLen,do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
347 pCerts,do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
348 plContext),do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0)
349 PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_HttpCertStore_ProcessCertResponse
(responseCode, responseContentType, responseData, responseDataLen
, pCerts, plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_HTTPCERTSTOREPROCESSCERTRESPONSEFAILED
; goto cleanup; } } while (0);
350
351 /* Session and request cleanup in case of success */
352 if (aiaMgr->client.hdata.requestSession != NULL((void*)0)) {
353 (*hcv1->freeFcn)(aiaMgr->client.hdata.requestSession);
354 aiaMgr->client.hdata.requestSession = NULL((void*)0);
355 }
356 if (aiaMgr->client.hdata.serverSession != NULL((void*)0)) {
357 (*hcv1->freeSessionFcn)(aiaMgr->client.hdata.serverSession);
358 aiaMgr->client.hdata.serverSession = NULL((void*)0);
359 }
360 aiaMgr->client.hdata.httpClient = 0; /* callback fn */
361
362 } else {
363 PKIX_ERROR(PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT, ((void*)0), stdVars.aPkixType
, 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean
) 1); stdVars.aPkixErrorCode = PKIX_UNSUPPORTEDVERSIONOFHTTPCLIENT
; goto cleanup; };
15
Assuming 'pkixLoggersErrors' is null
16
Taking false branch
364 }
365
366cleanup:
367 /* Session and request cleanup in case of error. Passing through without cleanup
368 * if interrupted by blocked IO. */
369 if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars
.aPkixTempErrorReceived || stdVars.aPkixErrorList)) {
370 if (aiaMgr->client.hdata.requestSession != NULL((void*)0)) {
17
Assuming field 'requestSession' is not equal to NULL
18
Taking true branch
371 (*hcv1->freeFcn)(aiaMgr->client.hdata.requestSession);
19
Access to field 'freeFcn' results in a dereference of a null pointer (loaded from variable 'hcv1')
372 aiaMgr->client.hdata.requestSession = NULL((void*)0);
373 }
374 if (aiaMgr->client.hdata.serverSession != NULL((void*)0)) {
375 (*hcv1->freeSessionFcn)(aiaMgr->client.hdata.serverSession);
376 aiaMgr->client.hdata.serverSession = NULL((void*)0);
377 }
378 aiaMgr->client.hdata.httpClient = 0; /* callback fn */
379 }
380
381 PKIX_DECREF(location)do { if (location){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(location), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } location = ((void*
)0); } } while (0);
382 PKIX_DECREF(locationString)do { if (locationString){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(locationString), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } locationString
= ((void*)0); } } while (0);
383
384 if (locationAscii) {
385 PORT_FreePORT_Free_Util(locationAscii);
386 }
387 if (hostname) {
388 PORT_FreePORT_Free_Util(hostname);
389 }
390 if (path) {
391 PORT_FreePORT_Free_Util(path);
392 }
393
394 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
395}
396
397#ifndef NSS_PKIX_NO_LDAP
398PKIX_Error *
399pkix_pl_AIAMgr_GetLDAPCerts(
400 PKIX_PL_AIAMgr *aiaMgr,
401 PKIX_PL_InfoAccess *ia,
402 void **pNBIOContext,
403 PKIX_List **pCerts,
404 void *plContext)
405{
406 PKIX_List *result = NULL((void*)0);
407 PKIX_PL_GeneralName *location = NULL((void*)0);
408 PKIX_PL_LdapClient *client = NULL((void*)0);
409 LDAPRequestParams request;
410 PLArenaPool *arena = NULL((void*)0);
411 char *domainName = NULL((void*)0);
412 void *nbio = NULL((void*)0);
413
414 PKIX_ENTER(AIAMGR, "pkix_pl_AIAMgr_GetLDAPCerts")static const char cMyFuncName[] = {"pkix_pl_AIAMgr_GetLDAPCerts"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
415 PKIX_NULLCHECK_FOUR(aiaMgr, ia, pNBIOContext, pCerts)do { if (((aiaMgr) == ((void*)0)) || ((ia) == ((void*)0)) || (
(pNBIOContext) == ((void*)0)) || ((pCerts) == ((void*)0))){ stdVars
.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode
= PKIX_NULLARGUMENT; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR
), ((PKIX_Boolean) 1), plContext);; } } while (0);
416
417 nbio = *pNBIOContext;
418 *pNBIOContext = NULL((void*)0);
419 *pCerts = NULL((void*)0);
420
421 if (nbio == NULL((void*)0)) { /* a new request */
422
423 /* Initiate an LDAP request */
424
425 request.scope = WHOLE_SUBTREE;
426 request.derefAliases = NEVER_DEREF;
427 request.sizeLimit = 0;
428 request.timeLimit = 0;
429
430 PKIX_CHECK(PKIX_PL_InfoAccess_GetLocationdo { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONFAILED; goto
cleanup; } } while (0)
431 (ia, &location, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONFAILED; goto
cleanup; } } while (0)
432 PKIX_INFOACCESSGETLOCATIONFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocation
(ia, &location, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONFAILED; goto
cleanup; } } while (0);
433
434 /*
435 * Get a short-lived arena. We'll be done with
436 * this space once the request is encoded.
437 */
438 arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048));
439 if (!arena) {
440 PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode
= PKIX_OUTOFMEMORY; stdVars.aPkixErrorClass = PKIX_FATAL_ERROR
; { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors
, stdVars.aPkixErrorCode, ((void*)0), stdVars.aPkixType, 1, plContext
); } }; goto cleanup; };
441 }
442
443 PKIX_CHECK(pkix_pl_InfoAccess_ParseLocationdo { stdVars.aPkixErrorResult = (pkix_pl_InfoAccess_ParseLocation
(location, arena, &request, &domainName, plContext))
; if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_INFOACCESSPARSELOCATIONFAILED
; goto cleanup; } } while (0)
444 (location, arena, &request, &domainName, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_InfoAccess_ParseLocation
(location, arena, &request, &domainName, plContext))
; if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_INFOACCESSPARSELOCATIONFAILED
; goto cleanup; } } while (0)
445 PKIX_INFOACCESSPARSELOCATIONFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_InfoAccess_ParseLocation
(location, arena, &request, &domainName, plContext))
; if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars
.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_INFOACCESSPARSELOCATIONFAILED
; goto cleanup; } } while (0);
446
447 PKIX_DECREF(location)do { if (location){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(location), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } location = ((void*
)0); } } while (0);
448
449 /* Find or create a connection to LDAP server */
450 PKIX_CHECK(pkix_pl_AiaMgr_FindLDAPClientdo { stdVars.aPkixErrorResult = (pkix_pl_AiaMgr_FindLDAPClient
(aiaMgr, domainName, &client, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRFINDLDAPCLIENTFAILED; goto
cleanup; } } while (0)
451 (aiaMgr, domainName, &client, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_AiaMgr_FindLDAPClient
(aiaMgr, domainName, &client, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRFINDLDAPCLIENTFAILED; goto
cleanup; } } while (0)
452 PKIX_AIAMGRFINDLDAPCLIENTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_AiaMgr_FindLDAPClient
(aiaMgr, domainName, &client, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRFINDLDAPCLIENTFAILED; goto
cleanup; } } while (0);
453
454 aiaMgr->client.ldapClient = client;
455
456 PKIX_CHECK(PKIX_PL_LdapClient_InitiateRequestdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0)
457 (aiaMgr->client.ldapClient,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0)
458 &request,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0)
459 &nbio,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0)
460 &result,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0)
461 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0)
462 PKIX_LDAPCLIENTINITIATEREQUESTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest
(aiaMgr->client.ldapClient, &request, &nbio, &
result, plContext)); if (stdVars.aPkixErrorResult) { stdVars.
aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED; goto cleanup
; } } while (0);
463
464 PKIX_PL_NSSCALL(AIAMGR, PORT_FreeArena, (arena, PR_FALSE)); (PORT_FreeArena_Util (arena, 0));
465
466 } else {
467
468 PKIX_CHECK(PKIX_PL_LdapClient_ResumeRequestdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest
(aiaMgr->client.ldapClient, &nbio, &result, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while
(0)
469 (aiaMgr->client.ldapClient, &nbio, &result, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest
(aiaMgr->client.ldapClient, &nbio, &result, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while
(0)
470 PKIX_LDAPCLIENTRESUMEREQUESTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest
(aiaMgr->client.ldapClient, &nbio, &result, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while
(0);
471
472 }
473
474 if (nbio != NULL((void*)0)) { /* WOULDBLOCK */
475 *pNBIOContext = nbio;
476 *pCerts = NULL((void*)0);
477 goto cleanup;
478 }
479
480 PKIX_DECREF(aiaMgr->client.ldapClient)do { if (aiaMgr->client.ldapClient){ stdVars.aPkixTempResult
= PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(aiaMgr->client
.ldapClient), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError
(&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult
= ((void*)0); } aiaMgr->client.ldapClient = ((void*)0); }
} while (0);
481
482 if (result == NULL((void*)0)) {
483 *pCerts = NULL((void*)0);
484 } else {
485 PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList
(result, pCerts, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED
; goto cleanup; } } while (0)
486 (result, pCerts, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList
(result, pCerts, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED
; goto cleanup; } } while (0)
487 PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList
(result, pCerts, plContext)); if (stdVars.aPkixErrorResult) {
stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED
; goto cleanup; } } while (0);
488 }
489
490 *pNBIOContext = nbio;
491
492cleanup:
493
494 if (arena && (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars
.aPkixTempErrorReceived || stdVars.aPkixErrorList))) {
495 PKIX_PL_NSSCALL(AIAMGR, PORT_FreeArena, (arena, PR_FALSE)); (PORT_FreeArena_Util (arena, 0));
496 }
497
498 if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars
.aPkixTempErrorReceived || stdVars.aPkixErrorList)) {
499 PKIX_DECREF(aiaMgr->client.ldapClient)do { if (aiaMgr->client.ldapClient){ stdVars.aPkixTempResult
= PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(aiaMgr->client
.ldapClient), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError
(&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult
= ((void*)0); } aiaMgr->client.ldapClient = ((void*)0); }
} while (0);
500 }
501
502 PKIX_DECREF(location)do { if (location){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(location), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } location = ((void*
)0); } } while (0);
503
504 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
505}
506#endif /* !NSS_PKIX_NO_LDAP */
507
508/*
509 * FUNCTION: PKIX_PL_AIAMgr_Create
510 * DESCRIPTION:
511 *
512 * This function creates an AIAMgr, storing the result at "pAIAMgr".
513 *
514 * PARAMETERS:
515 * "pAIAMGR"
516 * Address at which the returned AIAMgr is stored. Must be non-NULL.
517 * "plContext"
518 * Platform-specific context pointer.
519 * THREAD SAFETY:
520 * Thread Safe (see Thread Safety Definitions in Programmer's Guide)
521 * RETURNS:
522 * Returns NULL if the function succeeds.
523 * Returns an AIAMgr Error if the function fails in a non-fatal way
524 * Returns a Fatal Error if the function fails in an unrecoverable way.
525 */
526PKIX_Error *
527PKIX_PL_AIAMgr_Create(
528 PKIX_PL_AIAMgr **pAIAMgr,
529 void *plContext)
530{
531 PKIX_PL_AIAMgr *aiaMgr = NULL((void*)0);
532
533 PKIX_ENTER(AIAMGR, "PKIX_PL_AIAMgr_Create")static const char cMyFuncName[] = {"PKIX_PL_AIAMgr_Create"}; PKIX_StdVars
stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName; stdVars
.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
534 PKIX_NULLCHECK_ONE(pAIAMgr)do { if ((pAIAMgr) == ((void*)0)){ stdVars.aPkixErrorReceived
= ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT
; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean
) 1), plContext);; } } while (0);
535
536 PKIX_CHECK(PKIX_PL_Object_Allocdo { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_AIAMGR_TYPE
, sizeof(PKIX_PL_AIAMgr), (PKIX_PL_Object **)&aiaMgr, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEAIAMGROBJECT; goto cleanup; } } while (
0)
537 (PKIX_AIAMGR_TYPE,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_AIAMGR_TYPE
, sizeof(PKIX_PL_AIAMgr), (PKIX_PL_Object **)&aiaMgr, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEAIAMGROBJECT; goto cleanup; } } while (
0)
538 sizeof(PKIX_PL_AIAMgr),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_AIAMGR_TYPE
, sizeof(PKIX_PL_AIAMgr), (PKIX_PL_Object **)&aiaMgr, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEAIAMGROBJECT; goto cleanup; } } while (
0)
539 (PKIX_PL_Object **)&aiaMgr,do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_AIAMGR_TYPE
, sizeof(PKIX_PL_AIAMgr), (PKIX_PL_Object **)&aiaMgr, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEAIAMGROBJECT; goto cleanup; } } while (
0)
540 plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_AIAMGR_TYPE
, sizeof(PKIX_PL_AIAMgr), (PKIX_PL_Object **)&aiaMgr, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEAIAMGROBJECT; goto cleanup; } } while (
0)
541 PKIX_COULDNOTCREATEAIAMGROBJECT)do { stdVars.aPkixErrorResult = (PKIX_PL_Object_Alloc (PKIX_AIAMGR_TYPE
, sizeof(PKIX_PL_AIAMgr), (PKIX_PL_Object **)&aiaMgr, plContext
)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass =
stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode
= PKIX_COULDNOTCREATEAIAMGROBJECT; goto cleanup; } } while (
0);
542 /* pointer to cert cache */
543 /* pointer to crl cache */
544 aiaMgr->method = 0;
545 aiaMgr->aiaIndex = 0;
546 aiaMgr->numAias = 0;
547 aiaMgr->aia = NULL((void*)0);
548 aiaMgr->location = NULL((void*)0);
549 aiaMgr->results = NULL((void*)0);
550 aiaMgr->client.hdata.httpClient = NULL((void*)0);
551 aiaMgr->client.hdata.serverSession = NULL((void*)0);
552 aiaMgr->client.hdata.requestSession = NULL((void*)0);
553
554 *pAIAMgr = aiaMgr;
555
556cleanup:
557
558 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
559}
560
561/* --Public-Functions------------------------------------------------------- */
562
563/*
564 * FUNCTION: PKIX_PL_AIAMgr_GetAIACerts (see description in pkix_pl_pki.h)
565 */
566PKIX_Error *
567PKIX_PL_AIAMgr_GetAIACerts(
568 PKIX_PL_AIAMgr *aiaMgr,
569 PKIX_PL_Cert *prevCert,
570 void **pNBIOContext,
571 PKIX_List **pCerts,
572 void *plContext)
573{
574 PKIX_UInt32 numAias = 0;
575 PKIX_UInt32 aiaIndex = 0;
576 PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN0;
577 PKIX_List *certs = NULL((void*)0);
578 PKIX_PL_InfoAccess *ia = NULL((void*)0);
579 void *nbio = NULL((void*)0);
580
581 PKIX_ENTER(AIAMGR, "PKIX_PL_AIAMgr_GetAIACerts")static const char cMyFuncName[] = {"PKIX_PL_AIAMgr_GetAIACerts"
}; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName
; stdVars.aPkixType = PKIX_AIAMGR_ERROR; ; do { if (pkixLoggersDebugTrace
) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName
, ">>>", stdVars.aPkixType, 5, plContext); } } while
(0);;
582 PKIX_NULLCHECK_FOUR(aiaMgr, prevCert, pNBIOContext, pCerts)do { if (((aiaMgr) == ((void*)0)) || ((prevCert) == ((void*)0
)) || ((pNBIOContext) == ((void*)0)) || ((pCerts) == ((void*)
0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars
.aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(&
stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);;
} } while (0);
583
584 nbio = *pNBIOContext;
585 *pCerts = NULL((void*)0);
586 *pNBIOContext = NULL((void*)0);
587
588 if (nbio == NULL((void*)0)) { /* a new request */
589
590 /* Does this Cert have an AIA extension? */
591 PKIX_CHECK(PKIX_PL_Cert_GetAuthorityInfoAccessdo { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetAuthorityInfoAccess
(prevCert, &aiaMgr->aia, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETAUTHORITYINFOACCESSFAILED
; goto cleanup; } } while (0)
592 (prevCert, &aiaMgr->aia, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetAuthorityInfoAccess
(prevCert, &aiaMgr->aia, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETAUTHORITYINFOACCESSFAILED
; goto cleanup; } } while (0)
593 PKIX_CERTGETAUTHORITYINFOACCESSFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_Cert_GetAuthorityInfoAccess
(prevCert, &aiaMgr->aia, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_CERTGETAUTHORITYINFOACCESSFAILED
; goto cleanup; } } while (0);
594
595 if (aiaMgr->aia != NULL((void*)0)) {
596 PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (aiaMgr->
aia, &numAias, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0)
597 (aiaMgr->aia, &numAias, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (aiaMgr->
aia, &numAias, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0)
598 PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (aiaMgr->
aia, &numAias, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup
; } } while (0);
599 }
600
601 /* And if so, does it have any entries? */
602 if ((aiaMgr->aia == NULL((void*)0)) || (numAias == 0)) {
603 *pCerts = NULL((void*)0);
604 goto cleanup;
605 }
606
607 aiaMgr->aiaIndex = 0;
608 aiaMgr->numAias = numAias;
609 aiaMgr->results = NULL((void*)0);
610
611 }
612
613 for (aiaIndex = aiaMgr->aiaIndex;
614 aiaIndex < aiaMgr->numAias;
615 aiaIndex ++) {
616 PKIX_UInt32 method = 0;
617
618 PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (aiaMgr->
aia, aiaIndex, (PKIX_PL_Object **)&ia, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
619 (aiaMgr->aia,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (aiaMgr->
aia, aiaIndex, (PKIX_PL_Object **)&ia, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
620 aiaIndex,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (aiaMgr->
aia, aiaIndex, (PKIX_PL_Object **)&ia, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
621 (PKIX_PL_Object **)&ia,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (aiaMgr->
aia, aiaIndex, (PKIX_PL_Object **)&ia, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
622 plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (aiaMgr->
aia, aiaIndex, (PKIX_PL_Object **)&ia, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0)
623 PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (aiaMgr->
aia, aiaIndex, (PKIX_PL_Object **)&ia, plContext)); if (stdVars
.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult
->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED
; goto cleanup; } } while (0);
624
625 PKIX_CHECK(PKIX_PL_InfoAccess_GetMethoddo { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetMethod
(ia, &method, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETMETHODFAILED; goto
cleanup; } } while (0)
626 (ia, &method, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetMethod
(ia, &method, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETMETHODFAILED; goto
cleanup; } } while (0)
627 PKIX_INFOACCESSGETMETHODFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetMethod
(ia, &method, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETMETHODFAILED; goto
cleanup; } } while (0);
628
629 if (method != PKIX_INFOACCESS_CA_ISSUERS2 &&
630 method != PKIX_INFOACCESS_CA_REPOSITORY5) {
631 PKIX_DECREF(ia)do { if (ia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(ia), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } ia = ((void*)0); }
} while (0);
632 continue;
633 }
634
635 PKIX_CHECK(PKIX_PL_InfoAccess_GetLocationTypedo { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocationType
(ia, &iaType, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONTYPEFAILED
; goto cleanup; } } while (0)
636 (ia, &iaType, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocationType
(ia, &iaType, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONTYPEFAILED
; goto cleanup; } } while (0)
637 PKIX_INFOACCESSGETLOCATIONTYPEFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_InfoAccess_GetLocationType
(ia, &iaType, plContext)); if (stdVars.aPkixErrorResult)
{ stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_INFOACCESSGETLOCATIONTYPEFAILED
; goto cleanup; } } while (0);
638
639 if (iaType == PKIX_INFOACCESS_LOCATION_HTTP1) {
640 PKIX_CHECK(pkix_pl_AIAMgr_GetHTTPCertsdo { stdVars.aPkixErrorResult = (pkix_pl_AIAMgr_GetHTTPCerts (
aiaMgr, ia, &nbio, &certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRGETHTTPCERTSFAILED; goto
cleanup; } } while (0)
641 (aiaMgr, ia, &nbio, &certs, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_AIAMgr_GetHTTPCerts (
aiaMgr, ia, &nbio, &certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRGETHTTPCERTSFAILED; goto
cleanup; } } while (0)
642 PKIX_AIAMGRGETHTTPCERTSFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_AIAMgr_GetHTTPCerts (
aiaMgr, ia, &nbio, &certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRGETHTTPCERTSFAILED; goto
cleanup; } } while (0);
643#ifndef NSS_PKIX_NO_LDAP
644 } else if (iaType == PKIX_INFOACCESS_LOCATION_LDAP2) {
645 PKIX_CHECK(pkix_pl_AIAMgr_GetLDAPCertsdo { stdVars.aPkixErrorResult = (pkix_pl_AIAMgr_GetLDAPCerts (
aiaMgr, ia, &nbio, &certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRGETLDAPCERTSFAILED; goto
cleanup; } } while (0)
646 (aiaMgr, ia, &nbio, &certs, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_AIAMgr_GetLDAPCerts (
aiaMgr, ia, &nbio, &certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRGETLDAPCERTSFAILED; goto
cleanup; } } while (0)
647 PKIX_AIAMGRGETLDAPCERTSFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_AIAMgr_GetLDAPCerts (
aiaMgr, ia, &nbio, &certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_AIAMGRGETLDAPCERTSFAILED; goto
cleanup; } } while (0);
648#endif
649 } else {
650 /* We only support http and ldap requests. */
651 PKIX_DECREF(ia)do { if (ia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(ia), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } ia = ((void*)0); }
} while (0);
652 continue;
653 }
654
655 if (nbio != NULL((void*)0)) { /* WOULDBLOCK */
656 aiaMgr->aiaIndex = aiaIndex;
657 *pNBIOContext = nbio;
658 *pCerts = NULL((void*)0);
659 goto cleanup;
660 }
661
662 /*
663 * We can't just use and modify the List we received.
664 * Because it's cached, it's set immutable.
665 */
666 if (aiaMgr->results == NULL((void*)0)) {
667 PKIX_CHECK(PKIX_List_Createdo { stdVars.aPkixErrorResult = (PKIX_List_Create (&(aiaMgr
->results), plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while
(0)
668 (&(aiaMgr->results), plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create (&(aiaMgr
->results), plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while
(0)
669 PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create (&(aiaMgr
->results), plContext)); if (stdVars.aPkixErrorResult) { stdVars
.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars
.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while
(0);
670 }
671 PKIX_CHECK(pkix_List_AppendListdo { stdVars.aPkixErrorResult = (pkix_List_AppendList (aiaMgr
->results, certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_APPENDLISTFAILED; goto cleanup
; } } while (0)
672 (aiaMgr->results, certs, plContext),do { stdVars.aPkixErrorResult = (pkix_List_AppendList (aiaMgr
->results, certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_APPENDLISTFAILED; goto cleanup
; } } while (0)
673 PKIX_APPENDLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_List_AppendList (aiaMgr
->results, certs, plContext)); if (stdVars.aPkixErrorResult
) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass
; stdVars.aPkixErrorCode = PKIX_APPENDLISTFAILED; goto cleanup
; } } while (0);
674 PKIX_DECREF(certs)do { if (certs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(certs), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } certs = ((void*)0)
; } } while (0);
675
676 PKIX_DECREF(ia)do { if (ia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(ia), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } ia = ((void*)0); }
} while (0);
677 }
678
679 PKIX_DECREF(aiaMgr->aia)do { if (aiaMgr->aia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(aiaMgr->aia), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } aiaMgr->
aia = ((void*)0); } } while (0);
680
681 *pNBIOContext = NULL((void*)0);
682 *pCerts = aiaMgr->results;
683 aiaMgr->results = NULL((void*)0);
684
685cleanup:
686
687 if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars
.aPkixTempErrorReceived || stdVars.aPkixErrorList)) {
688 PKIX_DECREF(aiaMgr->aia)do { if (aiaMgr->aia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(aiaMgr->aia), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } aiaMgr->
aia = ((void*)0); } } while (0);
689 PKIX_DECREF(aiaMgr->results)do { if (aiaMgr->results){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(aiaMgr->results), plContext); if (stdVars
.aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult
, plContext); stdVars.aPkixTempResult = ((void*)0); } aiaMgr->
results = ((void*)0); } } while (0);
690#ifndef NSS_PKIX_NO_LDAP
691 PKIX_DECREF(aiaMgr->client.ldapClient)do { if (aiaMgr->client.ldapClient){ stdVars.aPkixTempResult
= PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(aiaMgr->client
.ldapClient), plContext); if (stdVars.aPkixTempResult) { PKIX_DoAddError
(&stdVars, stdVars.aPkixTempResult, plContext); stdVars.aPkixTempResult
= ((void*)0); } aiaMgr->client.ldapClient = ((void*)0); }
} while (0);
692#endif
693 }
694
695 PKIX_DECREF(certs)do { if (certs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(certs), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } certs = ((void*)0)
; } } while (0);
696 PKIX_DECREF(ia)do { if (ia){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef
((PKIX_PL_Object *)(ia), plContext); if (stdVars.aPkixTempResult
) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext
); stdVars.aPkixTempResult = ((void*)0); } ia = ((void*)0); }
} while (0);
697
698 PKIX_RETURN(AIAMGR)return PKIX_DoReturn(&stdVars, (PKIX_AIAMGR_ERROR), ((PKIX_Boolean
) 1), plContext);;
699}