--- a/modules/libjar/nsJAR.cpp
+++ b/modules/libjar/nsJAR.cpp
@@ -376,20 +376,19 @@ nsJAR::GetSigningCert(const nsACString&
//-- Find the item
nsJARManifestItem* manItem = mManifestData.Get(aFilename);
if (!manItem)
return NS_OK;
//-- Verify the item against the manifest
if (!manItem->entryVerified)
{
nsXPIDLCString entryData;
- uint32_t entryDataLen;
- rv = LoadEntry(aFilename, getter_Copies(entryData), &entryDataLen);
+ rv = LoadEntry(aFilename, entryData);
if (NS_FAILED(rv)) return rv;
- rv = VerifyEntry(manItem, entryData, entryDataLen);
+ rv = VerifyEntry(manItem, entryData, entryData.Length());
if (NS_FAILED(rv)) return rv;
}
requestedStatus = manItem->status;
}
else // User wants identity of signer w/o verifying any entries
requestedStatus = mGlobalStatus;
if (requestedStatus != JAR_VALID_MANIFEST) {
@@ -435,17 +434,17 @@ nsJAR::GetNSPRFileDesc(PRFileDesc** aNSP
return handle->GetNSPRFileDesc(aNSPRFileDesc);
}
//----------------------------------------------
// nsJAR private implementation
//----------------------------------------------
nsresult
-nsJAR::LoadEntry(const nsACString &aFilename, char** aBuf, uint32_t* aBufLen)
+nsJAR::LoadEntry(const nsACString& aFilename, nsCString& aBuf)
{
//-- Get a stream for reading the file
nsresult rv;
nsCOMPtr<nsIInputStream> manifestStream;
rv = GetInputStream(aFilename, getter_AddRefs(manifestStream));
if (NS_FAILED(rv)) return NS_ERROR_FILE_TARGET_DOES_NOT_EXIST;
//-- Read the manifest file into memory
@@ -466,19 +465,17 @@ nsJAR::LoadEntry(const nsACString &aFile
nsZipArchive::sFileCorruptedReason = "nsJAR: manifest too small";
rv = NS_ERROR_FILE_CORRUPTED;
}
if (NS_FAILED(rv)) {
free(buf);
return rv;
}
buf[len] = '\0'; //Null-terminate the buffer
- *aBuf = buf;
- if (aBufLen)
- *aBufLen = len;
+ aBuf.Adopt(buf, len);
return NS_OK;
}
int32_t
nsJAR::ReadLine(const char** src)
{
if (!*src) {
@@ -551,18 +548,17 @@ nsJAR::ParseManifest()
if (more)
{
mParsedManifest = true;
nsZipArchive::sFileCorruptedReason = "nsJAR: duplicate manifests";
return NS_ERROR_FILE_CORRUPTED; // More than one MF file
}
nsXPIDLCString manifestBuffer;
- uint32_t manifestLen;
- rv = LoadEntry(manifestFilename, getter_Copies(manifestBuffer), &manifestLen);
+ rv = LoadEntry(manifestFilename, manifestBuffer);
if (NS_FAILED(rv)) return rv;
//-- Parse it
rv = ParseOneFile(manifestBuffer, JAR_MF);
if (NS_FAILED(rv)) return rv;
//-- (2)Signature (SF) file
// If there are multiple signatures, we select one.
@@ -576,34 +572,33 @@ nsJAR::ParseManifest()
{
mGlobalStatus = JAR_NO_MANIFEST;
mParsedManifest = true;
return NS_OK;
}
rv = files->GetNext(manifestFilename);
if (NS_FAILED(rv)) return rv;
- rv = LoadEntry(manifestFilename, getter_Copies(manifestBuffer), &manifestLen);
+ rv = LoadEntry(manifestFilename, manifestBuffer);
if (NS_FAILED(rv)) return rv;
//-- Get its corresponding signature file
nsAutoCString sigFilename(manifestFilename);
int32_t extension = sigFilename.RFindChar('.') + 1;
NS_ASSERTION(extension != 0, "Manifest Parser: Missing file extension.");
(void)sigFilename.Cut(extension, 2);
nsXPIDLCString sigBuffer;
- uint32_t sigLen;
{
nsAutoCString tempFilename(sigFilename); tempFilename.Append("rsa", 3);
- rv = LoadEntry(tempFilename, getter_Copies(sigBuffer), &sigLen);
+ rv = LoadEntry(tempFilename, sigBuffer);
}
if (NS_FAILED(rv))
{
nsAutoCString tempFilename(sigFilename); tempFilename.Append("RSA", 3);
- rv = LoadEntry(tempFilename, getter_Copies(sigBuffer), &sigLen);
+ rv = LoadEntry(tempFilename, sigBuffer);
}
if (NS_FAILED(rv))
{
mGlobalStatus = JAR_NO_MANIFEST;
mParsedManifest = true;
return NS_OK;
}
@@ -614,17 +609,17 @@ nsJAR::ParseManifest()
{
mGlobalStatus = JAR_NO_MANIFEST;
mParsedManifest = true;
return NS_OK;
}
//-- Verify that the signature file is a valid signature of the SF file
int32_t verifyError;
- rv = verifier->VerifySignature(sigBuffer, sigLen, manifestBuffer, manifestLen,
+ rv = verifier->VerifySignature(sigBuffer, manifestBuffer,
&verifyError, getter_AddRefs(mSigningCert));
if (NS_FAILED(rv)) return rv;
if (mSigningCert && verifyError == nsIDataSignatureVerifier::VERIFY_OK) {
mGlobalStatus = JAR_VALID_MANIFEST;
} else if (verifyError == nsIDataSignatureVerifier::VERIFY_ERROR_UNKNOWN_ISSUER) {
mGlobalStatus = JAR_INVALID_UNKNOWN_CA;
} else {
mGlobalStatus = JAR_INVALID_SIG;
--- a/modules/libjar/nsJAR.h
+++ b/modules/libjar/nsJAR.h
@@ -112,18 +112,17 @@ class nsJAR final : public nsIZipReader
mozilla::Mutex mLock;
int64_t mMtime;
int32_t mTotalItemsInManifest;
bool mOpened;
bool mIsOmnijar;
nsresult ParseManifest();
void ReportError(const nsACString &aFilename, int16_t errorCode);
- nsresult LoadEntry(const nsACString &aFilename, char** aBuf,
- uint32_t* aBufLen = nullptr);
+ nsresult LoadEntry(const nsACString& aFilename, nsCString& aBuf);
int32_t ReadLine(const char** src);
nsresult ParseOneFile(const char* filebuf, int16_t aFileType);
nsresult VerifyEntry(nsJARManifestItem* aEntry, const char* aEntryData,
uint32_t aLen);
nsresult CalculateDigest(const char* aInBuf, uint32_t aInBufLen,
nsCString& digest);
};
--- a/security/manager/pki/nsNSSDialogs.cpp
+++ b/security/manager/pki/nsNSSDialogs.cpp
@@ -19,16 +19,17 @@
#include "nsIInterfaceRequestorUtils.h"
#include "nsIKeygenThread.h"
#include "nsIPromptService.h"
#include "nsIProtectedAuthThread.h"
#include "nsIWindowWatcher.h"
#include "nsIX509CertDB.h"
#include "nsIX509Cert.h"
#include "nsNSSDialogHelper.h"
+#include "nsPromiseFlatString.h"
#include "nsString.h"
#include "nsVariant.h"
#define PIPSTRING_BUNDLE_URL "chrome://pippki/locale/pippki.properties"
nsNSSDialogs::nsNSSDialogs()
{
}
@@ -52,46 +53,48 @@ nsNSSDialogs::Init()
do_GetService(NS_STRINGBUNDLE_CONTRACTID, &rv);
if (NS_FAILED(rv)) return rv;
rv = service->CreateBundle(PIPSTRING_BUNDLE_URL,
getter_AddRefs(mPIPStringBundle));
return rv;
}
-nsresult
-nsNSSDialogs::SetPassword(nsIInterfaceRequestor *ctx,
- const char16_t *tokenName, bool* _canceled)
+NS_IMETHODIMP
+nsNSSDialogs::SetPassword(nsIInterfaceRequestor* ctx,
+ const nsAString& tokenName,
+ /*out*/ bool* canceled)
{
- nsresult rv;
+ // |ctx| is allowed to be null.
+ NS_ENSURE_ARG(canceled);
- *_canceled = false;
+ *canceled = false;
// Get the parent window for the dialog
nsCOMPtr<mozIDOMWindowProxy> parent = do_GetInterface(ctx);
nsCOMPtr<nsIDialogParamBlock> block =
do_CreateInstance(NS_DIALOGPARAMBLOCK_CONTRACTID);
if (!block) return NS_ERROR_FAILURE;
- rv = block->SetString(1, tokenName);
+ nsresult rv = block->SetString(1, PromiseFlatString(tokenName).get());
if (NS_FAILED(rv)) return rv;
rv = nsNSSDialogHelper::openDialog(parent,
"chrome://pippki/content/changepassword.xul",
block);
if (NS_FAILED(rv)) return rv;
int32_t status;
rv = block->GetInt(1, &status);
if (NS_FAILED(rv)) return rv;
- *_canceled = (status == 0)?true:false;
+ *canceled = (status == 0);
return rv;
}
NS_IMETHODIMP
nsNSSDialogs::ConfirmDownloadCACert(nsIInterfaceRequestor* ctx,
nsIX509Cert* cert,
/*out*/ uint32_t* trust,
@@ -364,29 +367,35 @@ nsNSSDialogs::DisplayGeneratingKeypairIn
rv = nsNSSDialogHelper::openDialog(parent,
"chrome://pippki/content/createCertInfo.xul",
runnable);
return rv;
}
NS_IMETHODIMP
-nsNSSDialogs::ChooseToken(nsIInterfaceRequestor *aCtx, const char16_t **aTokenList, uint32_t aCount, char16_t **aTokenChosen, bool *aCanceled) {
- nsresult rv;
- uint32_t i;
+nsNSSDialogs::ChooseToken(nsIInterfaceRequestor* /*aCtx*/,
+ const char16_t** aTokenList,
+ uint32_t aCount,
+ /*out*/ nsAString& aTokenChosen,
+ /*out*/ bool* aCanceled)
+{
+ NS_ENSURE_ARG(aTokenList);
+ NS_ENSURE_ARG(aCanceled);
*aCanceled = false;
nsCOMPtr<nsIDialogParamBlock> block =
do_CreateInstance(NS_DIALOGPARAMBLOCK_CONTRACTID);
if (!block) return NS_ERROR_FAILURE;
block->SetNumberStrings(aCount);
- for (i = 0; i < aCount; i++) {
+ nsresult rv;
+ for (uint32_t i = 0; i < aCount; i++) {
rv = block->SetString(i, aTokenList[i]);
if (NS_FAILED(rv)) return rv;
}
rv = block->SetInt(0, aCount);
if (NS_FAILED(rv)) return rv;
rv = nsNSSDialogHelper::openDialog(nullptr,
@@ -394,20 +403,20 @@ nsNSSDialogs::ChooseToken(nsIInterfaceRe
block);
if (NS_FAILED(rv)) return rv;
int32_t status;
rv = block->GetInt(0, &status);
if (NS_FAILED(rv)) return rv;
- *aCanceled = (status == 0)?true:false;
+ *aCanceled = (status == 0);
if (!*aCanceled) {
// retrieve the nickname
- rv = block->GetString(0, aTokenChosen);
+ rv = block->GetString(0, getter_Copies(aTokenChosen));
}
return rv;
}
NS_IMETHODIMP
nsNSSDialogs::DisplayProtectedAuth(nsIInterfaceRequestor *aCtx, nsIProtectedAuthThread *runnable)
{
// We cannot use nsNSSDialogHelper here. We cannot allow close widget
--- a/security/manager/ssl/CertBlocklist.cpp
+++ b/security/manager/ssl/CertBlocklist.cpp
@@ -10,24 +10,26 @@
#include "mozilla/Base64.h"
#include "mozilla/Casting.h"
#include "mozilla/IntegerPrintfMacros.h"
#include "mozilla/Logging.h"
#include "mozilla/Preferences.h"
#include "mozilla/Unused.h"
#include "nsAppDirectoryServiceDefs.h"
#include "nsCRTGlue.h"
+#include "nsDependentString.h"
#include "nsDirectoryServiceUtils.h"
#include "nsICryptoHash.h"
#include "nsIFileStreams.h"
#include "nsILineInputStream.h"
#include "nsISafeOutputStream.h"
#include "nsIX509Cert.h"
#include "nsNetCID.h"
#include "nsNetUtil.h"
+#include "nsPromiseFlatString.h"
#include "nsTHashtable.h"
#include "nsThreadUtils.h"
#include "pkix/Input.h"
#include "prtime.h"
NS_IMPL_ISUPPORTS(CertBlocklist, nsICertBlocklist)
using namespace mozilla;
@@ -307,41 +309,41 @@ CertBlocklist::EnsureBackingFileInitiali
"failed"));
}
} while (more);
mBackingFileIsInitialized = true;
return NS_OK;
}
NS_IMETHODIMP
-CertBlocklist::RevokeCertBySubjectAndPubKey(const char* aSubject,
- const char* aPubKeyHash)
+CertBlocklist::RevokeCertBySubjectAndPubKey(const nsACString& aSubject,
+ const nsACString& aPubKeyHash)
{
MOZ_LOG(gCertBlockPRLog, LogLevel::Debug,
("CertBlocklist::RevokeCertBySubjectAndPubKey - subject is: %s and pubKeyHash: %s",
- aSubject, aPubKeyHash));
+ PromiseFlatCString(aSubject).get(),
+ PromiseFlatCString(aPubKeyHash).get()));
MutexAutoLock lock(mMutex);
- return AddRevokedCertInternal(nsDependentCString(aSubject),
- nsDependentCString(aPubKeyHash),
+ return AddRevokedCertInternal(aSubject, aPubKeyHash,
BlockBySubjectAndPubKey,
CertNewFromBlocklist, lock);
}
NS_IMETHODIMP
-CertBlocklist::RevokeCertByIssuerAndSerial(const char* aIssuer,
- const char* aSerialNumber)
+CertBlocklist::RevokeCertByIssuerAndSerial(const nsACString& aIssuer,
+ const nsACString& aSerialNumber)
{
MOZ_LOG(gCertBlockPRLog, LogLevel::Debug,
("CertBlocklist::RevokeCertByIssuerAndSerial - issuer is: %s and serial: %s",
- aIssuer, aSerialNumber));
+ PromiseFlatCString(aIssuer).get(),
+ PromiseFlatCString(aSerialNumber).get()));
MutexAutoLock lock(mMutex);
- return AddRevokedCertInternal(nsDependentCString(aIssuer),
- nsDependentCString(aSerialNumber),
+ return AddRevokedCertInternal(aIssuer, aSerialNumber,
BlockByIssuerAndSerial,
CertNewFromBlocklist, lock);
}
nsresult
CertBlocklist::AddRevokedCertInternal(const nsACString& aEncodedDN,
const nsACString& aEncodedOther,
CertBlocklistItemMechanism aMechanism,
--- a/security/manager/ssl/CertBlocklist.h
+++ b/security/manager/ssl/CertBlocklist.h
@@ -2,22 +2,23 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef CertBlocklist_h
#define CertBlocklist_h
#include "mozilla/Mutex.h"
+#include "nsCOMPtr.h"
#include "nsClassHashtable.h"
-#include "nsCOMPtr.h"
#include "nsICertBlocklist.h"
#include "nsIOutputStream.h"
+#include "nsIX509CertDB.h"
+#include "nsString.h"
#include "nsTHashtable.h"
-#include "nsIX509CertDB.h"
#include "pkix/Input.h"
#define NS_CERT_BLOCKLIST_CID \
{0x11aefd53, 0x2fbb, 0x4c92, {0xa0, 0xc1, 0x05, 0x32, 0x12, 0xae, 0x42, 0xd0} }
enum CertBlocklistItemMechanism {
BlockByIssuerAndSerial,
BlockBySubjectAndPubKey
--- a/security/manager/ssl/SecretDecoderRing.cpp
+++ b/security/manager/ssl/SecretDecoderRing.cpp
@@ -170,17 +170,17 @@ SecretDecoderRing::ChangePassword()
NS_GET_IID(nsITokenPasswordDialogs),
NS_TOKENPASSWORDSDIALOG_CONTRACTID);
if (NS_FAILED(rv)) {
return rv;
}
nsCOMPtr<nsIInterfaceRequestor> ctx = new PipUIContext();
bool canceled; // Ignored
- return dialogs->SetPassword(ctx, tokenName.get(), &canceled);
+ return dialogs->SetPassword(ctx, tokenName, &canceled);
}
NS_IMETHODIMP
SecretDecoderRing::Logout()
{
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
nsresult rv;
--- a/security/manager/ssl/nsDataSignatureVerifier.cpp
+++ b/security/manager/ssl/nsDataSignatureVerifier.cpp
@@ -1,27 +1,28 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsDataSignatureVerifier.h"
+#include "ScopedNSSTypes.h"
+#include "SharedCertVerifier.h"
#include "cms.h"
#include "cryptohi.h"
#include "keyhi.h"
#include "mozilla/Casting.h"
#include "mozilla/Unused.h"
#include "nsCOMPtr.h"
#include "nsNSSComponent.h"
+#include "nsString.h"
#include "nssb64.h"
#include "pkix/pkixnss.h"
#include "pkix/pkixtypes.h"
-#include "ScopedNSSTypes.h"
#include "secerr.h"
-#include "SharedCertVerifier.h"
using namespace mozilla;
using namespace mozilla::pkix;
using namespace mozilla::psm;
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
NS_IMPL_ISUPPORTS(nsDataSignatureVerifier, nsIDataSignatureVerifier)
@@ -268,48 +269,46 @@ VerifyCertificate(CERTCertificate* cert,
}
return NS_OK;
}
} // namespace
NS_IMETHODIMP
-nsDataSignatureVerifier::VerifySignature(const char* aRSABuf,
- uint32_t aRSABufLen,
- const char* aPlaintext,
- uint32_t aPlaintextLen,
+nsDataSignatureVerifier::VerifySignature(const nsACString& aRSABuf,
+ const nsACString& aPlaintext,
int32_t* aErrorCode,
nsIX509Cert** aSigningCert)
{
- if (!aRSABuf || !aPlaintext || !aErrorCode || !aSigningCert) {
+ if (!aErrorCode || !aSigningCert) {
return NS_ERROR_INVALID_ARG;
}
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
return NS_ERROR_NOT_AVAILABLE;
}
*aErrorCode = VERIFY_ERROR_OTHER;
*aSigningCert = nullptr;
Digest digest;
nsresult rv = digest.DigestBuf(
SEC_OID_SHA1,
- BitwiseCast<const uint8_t*, const char*>(aPlaintext),
- aPlaintextLen);
+ BitwiseCast<const uint8_t*, const char*>(aPlaintext.BeginReading()),
+ aPlaintext.Length());
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
SECItem buffer = {
siBuffer,
- BitwiseCast<unsigned char*, const char*>(aRSABuf),
- aRSABufLen
+ BitwiseCast<unsigned char*, const char*>(aRSABuf.BeginReading()),
+ aRSABuf.Length(),
};
VerifyCertificateContext context;
// XXX: pinArg is missing
rv = VerifyCMSDetachedSignatureIncludingCertificate(buffer, digest.get(),
VerifyCertificate,
&context, nullptr, locker);
if (NS_SUCCEEDED(rv)) {
--- a/security/manager/ssl/nsICertBlocklist.idl
+++ b/security/manager/ssl/nsICertBlocklist.idl
@@ -15,24 +15,26 @@ interface nsIX509Cert;
* Represents a service to add certificates as explicitly blocked/distrusted.
*/
[scriptable, uuid(e0654480-f433-11e4-b939-0800200c9a66)]
interface nsICertBlocklist : nsISupports {
/**
* Add details of a revoked certificate :
* issuer name (base-64 encoded DER) and serial number (base-64 encoded DER).
*/
- void revokeCertByIssuerAndSerial(in string issuer, in string serialNumber);
+ void revokeCertByIssuerAndSerial(in ACString issuer,
+ in ACString serialNumber);
/**
* Add details of a revoked certificate :
* subject name (base-64 encoded DER) and hash of public key (base-64 encoded
* sha-256 hash of the public key).
*/
- void revokeCertBySubjectAndPubKey(in string subject, in string pubKeyHash);
+ void revokeCertBySubjectAndPubKey(in ACString subject,
+ in ACString pubKeyHash);
/**
* Persist (fresh) blocklist entries to the profile (if a profile directory is
* available). Note: calling this will result in synchronous I/O.
*/
void saveEntries();
/**
--- a/security/manager/ssl/nsIDataSignatureVerifier.idl
+++ b/security/manager/ssl/nsIDataSignatureVerifier.idl
@@ -26,15 +26,12 @@ interface nsIDataSignatureVerifier : nsI
*/
boolean verifyData(in ACString aData, in ACString aSignature, in ACString aPublicKey);
/* Sig Verification Error Codes */
const long VERIFY_OK = 0;
const long VERIFY_ERROR_UNKNOWN_ISSUER = 1;
const long VERIFY_ERROR_OTHER = 2;
- nsIX509Cert verifySignature(in string aSignature,
- in unsigned long aSignatureLen,
- in string plaintext,
- in unsigned long plaintextLen,
+ nsIX509Cert verifySignature(in ACString signature, in ACString plaintext,
out long errorCode);
};
--- a/security/manager/ssl/nsITokenDialogs.idl
+++ b/security/manager/ssl/nsITokenDialogs.idl
@@ -8,17 +8,17 @@ interface nsIInterfaceRequestor;
interface nsIProtectedAuthThread;
[scriptable, uuid(a1cbc159-468c-495d-8068-61dd538cbcca)]
interface nsITokenDialogs : nsISupports
{
void ChooseToken(in nsIInterfaceRequestor ctx,
[array, size_is(count)] in wstring tokenNameList,
in unsigned long count,
- out wstring tokenName,
+ out AString tokenName,
out boolean canceled);
/**
* displayProtectedAuth - displays notification dialog to the user
* that he is expected to authenticate to the token using its
* "protected authentication path" feature
*/
void displayProtectedAuth(in nsIInterfaceRequestor ctx,
--- a/security/manager/ssl/nsITokenPasswordDialogs.idl
+++ b/security/manager/ssl/nsITokenPasswordDialogs.idl
@@ -15,14 +15,14 @@ interface nsITokenPasswordDialogs : nsIS
{
/**
* Brings up a dialog to set the password on a token.
*
* @param ctx A user interface context.
* @param tokenName Name of the token.
* @return true if the user canceled the dialog, false otherwise.
*/
- boolean setPassword(in nsIInterfaceRequestor ctx, in wstring tokenName);
+ boolean setPassword(in nsIInterfaceRequestor ctx, in AString tokenName);
};
%{C++
#define NS_TOKENPASSWORDSDIALOG_CONTRACTID "@mozilla.org/nsTokenPasswordDialogs;1"
%}
--- a/security/manager/ssl/nsKeygenHandler.cpp
+++ b/security/manager/ssl/nsKeygenHandler.cpp
@@ -293,17 +293,17 @@ uint32_t MapGenMechToAlgoMech(uint32_t m
nsresult
GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
PK11SlotInfo** aSlot, nsNSSShutDownPreventionLock& /*proofOfLock*/)
{
PK11SlotList * slotList = nullptr;
char16_t** tokenNameList = nullptr;
nsCOMPtr<nsITokenDialogs> dialogs;
- char16_t *unicodeTokenChosen;
+ nsAutoString tokenStr;
PK11SlotListElement *slotElement, *tmpSlot;
uint32_t numSlots = 0, i = 0;
bool canceled;
nsresult rv = NS_OK;
*aSlot = nullptr;
// Get the slot
@@ -355,25 +355,24 @@ GetSlotWithMechanism(uint32_t aMechanism
if (NS_FAILED(rv)) {
goto loser;
}
if (!tokenNameList || !*tokenNameList) {
rv = NS_ERROR_OUT_OF_MEMORY;
} else {
rv = dialogs->ChooseToken(m_ctx, (const char16_t**)tokenNameList,
- numSlots, &unicodeTokenChosen, &canceled);
+ numSlots, tokenStr, &canceled);
}
if (NS_FAILED(rv)) goto loser;
if (canceled) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
// Get the slot //
slotElement = PK11_GetFirstSafe(slotList);
- nsAutoString tokenStr(unicodeTokenChosen);
while (slotElement) {
if (tokenStr.Equals(NS_ConvertUTF8toUTF16(PK11_GetTokenName(slotElement->slot)))) {
*aSlot = slotElement->slot;
PK11_FreeSlotListElement(slotList, slotElement);
break;
}
slotElement = PK11_GetNextSafe(slotList, slotElement, false);
}
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -2325,17 +2325,17 @@ setPassword(PK11SlotInfo* slot, nsIInter
NS_GET_IID(nsITokenPasswordDialogs),
NS_TOKENPASSWORDSDIALOG_CONTRACTID);
if (NS_FAILED(rv)) {
return rv;
}
bool canceled;
NS_ConvertUTF8toUTF16 tokenName(PK11_GetTokenName(slot));
- rv = dialogs->SetPassword(ctx, tokenName.get(), &canceled);
+ rv = dialogs->SetPassword(ctx, tokenName, &canceled);
if (NS_FAILED(rv)) {
return rv;
}
if (canceled) {
return NS_ERROR_NOT_AVAILABLE;
}
}