bug 1250818 - remove certificate issuer organization to common name fallback r?Cykesiopka
Before this change, if a certificate's issuer DN did not have an organization
component, nsIX509Cert.issuerOrganization would fall back to using the issuer
common name. This was never a good idea, because this gave misleading
information to consumers of this interface. Furthermore, it appears that all
consumers of this interface already do such a fallback (for display purposes)
when they've determined that it's a reasonable thing to do.
MozReview-Commit-ID: p2gmSP0nZW
--- a/security/manager/ssl/nsNSSCertificate.cpp
+++ b/security/manager/ssl/nsNSSCertificate.cpp
@@ -741,18 +741,16 @@ nsNSSCertificate::GetIssuerOrganization(
return NS_ERROR_NOT_AVAILABLE;
aOrganization.Truncate();
if (mCert) {
char* organization = CERT_GetOrgName(&mCert->issuer);
if (organization) {
aOrganization = NS_ConvertUTF8toUTF16(organization);
PORT_Free(organization);
- } else {
- return GetIssuerCommonName(aOrganization);
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetIssuerOrganizationUnit(nsAString& aOrganizationUnit)
{