File: | s/lib/libpkix/pkix_pl_nss/module/pkix_pl_ldapcertstore.c |
Warning: | line 899, column 29 Dereference of undefined pointer value (loaded from field 'nc') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public | |||
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
4 | /* | |||
5 | * pkix_pl_ldapcertstore.c | |||
6 | * | |||
7 | * LDAPCertStore Function Definitions | |||
8 | * | |||
9 | */ | |||
10 | ||||
11 | /* We can't decode the length of a message without at least this many bytes */ | |||
12 | #define MINIMUM_MSG_LENGTH5 5 | |||
13 | ||||
14 | #include "pkix_pl_ldapcertstore.h" | |||
15 | ||||
16 | /* --Private-Ldap-CertStore-Database-Functions----------------------- */ | |||
17 | ||||
18 | /* | |||
19 | * FUNCTION: pkix_pl_LdapCertStore_DecodeCrossCertPair | |||
20 | * DESCRIPTION: | |||
21 | * | |||
22 | * This function decodes a DER-encoded CrossCertPair pointed to by | |||
23 | * "responseList" and extracts and decodes the Certificates in that pair, | |||
24 | * adding the resulting Certs, if the decoding was successful, to the List | |||
25 | * (possibly empty) pointed to by "certList". If none of the objects | |||
26 | * can be decoded into a Cert, the List is returned unchanged. | |||
27 | * | |||
28 | * PARAMETERS: | |||
29 | * "derCCPItem" | |||
30 | * The address of the SECItem containing the DER representation of the | |||
31 | * CrossCertPair. Must be non-NULL. | |||
32 | * "certList" | |||
33 | * The address of the List to which the decoded Certs are added. May be | |||
34 | * empty, but must be non-NULL. | |||
35 | * "plContext" | |||
36 | * Platform-specific context pointer. | |||
37 | * THREAD SAFETY: | |||
38 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
39 | * RETURNS: | |||
40 | * Returns NULL if the function succeeds. | |||
41 | * Returns a CertStore Error if the function fails in a non-fatal way. | |||
42 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
43 | */ | |||
44 | PKIX_Error * | |||
45 | pkix_pl_LdapCertStore_DecodeCrossCertPair( | |||
46 | SECItem *derCCPItem, | |||
47 | PKIX_List *certList, | |||
48 | void *plContext) | |||
49 | { | |||
50 | LDAPCertPair certPair = {{ siBuffer, NULL((void*)0), 0 }, { siBuffer, NULL((void*)0), 0 }}; | |||
51 | SECStatus rv = SECFailure; | |||
52 | ||||
53 | PLArenaPool *tempArena = NULL((void*)0); | |||
54 | ||||
55 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_DecodeCrossCertPair")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_DecodeCrossCertPair" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
56 | PKIX_NULLCHECK_TWO(derCCPItem, certList)do { if (((derCCPItem) == ((void*)0)) || ((certList) == ((void *)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
57 | ||||
58 | tempArena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); | |||
59 | if (!tempArena) { | |||
60 | PKIX_ERROR(PKIX_OUTOFMEMORY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_OUTOFMEMORY, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_OUTOFMEMORY; goto cleanup; }; | |||
61 | } | |||
62 | ||||
63 | rv = SEC_ASN1DecodeItemSEC_ASN1DecodeItem_Util(tempArena, &certPair, PKIX_PL_LDAPCrossCertPairTemplate, | |||
64 | derCCPItem); | |||
65 | if (rv != SECSuccess) { | |||
66 | goto cleanup; | |||
67 | } | |||
68 | ||||
69 | if (certPair.forward.data != NULL((void*)0)) { | |||
70 | ||||
71 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.forward, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0) | |||
72 | pkix_pl_Cert_CreateToList(&certPair.forward, certList,do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.forward, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0) | |||
73 | plContext),do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.forward, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0) | |||
74 | PKIX_CERTCREATETOLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.forward, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0); | |||
75 | } | |||
76 | ||||
77 | if (certPair.reverse.data != NULL((void*)0)) { | |||
78 | ||||
79 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.reverse, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0) | |||
80 | pkix_pl_Cert_CreateToList(&certPair.reverse, certList,do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.reverse, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0) | |||
81 | plContext),do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.reverse, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0) | |||
82 | PKIX_CERTCREATETOLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList(& certPair.reverse, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup ; } } while (0); | |||
83 | } | |||
84 | ||||
85 | cleanup: | |||
86 | if (tempArena) { | |||
87 | PORT_FreeArenaPORT_FreeArena_Util(tempArena, PR_FALSE0); | |||
88 | } | |||
89 | ||||
90 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
91 | } | |||
92 | ||||
93 | /* | |||
94 | * FUNCTION: pkix_pl_LdapCertStore_BuildCertList | |||
95 | * DESCRIPTION: | |||
96 | * | |||
97 | * This function takes a List of LdapResponse objects pointed to by | |||
98 | * "responseList" and extracts and decodes the Certificates in those responses, | |||
99 | * storing the List of those Certificates at "pCerts". If none of the objects | |||
100 | * can be decoded into a Cert, the returned List is empty. | |||
101 | * | |||
102 | * PARAMETERS: | |||
103 | * "responseList" | |||
104 | * The address of the List of LdapResponses. Must be non-NULL. | |||
105 | * "pCerts" | |||
106 | * The address at which the result is stored. Must be non-NULL. | |||
107 | * "plContext" | |||
108 | * Platform-specific context pointer. | |||
109 | * THREAD SAFETY: | |||
110 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
111 | * RETURNS: | |||
112 | * Returns NULL if the function succeeds. | |||
113 | * Returns a CertStore Error if the function fails in a non-fatal way. | |||
114 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
115 | */ | |||
116 | PKIX_Error * | |||
117 | pkix_pl_LdapCertStore_BuildCertList( | |||
118 | PKIX_List *responseList, | |||
119 | PKIX_List **pCerts, | |||
120 | void *plContext) | |||
121 | { | |||
122 | PKIX_UInt32 numResponses = 0; | |||
123 | PKIX_UInt32 respIx = 0; | |||
124 | LdapAttrMask attrBits = 0; | |||
125 | PKIX_PL_LdapResponse *response = NULL((void*)0); | |||
126 | PKIX_List *certList = NULL((void*)0); | |||
127 | LDAPMessage *message = NULL((void*)0); | |||
128 | LDAPSearchResponseEntry *sre = NULL((void*)0); | |||
129 | LDAPSearchResponseAttr **sreAttrArray = NULL((void*)0); | |||
130 | LDAPSearchResponseAttr *sreAttr = NULL((void*)0); | |||
131 | SECItem *attrType = NULL((void*)0); | |||
132 | SECItem **attrVal = NULL((void*)0); | |||
133 | SECItem *derCertItem = NULL((void*)0); | |||
134 | ||||
135 | ||||
136 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_BuildCertList")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_BuildCertList" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
137 | PKIX_NULLCHECK_TWO(responseList, pCerts)do { if (((responseList) == ((void*)0)) || ((pCerts) == ((void *)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
138 | ||||
139 | PKIX_CHECK(PKIX_List_Create(&certList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&certList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
140 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&certList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
141 | ||||
142 | /* extract certs from response */ | |||
143 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (responseList , &numResponses, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
144 | (responseList, &numResponses, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (responseList , &numResponses, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
145 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (responseList , &numResponses, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
146 | ||||
147 | for (respIx = 0; respIx < numResponses; respIx++) { | |||
148 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
149 | (responseList,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
150 | respIx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
151 | (PKIX_PL_Object **)&response,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
152 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
153 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
154 | ||||
155 | PKIX_CHECK(pkix_pl_LdapResponse_GetMessagedo { stdVars.aPkixErrorResult = (pkix_pl_LdapResponse_GetMessage (response, &message, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPRESPONSEGETMESSAGEFAILED; goto cleanup; } } while (0) | |||
156 | (response, &message, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapResponse_GetMessage (response, &message, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPRESPONSEGETMESSAGEFAILED; goto cleanup; } } while (0) | |||
157 | PKIX_LDAPRESPONSEGETMESSAGEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapResponse_GetMessage (response, &message, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPRESPONSEGETMESSAGEFAILED; goto cleanup; } } while (0); | |||
158 | ||||
159 | sre = &(message->protocolOp.op.searchResponseEntryMsg); | |||
160 | sreAttrArray = sre->attributes; | |||
161 | ||||
162 | /* Get next element of null-terminated array */ | |||
163 | sreAttr = *sreAttrArray++; | |||
164 | while (sreAttr != NULL((void*)0)) { | |||
165 | attrType = &(sreAttr->attrType); | |||
166 | PKIX_CHECK(pkix_pl_LdapRequest_AttrTypeToBitdo { stdVars.aPkixErrorResult = (pkix_pl_LdapRequest_AttrTypeToBit (attrType, &attrBits, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPREQUESTATTRTYPETOBITFAILED ; goto cleanup; } } while (0) | |||
167 | (attrType, &attrBits, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapRequest_AttrTypeToBit (attrType, &attrBits, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPREQUESTATTRTYPETOBITFAILED ; goto cleanup; } } while (0) | |||
168 | PKIX_LDAPREQUESTATTRTYPETOBITFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapRequest_AttrTypeToBit (attrType, &attrBits, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPREQUESTATTRTYPETOBITFAILED ; goto cleanup; } } while (0); | |||
169 | /* Is this attrVal a Certificate? */ | |||
170 | if (((LDAPATTR_CACERT(1<<0) | LDAPATTR_USERCERT(1<<1)) & | |||
171 | attrBits) == attrBits) { | |||
172 | attrVal = sreAttr->val; | |||
173 | derCertItem = *attrVal++; | |||
174 | while (derCertItem != 0) { | |||
175 | /* create a PKIX_PL_Cert from derCert */ | |||
176 | PKIX_CHECK(pkix_pl_Cert_CreateToListdo { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList (derCertItem , certList, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup; } } while (0) | |||
177 | (derCertItem, certList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList (derCertItem , certList, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup; } } while (0) | |||
178 | PKIX_CERTCREATETOLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_Cert_CreateToList (derCertItem , certList, plContext)); if (stdVars.aPkixErrorResult) { stdVars .aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars .aPkixErrorCode = PKIX_CERTCREATETOLISTFAILED; goto cleanup; } } while (0); | |||
179 | derCertItem = *attrVal++; | |||
180 | } | |||
181 | } else if ((LDAPATTR_CROSSPAIRCERT(1<<2) & attrBits) == attrBits){ | |||
182 | /* Is this attrVal a CrossPairCertificate? */ | |||
183 | attrVal = sreAttr->val; | |||
184 | derCertItem = *attrVal++; | |||
185 | while (derCertItem != 0) { | |||
186 | /* create PKIX_PL_Certs from derCert */ | |||
187 | PKIX_CHECK(pkix_pl_LdapCertStore_DecodeCrossCertPairdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DecodeCrossCertPair (derCertItem, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDECODECROSSCERTPAIRFAILED ; goto cleanup; } } while (0) | |||
188 | (derCertItem, certList, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DecodeCrossCertPair (derCertItem, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDECODECROSSCERTPAIRFAILED ; goto cleanup; } } while (0) | |||
189 | PKIX_LDAPCERTSTOREDECODECROSSCERTPAIRFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DecodeCrossCertPair (derCertItem, certList, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDECODECROSSCERTPAIRFAILED ; goto cleanup; } } while (0); | |||
190 | derCertItem = *attrVal++; | |||
191 | } | |||
192 | } | |||
193 | sreAttr = *sreAttrArray++; | |||
194 | } | |||
195 | PKIX_DECREF(response)do { if (response){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(response), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } response = ((void* )0); } } while (0); | |||
196 | } | |||
197 | ||||
198 | *pCerts = certList; | |||
199 | ||||
200 | cleanup: | |||
201 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)) { | |||
202 | PKIX_DECREF(certList)do { if (certList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(certList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } certList = ((void* )0); } } while (0); | |||
203 | } | |||
204 | ||||
205 | PKIX_DECREF(response)do { if (response){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(response), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } response = ((void* )0); } } while (0); | |||
206 | ||||
207 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
208 | } | |||
209 | ||||
210 | /* | |||
211 | * FUNCTION: pkix_pl_LdapCertStore_BuildCrlList | |||
212 | * DESCRIPTION: | |||
213 | * | |||
214 | * This function takes a List of LdapResponse objects pointed to by | |||
215 | * "responseList" and extracts and decodes the CRLs in those responses, storing | |||
216 | * the List of those CRLs at "pCrls". If none of the objects can be decoded | |||
217 | * into a CRL, the returned List is empty. | |||
218 | * | |||
219 | * PARAMETERS: | |||
220 | * "responseList" | |||
221 | * The address of the List of LdapResponses. Must be non-NULL. | |||
222 | * "pCrls" | |||
223 | * The address at which the result is stored. Must be non-NULL. | |||
224 | * "plContext" | |||
225 | * Platform-specific context pointer. | |||
226 | * THREAD SAFETY: | |||
227 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
228 | * RETURNS: | |||
229 | * Returns NULL if the function succeeds. | |||
230 | * Returns a CertStore Error if the function fails in a non-fatal way. | |||
231 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
232 | */ | |||
233 | PKIX_Error * | |||
234 | pkix_pl_LdapCertStore_BuildCrlList( | |||
235 | PKIX_List *responseList, | |||
236 | PKIX_List **pCrls, | |||
237 | void *plContext) | |||
238 | { | |||
239 | PKIX_UInt32 numResponses = 0; | |||
240 | PKIX_UInt32 respIx = 0; | |||
241 | LdapAttrMask attrBits = 0; | |||
242 | CERTSignedCrl *nssCrl = NULL((void*)0); | |||
243 | PKIX_PL_LdapResponse *response = NULL((void*)0); | |||
244 | PKIX_List *crlList = NULL((void*)0); | |||
245 | PKIX_PL_CRL *crl = NULL((void*)0); | |||
246 | LDAPMessage *message = NULL((void*)0); | |||
247 | LDAPSearchResponseEntry *sre = NULL((void*)0); | |||
248 | LDAPSearchResponseAttr **sreAttrArray = NULL((void*)0); | |||
249 | LDAPSearchResponseAttr *sreAttr = NULL((void*)0); | |||
250 | SECItem *attrType = NULL((void*)0); | |||
251 | SECItem **attrVal = NULL((void*)0); | |||
252 | SECItem *derCrlCopy = NULL((void*)0); | |||
253 | SECItem *derCrlItem = NULL((void*)0); | |||
254 | ||||
255 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_BuildCrlList")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_BuildCrlList" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
256 | PKIX_NULLCHECK_TWO(responseList, pCrls)do { if (((responseList) == ((void*)0)) || ((pCrls) == ((void *)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
257 | ||||
258 | PKIX_CHECK(PKIX_List_Create(&crlList, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&crlList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
259 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&crlList , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
260 | ||||
261 | /* extract crls from response */ | |||
262 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (responseList , &numResponses, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
263 | (responseList, &numResponses, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (responseList , &numResponses, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
264 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (responseList , &numResponses, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
265 | ||||
266 | for (respIx = 0; respIx < numResponses; respIx++) { | |||
267 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
268 | (responseList,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
269 | respIx,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
270 | (PKIX_PL_Object **)&response,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
271 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
272 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (responseList , respIx, (PKIX_PL_Object **)&response, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
273 | ||||
274 | PKIX_CHECK(pkix_pl_LdapResponse_GetMessagedo { stdVars.aPkixErrorResult = (pkix_pl_LdapResponse_GetMessage (response, &message, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPRESPONSEGETMESSAGEFAILED; goto cleanup; } } while (0) | |||
275 | (response, &message, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapResponse_GetMessage (response, &message, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPRESPONSEGETMESSAGEFAILED; goto cleanup; } } while (0) | |||
276 | PKIX_LDAPRESPONSEGETMESSAGEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapResponse_GetMessage (response, &message, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPRESPONSEGETMESSAGEFAILED; goto cleanup; } } while (0); | |||
277 | ||||
278 | sre = &(message->protocolOp.op.searchResponseEntryMsg); | |||
279 | sreAttrArray = sre->attributes; | |||
280 | ||||
281 | /* Get next element of null-terminated array */ | |||
282 | sreAttr = *sreAttrArray++; | |||
283 | while (sreAttr != NULL((void*)0)) { | |||
284 | attrType = &(sreAttr->attrType); | |||
285 | PKIX_CHECK(pkix_pl_LdapRequest_AttrTypeToBitdo { stdVars.aPkixErrorResult = (pkix_pl_LdapRequest_AttrTypeToBit (attrType, &attrBits, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPREQUESTATTRTYPETOBITFAILED ; goto cleanup; } } while (0) | |||
286 | (attrType, &attrBits, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapRequest_AttrTypeToBit (attrType, &attrBits, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPREQUESTATTRTYPETOBITFAILED ; goto cleanup; } } while (0) | |||
287 | PKIX_LDAPREQUESTATTRTYPETOBITFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapRequest_AttrTypeToBit (attrType, &attrBits, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPREQUESTATTRTYPETOBITFAILED ; goto cleanup; } } while (0); | |||
288 | /* Is this attrVal a Revocation List? */ | |||
289 | if (((LDAPATTR_CERTREVLIST(1<<3) | LDAPATTR_AUTHREVLIST(1<<4)) & | |||
290 | attrBits) == attrBits) { | |||
291 | attrVal = sreAttr->val; | |||
292 | derCrlItem = *attrVal++; | |||
293 | while (derCrlItem != 0) { | |||
294 | /* create a PKIX_PL_Crl from derCrl */ | |||
295 | derCrlCopy = SECITEM_DupItemSECITEM_DupItem_Util(derCrlItem); | |||
296 | if (!derCrlCopy) { | |||
297 | PKIX_ERROR(PKIX_ALLOCERROR){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_ALLOCERROR, ((void*)0), stdVars.aPkixType, 2, plContext ); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_ALLOCERROR; goto cleanup; }; | |||
298 | } | |||
299 | /* crl will be based on derCrlCopy, but wont | |||
300 | * own the der. */ | |||
301 | nssCrl = | |||
302 | CERT_DecodeDERCrlWithFlags(NULL((void*)0), derCrlCopy, | |||
303 | SEC_CRL_TYPE1, | |||
304 | CRL_DECODE_DONT_COPY_DER0x00000001 | | |||
305 | CRL_DECODE_SKIP_ENTRIES0x00000002); | |||
306 | if (!nssCrl) { | |||
307 | SECITEM_FreeItemSECITEM_FreeItem_Util(derCrlCopy, PKIX_TRUE((PKIX_Boolean) 1)); | |||
308 | continue; | |||
309 | } | |||
310 | /* pkix crl own the der. */ | |||
311 | PKIX_CHECK(do { stdVars.aPkixErrorResult = (pkix_pl_CRL_CreateWithSignedCRL (nssCrl, derCrlCopy, ((void*)0), &crl, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLCREATEWITHSIGNEDCRLFAILED ; goto cleanup; } } while (0) | |||
312 | pkix_pl_CRL_CreateWithSignedCRL(nssCrl,do { stdVars.aPkixErrorResult = (pkix_pl_CRL_CreateWithSignedCRL (nssCrl, derCrlCopy, ((void*)0), &crl, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLCREATEWITHSIGNEDCRLFAILED ; goto cleanup; } } while (0) | |||
313 | derCrlCopy, NULL, &crl, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_CRL_CreateWithSignedCRL (nssCrl, derCrlCopy, ((void*)0), &crl, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLCREATEWITHSIGNEDCRLFAILED ; goto cleanup; } } while (0) | |||
314 | PKIX_CRLCREATEWITHSIGNEDCRLFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_CRL_CreateWithSignedCRL (nssCrl, derCrlCopy, ((void*)0), &crl, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLCREATEWITHSIGNEDCRLFAILED ; goto cleanup; } } while (0); | |||
315 | /* Left control over memory pointed by derCrlCopy and | |||
316 | * nssCrl to pkix crl. */ | |||
317 | derCrlCopy = NULL((void*)0); | |||
318 | nssCrl = NULL((void*)0); | |||
319 | PKIX_CHECK(PKIX_List_AppendItemdo { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (crlList , (PKIX_PL_Object *) crl, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
320 | (crlList, (PKIX_PL_Object *) crl, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (crlList , (PKIX_PL_Object *) crl, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0) | |||
321 | PKIX_LISTAPPENDITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_AppendItem (crlList , (PKIX_PL_Object *) crl, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTAPPENDITEMFAILED; goto cleanup ; } } while (0); | |||
322 | PKIX_DECREF(crl)do { if (crl){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(crl), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } crl = ((void*)0); } } while (0); | |||
323 | derCrlItem = *attrVal++; | |||
324 | } | |||
325 | /* Clean up after PKIX_CHECK_ONLY_FATAL */ | |||
326 | pkixTempErrorReceivedstdVars.aPkixTempErrorReceived = PKIX_FALSE((PKIX_Boolean) 0); | |||
327 | } | |||
328 | sreAttr = *sreAttrArray++; | |||
329 | } | |||
330 | PKIX_DECREF(response)do { if (response){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(response), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } response = ((void* )0); } } while (0); | |||
331 | } | |||
332 | ||||
333 | *pCrls = crlList; | |||
334 | crlList = NULL((void*)0); | |||
335 | cleanup: | |||
336 | if (derCrlCopy) { | |||
337 | SECITEM_FreeItemSECITEM_FreeItem_Util(derCrlCopy, PKIX_TRUE((PKIX_Boolean) 1)); | |||
338 | } | |||
339 | if (nssCrl) { | |||
340 | SEC_DestroyCrl(nssCrl); | |||
341 | } | |||
342 | PKIX_DECREF(crl)do { if (crl){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(crl), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } crl = ((void*)0); } } while (0); | |||
343 | PKIX_DECREF(crlList)do { if (crlList){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(crlList), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } crlList = ((void*) 0); } } while (0); | |||
344 | PKIX_DECREF(response)do { if (response){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(response), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } response = ((void* )0); } } while (0); | |||
345 | ||||
346 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
347 | } | |||
348 | ||||
349 | /* | |||
350 | * FUNCTION: pkix_pl_LdapCertStore_DestroyAVAList | |||
351 | * DESCRIPTION: | |||
352 | * | |||
353 | * This function frees the space allocated for the components of the | |||
354 | * equalFilters that make up the andFilter pointed to by "filter". | |||
355 | * | |||
356 | * PARAMETERS: | |||
357 | * "requestParams" | |||
358 | * The address of the andFilter whose components are to be freed. Must be | |||
359 | * non-NULL. | |||
360 | * "plContext" | |||
361 | * Platform-specific context pointer | |||
362 | * THREAD SAFETY: | |||
363 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
364 | * RETURNS: | |||
365 | * Returns NULL if the function succeeds. | |||
366 | * Returns a CertStore Error if the function fails in a non-fatal way. | |||
367 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
368 | */ | |||
369 | static PKIX_Error * | |||
370 | pkix_pl_LdapCertStore_DestroyAVAList( | |||
371 | LDAPNameComponent **nameComponents, | |||
372 | void *plContext) | |||
373 | { | |||
374 | LDAPNameComponent **currentNC = NULL((void*)0); | |||
375 | unsigned char *component = NULL((void*)0); | |||
376 | ||||
377 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_DestroyAVAList")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_DestroyAVAList" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
378 | PKIX_NULLCHECK_ONE(nameComponents)do { if ((nameComponents) == ((void*)0)){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
379 | ||||
380 | /* Set currentNC to point to first AVA pointer */ | |||
381 | currentNC = nameComponents; | |||
382 | ||||
383 | while ((*currentNC) != NULL((void*)0)) { | |||
384 | component = (*currentNC)->attrValue; | |||
385 | if (component != NULL((void*)0)) { | |||
386 | PORT_FreePORT_Free_Util(component); | |||
387 | } | |||
388 | currentNC++; | |||
389 | } | |||
390 | ||||
391 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
392 | } | |||
393 | ||||
394 | /* | |||
395 | * FUNCTION: pkix_pl_LdapCertStore_MakeNameAVAList | |||
396 | * DESCRIPTION: | |||
397 | * | |||
398 | * This function allocates space from the arena pointed to by "arena" to | |||
399 | * construct a filter that will match components of the X500Name pointed to | |||
400 | * by "name", and stores the resulting filter at "pFilter". | |||
401 | * | |||
402 | * "name" is checked for commonName and organizationName components (cn=, | |||
403 | * and o=). The component strings are extracted using the family of | |||
404 | * CERT_Get* functions, and each must be freed with PORT_Free. | |||
405 | * | |||
406 | * It is not clear which components should be in a request, so, for now, | |||
407 | * we stop adding components after we have found one. | |||
408 | * | |||
409 | * PARAMETERS: | |||
410 | * "arena" | |||
411 | * The address of the PLArenaPool used in creating the filter. Must be | |||
412 | * non-NULL. | |||
413 | * "name" | |||
414 | * The address of the X500Name whose components define the desired | |||
415 | * matches. Must be non-NULL. | |||
416 | * "pList" | |||
417 | * The address at which the result is stored. | |||
418 | * "plContext" | |||
419 | * Platform-specific context pointer | |||
420 | * THREAD SAFETY: | |||
421 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
422 | * RETURNS: | |||
423 | * Returns NULL if the function succeeds. | |||
424 | * Returns a CertStore Error if the function fails in a non-fatal way. | |||
425 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
426 | */ | |||
427 | static PKIX_Error * | |||
428 | pkix_pl_LdapCertStore_MakeNameAVAList( | |||
429 | PLArenaPool *arena, | |||
430 | PKIX_PL_X500Name *subjectName, | |||
431 | LDAPNameComponent ***pList, | |||
432 | void *plContext) | |||
433 | { | |||
434 | LDAPNameComponent **setOfNameComponents; | |||
435 | LDAPNameComponent *currentNameComponent = NULL((void*)0); | |||
436 | PKIX_UInt32 componentsPresent = 0; | |||
437 | void *v = NULL((void*)0); | |||
438 | unsigned char *component = NULL((void*)0); | |||
439 | ||||
440 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_MakeNameAVAList")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_MakeNameAVAList" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
441 | PKIX_NULLCHECK_THREE(arena, subjectName, pList)do { if (((arena) == ((void*)0)) || ((subjectName) == ((void* )0)) || ((pList) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
442 | ||||
443 | /* Increase this if additional components may be extracted */ | |||
444 | #define MAX_NUM_COMPONENTS3 3 | |||
445 | ||||
446 | /* Space for (MAX_NUM_COMPONENTS + 1) pointers to LDAPNameComponents */ | |||
447 | PKIX_PL_NSSCALLRV(CERTSTORE, v, PORT_ArenaZAlloc,; v = (PORT_ArenaZAlloc_Util (arena, (3 + 1)*sizeof(LDAPNameComponent *))) | |||
448 | (arena, (MAX_NUM_COMPONENTS + 1)*sizeof(LDAPNameComponent *))); v = (PORT_ArenaZAlloc_Util (arena, (3 + 1)*sizeof(LDAPNameComponent *))); | |||
449 | setOfNameComponents = (LDAPNameComponent **)v; | |||
450 | ||||
451 | /* Space for MAX_NUM_COMPONENTS LDAPNameComponents */ | |||
452 | PKIX_PL_NSSCALLRV(CERTSTORE, v, PORT_ArenaZNewArray,; v = ((LDAPNameComponent *)PORT_ArenaZAlloc_Util(arena, sizeof (LDAPNameComponent) * (3))) | |||
453 | (arena, LDAPNameComponent, MAX_NUM_COMPONENTS)); v = ((LDAPNameComponent *)PORT_ArenaZAlloc_Util(arena, sizeof (LDAPNameComponent) * (3))); | |||
454 | ||||
455 | currentNameComponent = (LDAPNameComponent *)v; | |||
456 | ||||
457 | /* Try for commonName */ | |||
458 | PKIX_CHECK(pkix_pl_X500Name_GetCommonNamedo { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetCommonName (subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETCOMMONNAMEFAILED; goto cleanup; } } while (0) | |||
459 | (subjectName, &component, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetCommonName (subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETCOMMONNAMEFAILED; goto cleanup; } } while (0) | |||
460 | PKIX_X500NAMEGETCOMMONNAMEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetCommonName (subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETCOMMONNAMEFAILED; goto cleanup; } } while (0); | |||
461 | if (component) { | |||
462 | setOfNameComponents[componentsPresent] = currentNameComponent; | |||
463 | currentNameComponent->attrType = (unsigned char *)"cn"; | |||
464 | currentNameComponent->attrValue = component; | |||
465 | componentsPresent++; | |||
466 | currentNameComponent++; | |||
467 | } | |||
468 | ||||
469 | /* | |||
470 | * The LDAP specification says we can send multiple name components | |||
471 | * in an "AND" filter, but the LDAP Servers don't seem to be able to | |||
472 | * handle such requests. So we'll quit after the cn component. | |||
473 | */ | |||
474 | #if 0 | |||
475 | /* Try for orgName */ | |||
476 | PKIX_CHECK(pkix_pl_X500Name_GetOrgNamedo { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetOrgName ( subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETORGNAMEFAILED; goto cleanup; } } while (0) | |||
477 | (subjectName, &component, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetOrgName ( subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETORGNAMEFAILED; goto cleanup; } } while (0) | |||
478 | PKIX_X500NAMEGETORGNAMEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetOrgName ( subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETORGNAMEFAILED; goto cleanup; } } while (0); | |||
479 | if (component) { | |||
480 | setOfNameComponents[componentsPresent] = currentNameComponent; | |||
481 | currentNameComponent->attrType = (unsigned char *)"o"; | |||
482 | currentNameComponent->attrValue = component; | |||
483 | componentsPresent++; | |||
484 | currentNameComponent++; | |||
485 | } | |||
486 | ||||
487 | /* Try for countryName */ | |||
488 | PKIX_CHECK(pkix_pl_X500Name_GetCountryNamedo { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetCountryName (subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETCOUNTRYNAMEFAILED; goto cleanup; } } while (0) | |||
489 | (subjectName, &component, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetCountryName (subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETCOUNTRYNAMEFAILED; goto cleanup; } } while (0) | |||
490 | PKIX_X500NAMEGETCOUNTRYNAMEFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_X500Name_GetCountryName (subjectName, &component, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_X500NAMEGETCOUNTRYNAMEFAILED; goto cleanup; } } while (0); | |||
491 | if (component) { | |||
492 | setOfNameComponents[componentsPresent] = currentNameComponent; | |||
493 | currentNameComponent->attrType = (unsigned char *)"c"; | |||
494 | currentNameComponent->attrValue = component; | |||
495 | componentsPresent++; | |||
496 | currentNameComponent++; | |||
497 | } | |||
498 | #endif | |||
499 | ||||
500 | setOfNameComponents[componentsPresent] = NULL((void*)0); | |||
501 | ||||
502 | *pList = setOfNameComponents; | |||
503 | ||||
504 | cleanup: | |||
505 | ||||
506 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
507 | ||||
508 | } | |||
509 | ||||
510 | #if 0 | |||
511 | /* | |||
512 | * FUNCTION: pkix_pl_LdapCertstore_ConvertCertResponses | |||
513 | * DESCRIPTION: | |||
514 | * | |||
515 | * This function processes the List of LDAPResponses pointed to by "responses" | |||
516 | * into a List of resulting Certs, storing the result at "pCerts". If there | |||
517 | * are no responses converted successfully, a NULL may be stored. | |||
518 | * | |||
519 | * PARAMETERS: | |||
520 | * "responses" | |||
521 | * The LDAPResponses whose contents are to be converted. Must be non-NULL. | |||
522 | * "pCerts" | |||
523 | * Address at which the returned List is stored. Must be non-NULL. | |||
524 | * "plContext" | |||
525 | * Platform-specific context pointer. | |||
526 | * THREAD SAFETY: | |||
527 | * Thread Safe (see Thread Safety Definitions in Programmer's Guide) | |||
528 | * RETURNS: | |||
529 | * Returns NULL if the function succeeds. | |||
530 | * Returns a CertStore Error if the function fails in a non-fatal way | |||
531 | * Returns a Fatal Error if the function fails in an unrecoverable way. | |||
532 | */ | |||
533 | PKIX_Error * | |||
534 | pkix_pl_LdapCertStore_ConvertCertResponses( | |||
535 | PKIX_List *responses, | |||
536 | PKIX_List **pCerts, | |||
537 | void *plContext) | |||
538 | { | |||
539 | PKIX_List *unfiltered = NULL((void*)0); | |||
540 | ||||
541 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_ConvertCertResponses")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_ConvertCertResponses" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
542 | PKIX_NULLCHECK_TWO(responses, pCerts)do { if (((responses) == ((void*)0)) || ((pCerts) == ((void*) 0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
543 | ||||
544 | /* | |||
545 | * We have a List of LdapResponse objects that have to be | |||
546 | * turned into Certs. | |||
547 | */ | |||
548 | PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfiltered, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0) | |||
549 | (responses, &unfiltered, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfiltered, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0) | |||
550 | PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfiltered, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0); | |||
551 | ||||
552 | *pCerts = unfiltered; | |||
553 | ||||
554 | cleanup: | |||
555 | ||||
556 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
557 | } | |||
558 | #endif | |||
559 | ||||
560 | /* | |||
561 | * FUNCTION: pkix_pl_LdapCertStore_GetCert | |||
562 | * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h) | |||
563 | */ | |||
564 | PKIX_Error * | |||
565 | pkix_pl_LdapCertStore_GetCert( | |||
566 | PKIX_CertStore *store, | |||
567 | PKIX_CertSelector *selector, | |||
568 | PKIX_VerifyNode *verifyNode, | |||
569 | void **pNBIOContext, | |||
570 | PKIX_List **pCertList, | |||
571 | void *plContext) | |||
572 | { | |||
573 | PLArenaPool *requestArena = NULL((void*)0); | |||
574 | LDAPRequestParams requestParams; | |||
575 | void *pollDesc = NULL((void*)0); | |||
576 | PKIX_Int32 minPathLen = 0; | |||
577 | PKIX_Boolean cacheFlag = PKIX_FALSE((PKIX_Boolean) 0); | |||
578 | PKIX_ComCertSelParams *params = NULL((void*)0); | |||
579 | PKIX_PL_LdapCertStoreContext *lcs = NULL((void*)0); | |||
580 | PKIX_List *responses = NULL((void*)0); | |||
581 | PKIX_List *unfilteredCerts = NULL((void*)0); | |||
582 | PKIX_List *filteredCerts = NULL((void*)0); | |||
583 | PKIX_PL_X500Name *subjectName = 0; | |||
584 | ||||
585 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCert")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_GetCert" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
586 | PKIX_NULLCHECK_THREE(store, selector, pCertList)do { if (((store) == ((void*)0)) || ((selector) == ((void*)0) ) || ((pCertList) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
587 | ||||
588 | requestParams.baseObject = "c=US"; | |||
589 | requestParams.scope = WHOLE_SUBTREE; | |||
590 | requestParams.derefAliases = NEVER_DEREF; | |||
591 | requestParams.sizeLimit = 0; | |||
592 | requestParams.timeLimit = 0; | |||
593 | ||||
594 | /* Prepare elements for request filter */ | |||
595 | ||||
596 | /* | |||
597 | * Get a short-lived arena. We'll be done with this space once | |||
598 | * the request is encoded. | |||
599 | */ | |||
600 | requestArena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); | |||
601 | if (!requestArena) { | |||
602 | PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_OUTOFMEMORY; stdVars.aPkixErrorClass = PKIX_FATAL_ERROR ; { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , stdVars.aPkixErrorCode, ((void*)0), stdVars.aPkixType, 1, plContext ); } }; goto cleanup; }; | |||
603 | } | |||
604 | ||||
605 | PKIX_CHECK(PKIX_CertSelector_GetCommonCertSelectorParamsdo { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams (selector, ¶ms, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMCERTSELPARAMSFAILED ; goto cleanup; } } while (0) | |||
606 | (selector, ¶ms, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams (selector, ¶ms, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMCERTSELPARAMSFAILED ; goto cleanup; } } while (0) | |||
607 | PKIX_CERTSELECTORGETCOMCERTSELPARAMSFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertSelector_GetCommonCertSelectorParams (selector, ¶ms, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSELECTORGETCOMCERTSELPARAMSFAILED ; goto cleanup; } } while (0); | |||
608 | ||||
609 | /* | |||
610 | * If we have the subject name for the desired subject, | |||
611 | * ask the server for Certs with that subject. | |||
612 | */ | |||
613 | PKIX_CHECK(PKIX_ComCertSelParams_GetSubjectdo { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetSubject (params, &subjectName, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETSUBJECTFAILED ; goto cleanup; } } while (0) | |||
614 | (params, &subjectName, plContext),do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetSubject (params, &subjectName, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETSUBJECTFAILED ; goto cleanup; } } while (0) | |||
615 | PKIX_COMCERTSELPARAMSGETSUBJECTFAILED)do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetSubject (params, &subjectName, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETSUBJECTFAILED ; goto cleanup; } } while (0); | |||
616 | ||||
617 | PKIX_CHECK(PKIX_ComCertSelParams_GetBasicConstraintsdo { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetBasicConstraints (params, &minPathLen, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED ; goto cleanup; } } while (0) | |||
618 | (params, &minPathLen, plContext),do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetBasicConstraints (params, &minPathLen, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED ; goto cleanup; } } while (0) | |||
619 | PKIX_COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED)do { stdVars.aPkixErrorResult = (PKIX_ComCertSelParams_GetBasicConstraints (params, &minPathLen, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCERTSELPARAMSGETBASICCONSTRAINTSFAILED ; goto cleanup; } } while (0); | |||
620 | ||||
621 | if (subjectName) { | |||
622 | PKIX_CHECK(pkix_pl_LdapCertStore_MakeNameAVAListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, subjectName, &(requestParams.nc), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED; goto cleanup; } } while (0) | |||
623 | (requestArena,do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, subjectName, &(requestParams.nc), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED; goto cleanup; } } while (0) | |||
624 | subjectName,do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, subjectName, &(requestParams.nc), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED; goto cleanup; } } while (0) | |||
625 | &(requestParams.nc),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, subjectName, &(requestParams.nc), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED; goto cleanup; } } while (0) | |||
626 | plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, subjectName, &(requestParams.nc), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED; goto cleanup; } } while (0) | |||
627 | PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, subjectName, &(requestParams.nc), plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED; goto cleanup; } } while (0); | |||
628 | ||||
629 | if (*requestParams.nc == NULL((void*)0)) { | |||
630 | /* | |||
631 | * The subjectName may not include any components | |||
632 | * that we know how to encode. We do not return | |||
633 | * an error, because the caller did not necessarily | |||
634 | * do anything wrong, but we return an empty List. | |||
635 | */ | |||
636 | PKIX_PL_NSSCALL(CERTSTORE, PORT_FreeArena,; (PORT_FreeArena_Util (requestArena, 0)) | |||
637 | (requestArena, PR_FALSE)); (PORT_FreeArena_Util (requestArena, 0)); | |||
638 | ||||
639 | PKIX_CHECK(PKIX_List_Create(&filteredCerts, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create(&filteredCerts , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
640 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create(&filteredCerts , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
641 | ||||
642 | PKIX_CHECK(PKIX_List_SetImmutabledo { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable (filteredCerts , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
643 | (filteredCerts, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable (filteredCerts , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
644 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable (filteredCerts , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
645 | ||||
646 | *pNBIOContext = NULL((void*)0); | |||
647 | *pCertList = filteredCerts; | |||
648 | filteredCerts = NULL((void*)0); | |||
649 | goto cleanup; | |||
650 | } | |||
651 | } else { | |||
652 | PKIX_ERROR(PKIX_INSUFFICIENTCRITERIAFORCERTQUERY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_INSUFFICIENTCRITERIAFORCERTQUERY, ((void*)0), stdVars. aPkixType, 2, plContext); } } stdVars.aPkixErrorReceived = (( PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_INSUFFICIENTCRITERIAFORCERTQUERY ; goto cleanup; }; | |||
653 | } | |||
654 | ||||
655 | /* Prepare attribute field of request */ | |||
656 | ||||
657 | requestParams.attributes = 0; | |||
658 | ||||
659 | if (minPathLen < 0) { | |||
660 | requestParams.attributes |= LDAPATTR_USERCERT(1<<1); | |||
661 | } | |||
662 | ||||
663 | if (minPathLen > -2) { | |||
664 | requestParams.attributes |= | |||
665 | LDAPATTR_CACERT(1<<0) | LDAPATTR_CROSSPAIRCERT(1<<2); | |||
666 | } | |||
667 | ||||
668 | /* All request fields are done */ | |||
669 | ||||
670 | PKIX_CHECK(PKIX_CertStore_GetCertStoreContextdo { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
671 | (store, (PKIX_PL_Object **)&lcs, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
672 | PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0); | |||
673 | ||||
674 | PKIX_CHECK(PKIX_PL_LdapClient_InitiateRequestdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
675 | ((PKIX_PL_LdapClient *)lcs,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
676 | &requestParams,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
677 | &pollDesc,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
678 | &responses,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
679 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
680 | PKIX_LDAPCLIENTINITIATEREQUESTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0); | |||
681 | ||||
682 | PKIX_CHECK(pkix_pl_LdapCertStore_DestroyAVAListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DestroyAVAList (requestParams.nc, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED ; goto cleanup; } } while (0) | |||
683 | (requestParams.nc, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DestroyAVAList (requestParams.nc, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED ; goto cleanup; } } while (0) | |||
684 | PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DestroyAVAList (requestParams.nc, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED ; goto cleanup; } } while (0); | |||
685 | ||||
686 | if (requestArena) { | |||
687 | PKIX_PL_NSSCALL(CERTSTORE, PORT_FreeArena,; (PORT_FreeArena_Util (requestArena, 0)) | |||
688 | (requestArena, PR_FALSE)); (PORT_FreeArena_Util (requestArena, 0)); | |||
689 | requestArena = NULL((void*)0); | |||
690 | } | |||
691 | ||||
692 | if (pollDesc != NULL((void*)0)) { | |||
693 | /* client is waiting for non-blocking I/O to complete */ | |||
694 | *pNBIOContext = (void *)pollDesc; | |||
695 | *pCertList = NULL((void*)0); | |||
696 | goto cleanup; | |||
697 | } | |||
698 | /* LdapClient has given us a response! */ | |||
699 | ||||
700 | if (responses) { | |||
701 | PKIX_CHECK(PKIX_CertStore_GetCertStoreCacheFlagdo { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreCacheFlag (store, &cacheFlag, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED ; goto cleanup; } } while (0) | |||
702 | (store, &cacheFlag, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreCacheFlag (store, &cacheFlag, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED ; goto cleanup; } } while (0) | |||
703 | PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreCacheFlag (store, &cacheFlag, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED ; goto cleanup; } } while (0); | |||
704 | ||||
705 | PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfilteredCerts, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0) | |||
706 | (responses, &unfilteredCerts, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfilteredCerts, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0) | |||
707 | PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfilteredCerts, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0); | |||
708 | ||||
709 | PKIX_CHECK(pkix_CertSelector_Selectdo { stdVars.aPkixErrorResult = (pkix_CertSelector_Select (selector , unfilteredCerts, &filteredCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
710 | (selector, unfilteredCerts, &filteredCerts, plContext),do { stdVars.aPkixErrorResult = (pkix_CertSelector_Select (selector , unfilteredCerts, &filteredCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
711 | PKIX_CERTSELECTORSELECTFAILED)do { stdVars.aPkixErrorResult = (pkix_CertSelector_Select (selector , unfilteredCerts, &filteredCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORSELECTFAILED ; goto cleanup; } } while (0); | |||
712 | } | |||
713 | ||||
714 | *pNBIOContext = NULL((void*)0); | |||
715 | *pCertList = filteredCerts; | |||
716 | filteredCerts = NULL((void*)0); | |||
717 | ||||
718 | cleanup: | |||
719 | ||||
720 | PKIX_DECREF(params)do { if (params){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(params), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } params = ((void*)0 ); } } while (0); | |||
721 | PKIX_DECREF(subjectName)do { if (subjectName){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(subjectName), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } subjectName = ((void *)0); } } while (0); | |||
722 | PKIX_DECREF(responses)do { if (responses){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(responses), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } responses = ((void *)0); } } while (0); | |||
723 | PKIX_DECREF(unfilteredCerts)do { if (unfilteredCerts){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(unfilteredCerts), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } unfilteredCerts = ((void*)0); } } while (0); | |||
724 | PKIX_DECREF(filteredCerts)do { if (filteredCerts){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(filteredCerts), plContext); if (stdVars. aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } filteredCerts = ((void*)0); } } while (0); | |||
725 | PKIX_DECREF(lcs)do { if (lcs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(lcs), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } lcs = ((void*)0); } } while (0); | |||
726 | ||||
727 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
728 | } | |||
729 | ||||
730 | /* | |||
731 | * FUNCTION: pkix_pl_LdapCertStore_GetCertContinue | |||
732 | * (see description of PKIX_CertStore_CertCallback in pkix_certstore.h) | |||
733 | */ | |||
734 | PKIX_Error * | |||
735 | pkix_pl_LdapCertStore_GetCertContinue( | |||
736 | PKIX_CertStore *store, | |||
737 | PKIX_CertSelector *selector, | |||
738 | PKIX_VerifyNode *verifyNode, | |||
739 | void **pNBIOContext, | |||
740 | PKIX_List **pCertList, | |||
741 | void *plContext) | |||
742 | { | |||
743 | PKIX_Boolean cacheFlag = PKIX_FALSE((PKIX_Boolean) 0); | |||
744 | PKIX_PL_LdapCertStoreContext *lcs = NULL((void*)0); | |||
745 | void *pollDesc = NULL((void*)0); | |||
746 | PKIX_List *responses = NULL((void*)0); | |||
747 | PKIX_List *unfilteredCerts = NULL((void*)0); | |||
748 | PKIX_List *filteredCerts = NULL((void*)0); | |||
749 | ||||
750 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCertContinue")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_GetCertContinue" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
751 | PKIX_NULLCHECK_THREE(store, selector, pCertList)do { if (((store) == ((void*)0)) || ((selector) == ((void*)0) ) || ((pCertList) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
752 | ||||
753 | PKIX_CHECK(PKIX_CertStore_GetCertStoreContextdo { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
754 | (store, (PKIX_PL_Object **)&lcs, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
755 | PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0); | |||
756 | ||||
757 | PKIX_CHECK(PKIX_PL_LdapClient_ResumeRequestdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest ((PKIX_PL_LdapClient *)lcs, &pollDesc, &responses, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while (0) | |||
758 | ((PKIX_PL_LdapClient *)lcs, &pollDesc, &responses, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest ((PKIX_PL_LdapClient *)lcs, &pollDesc, &responses, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while (0) | |||
759 | PKIX_LDAPCLIENTRESUMEREQUESTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest ((PKIX_PL_LdapClient *)lcs, &pollDesc, &responses, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while (0); | |||
760 | ||||
761 | if (pollDesc != NULL((void*)0)) { | |||
762 | /* client is waiting for non-blocking I/O to complete */ | |||
763 | *pNBIOContext = (void *)pollDesc; | |||
764 | *pCertList = NULL((void*)0); | |||
765 | goto cleanup; | |||
766 | } | |||
767 | /* LdapClient has given us a response! */ | |||
768 | ||||
769 | if (responses) { | |||
770 | PKIX_CHECK(PKIX_CertStore_GetCertStoreCacheFlagdo { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreCacheFlag (store, &cacheFlag, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED ; goto cleanup; } } while (0) | |||
771 | (store, &cacheFlag, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreCacheFlag (store, &cacheFlag, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED ; goto cleanup; } } while (0) | |||
772 | PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreCacheFlag (store, &cacheFlag, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECACHEFLAGFAILED ; goto cleanup; } } while (0); | |||
773 | ||||
774 | PKIX_CHECK(pkix_pl_LdapCertStore_BuildCertListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfilteredCerts, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0) | |||
775 | (responses, &unfilteredCerts, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfilteredCerts, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0) | |||
776 | PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCertList (responses, &unfilteredCerts, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCERTLISTFAILED ; goto cleanup; } } while (0); | |||
777 | ||||
778 | PKIX_CHECK(pkix_CertSelector_Selectdo { stdVars.aPkixErrorResult = (pkix_CertSelector_Select (selector , unfilteredCerts, &filteredCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
779 | (selector, unfilteredCerts, &filteredCerts, plContext),do { stdVars.aPkixErrorResult = (pkix_CertSelector_Select (selector , unfilteredCerts, &filteredCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
780 | PKIX_CERTSELECTORSELECTFAILED)do { stdVars.aPkixErrorResult = (pkix_CertSelector_Select (selector , unfilteredCerts, &filteredCerts, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSELECTORSELECTFAILED ; goto cleanup; } } while (0); | |||
781 | } | |||
782 | ||||
783 | *pNBIOContext = NULL((void*)0); | |||
784 | *pCertList = filteredCerts; | |||
785 | ||||
786 | cleanup: | |||
787 | ||||
788 | PKIX_DECREF(responses)do { if (responses){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(responses), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } responses = ((void *)0); } } while (0); | |||
789 | PKIX_DECREF(unfilteredCerts)do { if (unfilteredCerts){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(unfilteredCerts), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } unfilteredCerts = ((void*)0); } } while (0); | |||
790 | PKIX_DECREF(lcs)do { if (lcs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(lcs), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } lcs = ((void*)0); } } while (0); | |||
791 | ||||
792 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
793 | } | |||
794 | ||||
795 | /* | |||
796 | * FUNCTION: pkix_pl_LdapCertStore_GetCRL | |||
797 | * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h) | |||
798 | */ | |||
799 | PKIX_Error * | |||
800 | pkix_pl_LdapCertStore_GetCRL( | |||
801 | PKIX_CertStore *store, | |||
802 | PKIX_CRLSelector *selector, | |||
803 | void **pNBIOContext, | |||
804 | PKIX_List **pCrlList, | |||
805 | void *plContext) | |||
806 | { | |||
807 | LDAPRequestParams requestParams; | |||
808 | void *pollDesc = NULL((void*)0); | |||
809 | PLArenaPool *requestArena = NULL((void*)0); | |||
810 | PKIX_UInt32 numNames = 0; | |||
811 | PKIX_UInt32 thisName = 0; | |||
812 | PKIX_PL_CRL *candidate = NULL((void*)0); | |||
813 | PKIX_List *responses = NULL((void*)0); | |||
814 | PKIX_List *issuerNames = NULL((void*)0); | |||
815 | PKIX_List *filteredCRLs = NULL((void*)0); | |||
816 | PKIX_List *unfilteredCRLs = NULL((void*)0); | |||
817 | PKIX_PL_X500Name *issuer = NULL((void*)0); | |||
818 | PKIX_PL_LdapCertStoreContext *lcs = NULL((void*)0); | |||
819 | PKIX_ComCRLSelParams *params = NULL((void*)0); | |||
820 | ||||
821 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCRL")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_GetCRL" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
| ||||
822 | PKIX_NULLCHECK_THREE(store, selector, pCrlList)do { if (((store) == ((void*)0)) || ((selector) == ((void*)0) ) || ((pCrlList) == ((void*)0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_NULLARGUMENT ; return PKIX_DoReturn(&stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean ) 1), plContext);; } } while (0); | |||
823 | ||||
824 | requestParams.baseObject = "c=US"; | |||
825 | requestParams.scope = WHOLE_SUBTREE; | |||
826 | requestParams.derefAliases = NEVER_DEREF; | |||
827 | requestParams.sizeLimit = 0; | |||
828 | requestParams.timeLimit = 0; | |||
829 | requestParams.attributes = LDAPATTR_CERTREVLIST(1<<3) | LDAPATTR_AUTHREVLIST(1<<4); | |||
830 | /* Prepare elements for request filter */ | |||
831 | ||||
832 | /* XXX Place CRLDP code here. Handle the case when */ | |||
833 | /* RFC 5280. Paragraph: 4.2.1.13: */ | |||
834 | /* If the distributionPoint field contains a directoryName, the entry */ | |||
835 | /* for that directoryName contains the current CRL for the associated */ | |||
836 | /* reasons and the CRL is issued by the associated cRLIssuer. The CRL */ | |||
837 | /* may be stored in either the certificateRevocationList or */ | |||
838 | /* authorityRevocationList attribute. The CRL is to be obtained by the */ | |||
839 | /* application from whatever directory server is locally configured. */ | |||
840 | /* The protocol the application uses to access the directory (e.g., DAP */ | |||
841 | /* or LDAP) is a local matter. */ | |||
842 | ||||
843 | ||||
844 | ||||
845 | /* | |||
846 | * Get a short-lived arena. We'll be done with this space once | |||
847 | * the request is encoded. | |||
848 | */ | |||
849 | PKIX_PL_NSSCALLRV; requestArena = (PORT_NewArena_Util ((2048))) | |||
850 | (CERTSTORE, requestArena, PORT_NewArena, (DER_DEFAULT_CHUNKSIZE)); requestArena = (PORT_NewArena_Util ((2048))); | |||
851 | ||||
852 | if (!requestArena) { | |||
853 | PKIX_ERROR_FATAL(PKIX_OUTOFMEMORY){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars.aPkixErrorCode = PKIX_OUTOFMEMORY; stdVars.aPkixErrorClass = PKIX_FATAL_ERROR ; { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , stdVars.aPkixErrorCode, ((void*)0), stdVars.aPkixType, 1, plContext ); } }; goto cleanup; }; | |||
854 | } | |||
855 | ||||
856 | PKIX_CHECK(PKIX_CRLSelector_GetCommonCRLSelectorParamsdo { stdVars.aPkixErrorResult = (PKIX_CRLSelector_GetCommonCRLSelectorParams (selector, ¶ms, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CRLSELECTORGETCOMCERTSELPARAMSFAILED ; goto cleanup; } } while (0) | |||
857 | (selector, ¶ms, plContext),do { stdVars.aPkixErrorResult = (PKIX_CRLSelector_GetCommonCRLSelectorParams (selector, ¶ms, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CRLSELECTORGETCOMCERTSELPARAMSFAILED ; goto cleanup; } } while (0) | |||
858 | PKIX_CRLSELECTORGETCOMCERTSELPARAMSFAILED)do { stdVars.aPkixErrorResult = (PKIX_CRLSelector_GetCommonCRLSelectorParams (selector, ¶ms, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CRLSELECTORGETCOMCERTSELPARAMSFAILED ; goto cleanup; } } while (0); | |||
859 | ||||
860 | PKIX_CHECK(PKIX_ComCRLSelParams_GetIssuerNamesdo { stdVars.aPkixErrorResult = (PKIX_ComCRLSelParams_GetIssuerNames (params, &issuerNames, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED ; goto cleanup; } } while (0) | |||
861 | (params, &issuerNames, plContext),do { stdVars.aPkixErrorResult = (PKIX_ComCRLSelParams_GetIssuerNames (params, &issuerNames, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED ; goto cleanup; } } while (0) | |||
862 | PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED)do { stdVars.aPkixErrorResult = (PKIX_ComCRLSelParams_GetIssuerNames (params, &issuerNames, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_COMCRLSELPARAMSGETISSUERNAMESFAILED ; goto cleanup; } } while (0); | |||
863 | ||||
864 | /* | |||
865 | * The specification for PKIX_ComCRLSelParams_GetIssuerNames in | |||
866 | * pkix_crlsel.h says that if the criterion is not set we get a null | |||
867 | * pointer. If we get an empty List the criterion is impossible to | |||
868 | * meet ("must match at least one of the names in the List"). | |||
869 | */ | |||
870 | if (issuerNames) { | |||
871 | ||||
872 | PKIX_CHECK(PKIX_List_GetLengthdo { stdVars.aPkixErrorResult = (PKIX_List_GetLength (issuerNames , &numNames, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
873 | (issuerNames, &numNames, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (issuerNames , &numNames, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0) | |||
874 | PKIX_LISTGETLENGTHFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetLength (issuerNames , &numNames, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LISTGETLENGTHFAILED; goto cleanup ; } } while (0); | |||
875 | ||||
876 | if (numNames > 0) { | |||
877 | /* | |||
878 | * LDAP Servers don't seem to be able to handle | |||
879 | * requests with more than more than one name. | |||
880 | * So only use first name. | |||
881 | */ | |||
882 | PKIX_CHECK(PKIX_List_GetItemdo { stdVars.aPkixErrorResult = (PKIX_List_GetItem (issuerNames , thisName, (PKIX_PL_Object **)&issuer, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
883 | (issuerNames,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (issuerNames , thisName, (PKIX_PL_Object **)&issuer, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
884 | thisName,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (issuerNames , thisName, (PKIX_PL_Object **)&issuer, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
885 | (PKIX_PL_Object **)&issuer,do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (issuerNames , thisName, (PKIX_PL_Object **)&issuer, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
886 | plContext),do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (issuerNames , thisName, (PKIX_PL_Object **)&issuer, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0) | |||
887 | PKIX_LISTGETITEMFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_GetItem (issuerNames , thisName, (PKIX_PL_Object **)&issuer, plContext)); if ( stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTGETITEMFAILED ; goto cleanup; } } while (0); | |||
888 | ||||
889 | PKIX_CHECKdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0) | |||
890 | (pkix_pl_LdapCertStore_MakeNameAVAListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0) | |||
891 | (requestArena,do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0) | |||
892 | issuer,do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0) | |||
893 | &(requestParams.nc),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0) | |||
894 | plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0) | |||
895 | PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_MakeNameAVAList (requestArena, issuer, &(requestParams.nc), plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars .aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREMAKENAMEAVALISTFAILED ; goto cleanup; } } while (0); | |||
896 | ||||
897 | PKIX_DECREF(issuer)do { if (issuer){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuer), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } issuer = ((void*)0 ); } } while (0); | |||
898 | ||||
899 | if (*requestParams.nc == NULL((void*)0)) { | |||
| ||||
900 | /* | |||
901 | * The issuer may not include any | |||
902 | * components that we know how to | |||
903 | * encode. We do not return an error, | |||
904 | * because the caller did not | |||
905 | * necessarily do anything wrong, but | |||
906 | * we return an empty List. | |||
907 | */ | |||
908 | PKIX_PL_NSSCALL; (PORT_FreeArena_Util (requestArena, 0)) | |||
909 | (CERTSTORE, PORT_FreeArena,; (PORT_FreeArena_Util (requestArena, 0)) | |||
910 | (requestArena, PR_FALSE)); (PORT_FreeArena_Util (requestArena, 0)); | |||
911 | ||||
912 | PKIX_CHECK(PKIX_List_Createdo { stdVars.aPkixErrorResult = (PKIX_List_Create (&filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
913 | (&filteredCRLs, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_Create (&filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0) | |||
914 | PKIX_LISTCREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_Create (&filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTCREATEFAILED; goto cleanup; } } while (0); | |||
915 | ||||
916 | PKIX_CHECK(PKIX_List_SetImmutabledo { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable (filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
917 | (filteredCRLs, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable (filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
918 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable (filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
919 | ||||
920 | *pNBIOContext = NULL((void*)0); | |||
921 | *pCrlList = filteredCRLs; | |||
922 | goto cleanup; | |||
923 | } | |||
924 | } else { | |||
925 | PKIX_ERROR(PKIX_IMPOSSIBLECRITERIONFORCRLQUERY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_IMPOSSIBLECRITERIONFORCRLQUERY, ((void*)0), stdVars.aPkixType , 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_IMPOSSIBLECRITERIONFORCRLQUERY ; goto cleanup; }; | |||
926 | } | |||
927 | } else { | |||
928 | PKIX_ERROR(PKIX_IMPOSSIBLECRITERIONFORCRLQUERY){ { if (pkixLoggersErrors) { pkix_Logger_CheckWithCode(pkixLoggersErrors , PKIX_IMPOSSIBLECRITERIONFORCRLQUERY, ((void*)0), stdVars.aPkixType , 2, plContext); } } stdVars.aPkixErrorReceived = ((PKIX_Boolean ) 1); stdVars.aPkixErrorCode = PKIX_IMPOSSIBLECRITERIONFORCRLQUERY ; goto cleanup; }; | |||
929 | } | |||
930 | ||||
931 | /* All request fields are done */ | |||
932 | ||||
933 | PKIX_CHECK(PKIX_CertStore_GetCertStoreContextdo { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
934 | (store, (PKIX_PL_Object **)&lcs, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
935 | PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0); | |||
936 | ||||
937 | PKIX_CHECK(PKIX_PL_LdapClient_InitiateRequestdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
938 | ((PKIX_PL_LdapClient *)lcs,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
939 | &requestParams,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
940 | &pollDesc,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
941 | &responses,do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
942 | plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0) | |||
943 | PKIX_LDAPCLIENTINITIATEREQUESTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_InitiateRequest ((PKIX_PL_LdapClient *)lcs, &requestParams, &pollDesc , &responses, plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTINITIATEREQUESTFAILED ; goto cleanup; } } while (0); | |||
944 | ||||
945 | PKIX_CHECK(pkix_pl_LdapCertStore_DestroyAVAListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DestroyAVAList (requestParams.nc, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED ; goto cleanup; } } while (0) | |||
946 | (requestParams.nc, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DestroyAVAList (requestParams.nc, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED ; goto cleanup; } } while (0) | |||
947 | PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_DestroyAVAList (requestParams.nc, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREDESTROYAVALISTFAILED ; goto cleanup; } } while (0); | |||
948 | ||||
949 | if (requestArena) { | |||
950 | PKIX_PL_NSSCALL(CERTSTORE, PORT_FreeArena,; (PORT_FreeArena_Util (requestArena, 0)) | |||
951 | (requestArena, PR_FALSE)); (PORT_FreeArena_Util (requestArena, 0)); | |||
952 | } | |||
953 | ||||
954 | if (pollDesc != NULL((void*)0)) { | |||
955 | /* client is waiting for non-blocking I/O to complete */ | |||
956 | *pNBIOContext = (void *)pollDesc; | |||
957 | *pCrlList = NULL((void*)0); | |||
958 | goto cleanup; | |||
959 | } | |||
960 | /* client has finished! */ | |||
961 | ||||
962 | if (responses) { | |||
963 | ||||
964 | /* | |||
965 | * We have a List of LdapResponse objects that still have to be | |||
966 | * turned into Crls. | |||
967 | */ | |||
968 | PKIX_CHECK(pkix_pl_LdapCertStore_BuildCrlListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCrlList (responses, &unfilteredCRLs, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED ; goto cleanup; } } while (0) | |||
969 | (responses, &unfilteredCRLs, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCrlList (responses, &unfilteredCRLs, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED ; goto cleanup; } } while (0) | |||
970 | PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCrlList (responses, &unfilteredCRLs, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED ; goto cleanup; } } while (0); | |||
971 | ||||
972 | PKIX_CHECK(pkix_CRLSelector_Selectdo { stdVars.aPkixErrorResult = (pkix_CRLSelector_Select (selector , unfilteredCRLs, &filteredCRLs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
973 | (selector, unfilteredCRLs, &filteredCRLs, plContext),do { stdVars.aPkixErrorResult = (pkix_CRLSelector_Select (selector , unfilteredCRLs, &filteredCRLs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
974 | PKIX_CRLSELECTORSELECTFAILED)do { stdVars.aPkixErrorResult = (pkix_CRLSelector_Select (selector , unfilteredCRLs, &filteredCRLs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLSELECTORSELECTFAILED ; goto cleanup; } } while (0); | |||
975 | ||||
976 | } | |||
977 | ||||
978 | /* Don't throw away the list if one CRL was bad! */ | |||
979 | pkixTempErrorReceivedstdVars.aPkixTempErrorReceived = PKIX_FALSE((PKIX_Boolean) 0); | |||
980 | ||||
981 | *pNBIOContext = NULL((void*)0); | |||
982 | *pCrlList = filteredCRLs; | |||
983 | ||||
984 | cleanup: | |||
985 | ||||
986 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)) { | |||
987 | PKIX_DECREF(filteredCRLs)do { if (filteredCRLs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(filteredCRLs), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } filteredCRLs = ((void *)0); } } while (0); | |||
988 | } | |||
989 | ||||
990 | PKIX_DECREF(params)do { if (params){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(params), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } params = ((void*)0 ); } } while (0); | |||
991 | PKIX_DECREF(issuerNames)do { if (issuerNames){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuerNames), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } issuerNames = ((void *)0); } } while (0); | |||
992 | PKIX_DECREF(issuer)do { if (issuer){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(issuer), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } issuer = ((void*)0 ); } } while (0); | |||
993 | PKIX_DECREF(candidate)do { if (candidate){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(candidate), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } candidate = ((void *)0); } } while (0); | |||
994 | PKIX_DECREF(responses)do { if (responses){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(responses), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } responses = ((void *)0); } } while (0); | |||
995 | PKIX_DECREF(unfilteredCRLs)do { if (unfilteredCRLs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(unfilteredCRLs), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } unfilteredCRLs = ((void*)0); } } while (0); | |||
996 | PKIX_DECREF(lcs)do { if (lcs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(lcs), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } lcs = ((void*)0); } } while (0); | |||
997 | ||||
998 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
999 | } | |||
1000 | ||||
1001 | /* | |||
1002 | * FUNCTION: pkix_pl_LdapCertStore_GetCRLContinue | |||
1003 | * (see description of PKIX_CertStore_CRLCallback in pkix_certstore.h) | |||
1004 | */ | |||
1005 | PKIX_Error * | |||
1006 | pkix_pl_LdapCertStore_GetCRLContinue( | |||
1007 | PKIX_CertStore *store, | |||
1008 | PKIX_CRLSelector *selector, | |||
1009 | void **pNBIOContext, | |||
1010 | PKIX_List **pCrlList, | |||
1011 | void *plContext) | |||
1012 | { | |||
1013 | void *nbio = NULL((void*)0); | |||
1014 | PKIX_PL_CRL *candidate = NULL((void*)0); | |||
1015 | PKIX_List *responses = NULL((void*)0); | |||
1016 | PKIX_PL_LdapCertStoreContext *lcs = NULL((void*)0); | |||
1017 | PKIX_List *filteredCRLs = NULL((void*)0); | |||
1018 | PKIX_List *unfilteredCRLs = NULL((void*)0); | |||
1019 | ||||
1020 | PKIX_ENTER(CERTSTORE, "pkix_pl_LdapCertStore_GetCRLContinue")static const char cMyFuncName[] = {"pkix_pl_LdapCertStore_GetCRLContinue" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
1021 | PKIX_NULLCHECK_FOUR(store, selector, pNBIOContext, pCrlList)do { if (((store) == ((void*)0)) || ((selector) == ((void*)0) ) || ((pNBIOContext) == ((void*)0)) || ((pCrlList) == ((void* )0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
1022 | ||||
1023 | PKIX_CHECK(PKIX_CertStore_GetCertStoreContextdo { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
1024 | (store, (PKIX_PL_Object **)&lcs, plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0) | |||
1025 | PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_GetCertStoreContext (store, (PKIX_PL_Object **)&lcs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CERTSTOREGETCERTSTORECONTEXTFAILED ; goto cleanup; } } while (0); | |||
1026 | ||||
1027 | PKIX_CHECK(PKIX_PL_LdapClient_ResumeRequestdo { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest ((PKIX_PL_LdapClient *)lcs, &nbio, &responses, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while (0) | |||
1028 | ((PKIX_PL_LdapClient *)lcs, &nbio, &responses, plContext),do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest ((PKIX_PL_LdapClient *)lcs, &nbio, &responses, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while (0) | |||
1029 | PKIX_LDAPCLIENTRESUMEREQUESTFAILED)do { stdVars.aPkixErrorResult = (PKIX_PL_LdapClient_ResumeRequest ((PKIX_PL_LdapClient *)lcs, &nbio, &responses, plContext )); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LDAPCLIENTRESUMEREQUESTFAILED; goto cleanup; } } while (0); | |||
1030 | ||||
1031 | if (nbio != NULL((void*)0)) { | |||
1032 | /* client is waiting for non-blocking I/O to complete */ | |||
1033 | *pNBIOContext = (void *)nbio; | |||
1034 | *pCrlList = NULL((void*)0); | |||
1035 | goto cleanup; | |||
1036 | } | |||
1037 | /* client has finished! */ | |||
1038 | ||||
1039 | if (responses) { | |||
1040 | ||||
1041 | /* | |||
1042 | * We have a List of LdapResponse objects that still have to be | |||
1043 | * turned into Crls. | |||
1044 | */ | |||
1045 | PKIX_CHECK(pkix_pl_LdapCertStore_BuildCrlListdo { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCrlList (responses, &unfilteredCRLs, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED ; goto cleanup; } } while (0) | |||
1046 | (responses, &unfilteredCRLs, plContext),do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCrlList (responses, &unfilteredCRLs, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED ; goto cleanup; } } while (0) | |||
1047 | PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED)do { stdVars.aPkixErrorResult = (pkix_pl_LdapCertStore_BuildCrlList (responses, &unfilteredCRLs, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_LDAPCERTSTOREBUILDCRLLISTFAILED ; goto cleanup; } } while (0); | |||
1048 | ||||
1049 | PKIX_CHECK(pkix_CRLSelector_Selectdo { stdVars.aPkixErrorResult = (pkix_CRLSelector_Select (selector , unfilteredCRLs, &filteredCRLs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
1050 | (selector, unfilteredCRLs, &filteredCRLs, plContext),do { stdVars.aPkixErrorResult = (pkix_CRLSelector_Select (selector , unfilteredCRLs, &filteredCRLs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLSELECTORSELECTFAILED ; goto cleanup; } } while (0) | |||
1051 | PKIX_CRLSELECTORSELECTFAILED)do { stdVars.aPkixErrorResult = (pkix_CRLSelector_Select (selector , unfilteredCRLs, &filteredCRLs, plContext)); if (stdVars .aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult ->errClass; stdVars.aPkixErrorCode = PKIX_CRLSELECTORSELECTFAILED ; goto cleanup; } } while (0); | |||
1052 | ||||
1053 | PKIX_CHECK(PKIX_List_SetImmutable(filteredCRLs, plContext),do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0) | |||
1054 | PKIX_LISTSETIMMUTABLEFAILED)do { stdVars.aPkixErrorResult = (PKIX_List_SetImmutable(filteredCRLs , plContext)); if (stdVars.aPkixErrorResult) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass; stdVars.aPkixErrorCode = PKIX_LISTSETIMMUTABLEFAILED; goto cleanup; } } while (0); | |||
1055 | ||||
1056 | } | |||
1057 | ||||
1058 | /* Don't throw away the list if one CRL was bad! */ | |||
1059 | pkixTempErrorReceivedstdVars.aPkixTempErrorReceived = PKIX_FALSE((PKIX_Boolean) 0); | |||
1060 | ||||
1061 | *pCrlList = filteredCRLs; | |||
1062 | ||||
1063 | cleanup: | |||
1064 | if (PKIX_ERROR_RECEIVED(stdVars.aPkixErrorReceived || stdVars.aPkixErrorResult || stdVars .aPkixTempErrorReceived || stdVars.aPkixErrorList)) { | |||
1065 | PKIX_DECREF(filteredCRLs)do { if (filteredCRLs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(filteredCRLs), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } filteredCRLs = ((void *)0); } } while (0); | |||
1066 | } | |||
1067 | ||||
1068 | PKIX_DECREF(candidate)do { if (candidate){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(candidate), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } candidate = ((void *)0); } } while (0); | |||
1069 | PKIX_DECREF(responses)do { if (responses){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(responses), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } responses = ((void *)0); } } while (0); | |||
1070 | PKIX_DECREF(unfilteredCRLs)do { if (unfilteredCRLs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(unfilteredCRLs), plContext); if (stdVars .aPkixTempResult) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult , plContext); stdVars.aPkixTempResult = ((void*)0); } unfilteredCRLs = ((void*)0); } } while (0); | |||
1071 | PKIX_DECREF(lcs)do { if (lcs){ stdVars.aPkixTempResult = PKIX_PL_Object_DecRef ((PKIX_PL_Object *)(lcs), plContext); if (stdVars.aPkixTempResult ) { PKIX_DoAddError(&stdVars, stdVars.aPkixTempResult, plContext ); stdVars.aPkixTempResult = ((void*)0); } lcs = ((void*)0); } } while (0); | |||
1072 | ||||
1073 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
1074 | } | |||
1075 | ||||
1076 | /* --Public-LdapCertStore-Functions----------------------------------- */ | |||
1077 | ||||
1078 | /* | |||
1079 | * FUNCTION: PKIX_PL_LdapCertStore_Create | |||
1080 | * (see comments in pkix_samples_modules.h) | |||
1081 | */ | |||
1082 | PKIX_Error * | |||
1083 | PKIX_PL_LdapCertStore_Create( | |||
1084 | PKIX_PL_LdapClient *client, | |||
1085 | PKIX_CertStore **pCertStore, | |||
1086 | void *plContext) | |||
1087 | { | |||
1088 | PKIX_CertStore *certStore = NULL((void*)0); | |||
1089 | ||||
1090 | PKIX_ENTER(CERTSTORE, "PKIX_PL_LdapCertStore_Create")static const char cMyFuncName[] = {"PKIX_PL_LdapCertStore_Create" }; PKIX_StdVars stdVars = zeroStdVars; stdVars.aMyFuncName = cMyFuncName ; stdVars.aPkixType = PKIX_CERTSTORE_ERROR; ; do { if (pkixLoggersDebugTrace ) { pkix_Logger_Check(pkixLoggersDebugTrace, stdVars.aMyFuncName , ">>>", stdVars.aPkixType, 5, plContext); } } while (0);; | |||
1091 | PKIX_NULLCHECK_TWO(client, pCertStore)do { if (((client) == ((void*)0)) || ((pCertStore) == ((void* )0))){ stdVars.aPkixErrorReceived = ((PKIX_Boolean) 1); stdVars .aPkixErrorCode = PKIX_NULLARGUMENT; return PKIX_DoReturn(& stdVars, (PKIX_FATAL_ERROR), ((PKIX_Boolean) 1), plContext);; } } while (0); | |||
1092 | ||||
1093 | PKIX_CHECK(PKIX_CertStore_Createdo { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1094 | (pkix_pl_LdapCertStore_GetCert,do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1095 | pkix_pl_LdapCertStore_GetCRL,do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1096 | pkix_pl_LdapCertStore_GetCertContinue,do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1097 | pkix_pl_LdapCertStore_GetCRLContinue,do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1098 | NULL, /* don't support trust */do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1099 | NULL, /* can not store crls */do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1100 | NULL, /* can not do revocation check */do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1101 | (PKIX_PL_Object *)client,do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1102 | PKIX_TRUE, /* cache flag */do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1103 | PKIX_FALSE, /* not local */do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1104 | &certStore,do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1105 | plContext),do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0) | |||
1106 | PKIX_CERTSTORECREATEFAILED)do { stdVars.aPkixErrorResult = (PKIX_CertStore_Create (pkix_pl_LdapCertStore_GetCert , pkix_pl_LdapCertStore_GetCRL, pkix_pl_LdapCertStore_GetCertContinue , pkix_pl_LdapCertStore_GetCRLContinue, ((void*)0), ((void*)0 ), ((void*)0), (PKIX_PL_Object *)client, ((PKIX_Boolean) 1), ( (PKIX_Boolean) 0), &certStore, plContext)); if (stdVars.aPkixErrorResult ) { stdVars.aPkixErrorClass = stdVars.aPkixErrorResult->errClass ; stdVars.aPkixErrorCode = PKIX_CERTSTORECREATEFAILED; goto cleanup ; } } while (0); | |||
1107 | ||||
1108 | *pCertStore = certStore; | |||
1109 | ||||
1110 | cleanup: | |||
1111 | ||||
1112 | PKIX_RETURN(CERTSTORE)return PKIX_DoReturn(&stdVars, (PKIX_CERTSTORE_ERROR), (( PKIX_Boolean) 1), plContext);; | |||
1113 | } |