Bug 1259909 - Obviate char PORT_Free() calls in PSM. r=keeler
Also converts the longer |UniquePtr<char, void(&)(void*)> foo(..., PORT_Free)|
to the shorter and equivalent |UniquePORTString foo(...)|.
MozReview-Commit-ID: LlrTNUYBP4V
--- a/security/apps/AppSignatureVerification.cpp
+++ b/security/apps/AppSignatureVerification.cpp
@@ -2,42 +2,43 @@
/* vim: set ts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsNSSCertificateDB.h"
#include "AppTrustDomain.h"
+#include "CryptoTask.h"
+#include "NSSCertDBTrustDomain.h"
+#include "ScopedNSSTypes.h"
#include "base64.h"
#include "certdb.h"
-#include "CryptoTask.h"
+#include "mozilla/Logging.h"
#include "mozilla/RefPtr.h"
#include "mozilla/UniquePtr.h"
+#include "nsCOMPtr.h"
#include "nsComponentManagerUtils.h"
-#include "nsCOMPtr.h"
#include "nsDataSignatureVerifier.h"
#include "nsHashKeys.h"
+#include "nsIDirectoryEnumerator.h"
#include "nsIFile.h"
#include "nsIFileStreams.h"
#include "nsIInputStream.h"
#include "nsIStringEnumerator.h"
-#include "nsIDirectoryEnumerator.h"
#include "nsIZipReader.h"
-#include "nsNetUtil.h"
#include "nsNSSCertificate.h"
+#include "nsNetUtil.h"
#include "nsProxyRelease.h"
-#include "nssb64.h"
-#include "NSSCertDBTrustDomain.h"
#include "nsString.h"
#include "nsTHashtable.h"
-#include "plstr.h"
-#include "mozilla/Logging.h"
+#include "nssb64.h"
#include "pkix/pkix.h"
#include "pkix/pkixnss.h"
+#include "plstr.h"
#include "secmime.h"
using namespace mozilla::pkix;
using namespace mozilla;
using namespace mozilla::psm;
extern mozilla::LazyLogModule gPIPNSSLog;
@@ -872,20 +873,19 @@ VerifySignedManifest(AppTrustedRoot aTru
rv = manifestCalculatedDigest.DigestBuf(SEC_OID_SHA1,
manifestBuffer.data,
manifestBuffer.len - 1); // buffer is null terminated
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
// Get base64 encoded string from manifest buffer digest
- UniquePtr<char, void(&)(void*)>
+ UniquePORTString
base64EncDigest(NSSBase64_EncodeItem(nullptr, nullptr, 0,
- const_cast<SECItem*>(&manifestCalculatedDigest.get())),
- PORT_Free);
+ const_cast<SECItem*>(&manifestCalculatedDigest.get())));
if (NS_WARN_IF(!base64EncDigest)) {
return NS_ERROR_OUT_OF_MEMORY;
}
// Calculate SHA1 digest of the base64 encoded string
Digest doubleDigest;
rv = doubleDigest.DigestBuf(SEC_OID_SHA1,
reinterpret_cast<uint8_t*>(base64EncDigest.get()),
--- a/security/certverifier/NSSCertDBTrustDomain.cpp
+++ b/security/certverifier/NSSCertDBTrustDomain.cpp
@@ -1001,30 +1001,29 @@ LoadLoadableRoots(/*optional*/ const cha
}
UniquePtr<char, void(&)(char*)>
fullLibraryPath(PR_GetLibraryName(dir, "nssckbi"), PR_FreeLibraryName);
if (!fullLibraryPath) {
return SECFailure;
}
- UniquePtr<char, void(&)(void*)>
- escaped_fullLibraryPath(nss_addEscape(fullLibraryPath.get(), '\"'),
- PORT_Free);
- if (!escaped_fullLibraryPath) {
+ UniquePORTString escapedFullLibraryPath(nss_addEscape(fullLibraryPath.get(),
+ '\"'));
+ if (!escapedFullLibraryPath) {
return SECFailure;
}
// If a module exists with the same name, delete it.
int modType;
SECMOD_DeleteModule(modNameUTF8, &modType);
UniquePtr<char, void(&)(char*)>
pkcs11ModuleSpec(PR_smprintf("name=\"%s\" library=\"%s\"", modNameUTF8,
- escaped_fullLibraryPath.get()),
+ escapedFullLibraryPath.get()),
PR_smprintf_free);
if (!pkcs11ModuleSpec) {
return SECFailure;
}
UniqueSECMODModule rootsModule(SECMOD_LoadUserModule(pkcs11ModuleSpec.get(),
nullptr, false));
if (!rootsModule) {
--- a/security/manager/ssl/SSLServerCertVerification.cpp
+++ b/security/manager/ssl/SSLServerCertVerification.cpp
@@ -98,16 +98,17 @@
#include "BRNameMatchingPolicy.h"
#include "CertVerifier.h"
#include "CryptoTask.h"
#include "ExtendedValidation.h"
#include "NSSCertDBTrustDomain.h"
#include "PSMRunnable.h"
#include "RootCertificateTelemetryUtils.h"
+#include "ScopedNSSTypes.h"
#include "SharedSSLState.h"
#include "cert.h"
#include "mozilla/Assertions.h"
#include "mozilla/Mutex.h"
#include "mozilla/Telemetry.h"
#include "mozilla/UniquePtr.h"
#include "mozilla/net/DNS.h"
#include "mozilla/unused.h"
@@ -900,18 +901,17 @@ GatherBaselineRequirementsTelemetry(cons
CERT_LIST_END(rootNode, certList)) {
return;
}
CERTCertificate* cert = endEntityNode->cert;
PR_ASSERT(cert);
if (!cert) {
return;
}
- UniquePtr<char, void(&)(void*)>
- commonName(CERT_GetCommonName(&cert->subject), PORT_Free);
+ UniquePORTString commonName(CERT_GetCommonName(&cert->subject));
// This only applies to certificates issued by authorities in our root
// program.
CERTCertificate* rootCert = rootNode->cert;
PR_ASSERT(rootCert);
if (!rootCert) {
return;
}
bool isBuiltIn = false;
--- a/security/manager/ssl/nsCryptoHash.cpp
+++ b/security/manager/ssl/nsCryptoHash.cpp
@@ -202,21 +202,20 @@ nsCryptoHash::Finish(bool ascii, nsACStr
unsigned char* pbuffer = buffer;
HASH_End(mHashContext, pbuffer, &hashLen, HASH_LENGTH_MAX);
mInitialized = false;
if (ascii)
{
- char *asciiData = BTOA_DataToAscii(buffer, hashLen);
+ UniquePORTString asciiData(BTOA_DataToAscii(buffer, hashLen));
NS_ENSURE_TRUE(asciiData, NS_ERROR_OUT_OF_MEMORY);
- _retval.Assign(asciiData);
- PORT_Free(asciiData);
+ _retval.Assign(asciiData.get());
}
else
{
_retval.Assign((const char*)buffer, hashLen);
}
return NS_OK;
}
@@ -398,29 +397,28 @@ nsCryptoHMAC::Finish(bool aASCII, nsACSt
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
return NS_ERROR_NOT_AVAILABLE;
}
if (!mHMACContext)
return NS_ERROR_NOT_INITIALIZED;
-
+
uint32_t hashLen = 0;
unsigned char buffer[HASH_LENGTH_MAX];
unsigned char* pbuffer = buffer;
PK11_DigestFinal(mHMACContext, pbuffer, &hashLen, HASH_LENGTH_MAX);
if (aASCII)
{
- char *asciiData = BTOA_DataToAscii(buffer, hashLen);
+ UniquePORTString asciiData(BTOA_DataToAscii(buffer, hashLen));
NS_ENSURE_TRUE(asciiData, NS_ERROR_OUT_OF_MEMORY);
- _retval.Assign(asciiData);
- PORT_Free(asciiData);
+ _retval.Assign(asciiData.get());
}
else
{
_retval.Assign((const char*)buffer, hashLen);
}
return NS_OK;
}
--- a/security/manager/ssl/nsNSSCertHelper.cpp
+++ b/security/manager/ssl/nsNSSCertHelper.cpp
@@ -2107,15 +2107,14 @@ GetCertFingerprintByOidTag(CERTCertifica
SECOidTag aOidTag,
nsCString &fp)
{
Digest digest;
nsresult rv = digest.DigestBuf(aOidTag, nsscert->derCert.data,
nsscert->derCert.len);
NS_ENSURE_SUCCESS(rv, rv);
- char *tmpstr = CERT_Hexify(const_cast<SECItem*>(&digest.get()), 1);
+ UniquePORTString tmpstr(CERT_Hexify(const_cast<SECItem*>(&digest.get()), 1));
NS_ENSURE_TRUE(tmpstr, NS_ERROR_OUT_OF_MEMORY);
- fp.Assign(tmpstr);
- PORT_Free(tmpstr);
+ fp.Assign(tmpstr.get());
return NS_OK;
}
--- a/security/manager/ssl/nsNSSCertificate.cpp
+++ b/security/manager/ssl/nsNSSCertificate.cpp
@@ -1,60 +1,57 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsNSSCertificate.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "prprf.h"
#include "CertVerifier.h"
#include "ExtendedValidation.h"
-#include "mozilla/UniquePtr.h"
+#include "NSSCertDBTrustDomain.h"
+#include "certdb.h"
+#include "mozilla/Base64.h"
#include "mozilla/unused.h"
+#include "nsArray.h"
+#include "nsCOMPtr.h"
+#include "nsCRT.h"
+#include "nsCertVerificationThread.h"
+#include "nsICertificateDialogs.h"
+#include "nsIClassInfoImpl.h"
+#include "nsIObjectInputStream.h"
+#include "nsIObjectOutputStream.h"
+#include "nsISupportsPrimitives.h"
+#include "nsIURI.h"
+#include "nsIX509Cert.h"
+#include "nsNSSASN1Object.h"
+#include "nsNSSCertHelper.h"
+#include "nsNSSCertValidity.h"
+#include "nsNSSComponent.h" // for PIPNSS string bundle calls.
+#include "nsPK11TokenDB.h"
+#include "nsPKCS12Blob.h"
+#include "nsProxyRelease.h"
+#include "nsReadableUtils.h"
+#include "nsString.h"
+#include "nsThreadUtils.h"
+#include "nsUnicharUtils.h"
+#include "nsUsageArrayHelper.h"
+#include "nsXULAppAPI.h"
+#include "nspr.h"
+#include "nssb64.h"
#include "pkix/pkixnss.h"
#include "pkix/pkixtypes.h"
-#include "nsNSSComponent.h" // for PIPNSS string bundle calls.
-#include "nsCOMPtr.h"
-#include "nsArray.h"
-#include "nsNSSCertValidity.h"
-#include "nsPKCS12Blob.h"
-#include "nsPK11TokenDB.h"
-#include "nsIX509Cert.h"
-#include "nsIClassInfoImpl.h"
-#include "nsNSSASN1Object.h"
-#include "nsString.h"
-#include "nsXPIDLString.h"
-#include "nsReadableUtils.h"
-#include "nsIURI.h"
-#include "nsCRT.h"
-#include "nsUsageArrayHelper.h"
-#include "nsICertificateDialogs.h"
-#include "nsNSSCertHelper.h"
-#include "nsISupportsPrimitives.h"
-#include "nsUnicharUtils.h"
-#include "nsThreadUtils.h"
-#include "nsCertVerificationThread.h"
-#include "nsIObjectOutputStream.h"
-#include "nsIObjectInputStream.h"
-#include "nsXULAppAPI.h"
-#include "nsProxyRelease.h"
-#include "mozilla/Base64.h"
-#include "NSSCertDBTrustDomain.h"
-#include "nspr.h"
-#include "certdb.h"
-#include "pkix/pkixtypes.h"
-#include "secerr.h"
-#include "nssb64.h"
+#include "plbase64.h"
+#include "prerror.h"
+#include "prmem.h"
+#include "prprf.h"
#include "secasn1.h"
#include "secder.h"
+#include "secerr.h"
#include "ssl.h"
-#include "plbase64.h"
#ifdef XP_WIN
#include <winsock.h> // for htonl
#endif
using namespace mozilla;
using namespace mozilla::psm;
@@ -555,18 +552,17 @@ nsNSSCertificate::GetWindowTitle(nsAStri
aWindowTitle.Truncate();
if (!mCert) {
NS_ERROR("Somehow got nullptr for mCert in nsNSSCertificate.");
return NS_ERROR_FAILURE;
}
- UniquePtr<char, void(&)(void*)>
- commonName(CERT_GetCommonName(&mCert->subject), PORT_Free);
+ UniquePORTString commonName(CERT_GetCommonName(&mCert->subject));
const char* titleOptions[] = {
mCert->nickname,
commonName.get(),
mCert->subjectName,
mCert->emailAddr
};
@@ -704,92 +700,87 @@ NS_IMETHODIMP
nsNSSCertificate::GetCommonName(nsAString& aCommonName)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
aCommonName.Truncate();
if (mCert) {
- char* commonName = CERT_GetCommonName(&mCert->subject);
+ UniquePORTString commonName(CERT_GetCommonName(&mCert->subject));
if (commonName) {
- aCommonName = NS_ConvertUTF8toUTF16(commonName);
- PORT_Free(commonName);
+ aCommonName = NS_ConvertUTF8toUTF16(commonName.get());
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetOrganization(nsAString& aOrganization)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
aOrganization.Truncate();
if (mCert) {
- char* organization = CERT_GetOrgName(&mCert->subject);
+ UniquePORTString organization(CERT_GetOrgName(&mCert->subject));
if (organization) {
- aOrganization = NS_ConvertUTF8toUTF16(organization);
- PORT_Free(organization);
+ aOrganization = NS_ConvertUTF8toUTF16(organization.get());
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetIssuerCommonName(nsAString& aCommonName)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
aCommonName.Truncate();
if (mCert) {
- char* commonName = CERT_GetCommonName(&mCert->issuer);
+ UniquePORTString commonName(CERT_GetCommonName(&mCert->issuer));
if (commonName) {
- aCommonName = NS_ConvertUTF8toUTF16(commonName);
- PORT_Free(commonName);
+ aCommonName = NS_ConvertUTF8toUTF16(commonName.get());
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetIssuerOrganization(nsAString& aOrganization)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
aOrganization.Truncate();
if (mCert) {
- char* organization = CERT_GetOrgName(&mCert->issuer);
+ UniquePORTString organization(CERT_GetOrgName(&mCert->issuer));
if (organization) {
- aOrganization = NS_ConvertUTF8toUTF16(organization);
- PORT_Free(organization);
+ aOrganization = NS_ConvertUTF8toUTF16(organization.get());
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetIssuerOrganizationUnit(nsAString& aOrganizationUnit)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
aOrganizationUnit.Truncate();
if (mCert) {
- char* organizationUnit = CERT_GetOrgUnitName(&mCert->issuer);
+ UniquePORTString organizationUnit(CERT_GetOrgUnitName(&mCert->issuer));
if (organizationUnit) {
- aOrganizationUnit = NS_ConvertUTF8toUTF16(organizationUnit);
- PORT_Free(organizationUnit);
+ aOrganizationUnit = NS_ConvertUTF8toUTF16(organizationUnit.get());
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetIssuer(nsIX509Cert** aIssuer)
{
@@ -824,20 +815,19 @@ NS_IMETHODIMP
nsNSSCertificate::GetOrganizationalUnit(nsAString& aOrganizationalUnit)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
aOrganizationalUnit.Truncate();
if (mCert) {
- char* orgunit = CERT_GetOrgUnitName(&mCert->subject);
+ UniquePORTString orgunit(CERT_GetOrgUnitName(&mCert->subject));
if (orgunit) {
- aOrganizationalUnit = NS_ConvertUTF8toUTF16(orgunit);
- PORT_Free(orgunit);
+ aOrganizationalUnit = NS_ConvertUTF8toUTF16(orgunit.get());
}
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetChain(nsIArray** _rvChain)
{
@@ -1007,20 +997,19 @@ nsNSSCertificate::GetIssuerName(nsAStrin
NS_IMETHODIMP
nsNSSCertificate::GetSerialNumber(nsAString& _serialNumber)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
_serialNumber.Truncate();
- char* tmpstr = CERT_Hexify(&mCert->serialNumber, 1);
+ UniquePORTString tmpstr(CERT_Hexify(&mCert->serialNumber, 1));
if (tmpstr) {
- _serialNumber = NS_ConvertASCIItoUTF16(tmpstr);
- PORT_Free(tmpstr);
+ _serialNumber = NS_ConvertASCIItoUTF16(tmpstr.get());
return NS_OK;
}
return NS_ERROR_FAILURE;
}
nsresult
nsNSSCertificate::GetCertificateHash(nsAString& aFingerprint, SECOidTag aHashAlg)
{
@@ -1033,23 +1022,22 @@ nsNSSCertificate::GetCertificateHash(nsA
Digest digest;
nsresult rv = digest.DigestBuf(aHashAlg, mCert->derCert.data,
mCert->derCert.len);
if (NS_FAILED(rv)) {
return rv;
}
// CERT_Hexify's second argument is an int that is interpreted as a boolean
- char* fpStr = CERT_Hexify(const_cast<SECItem*>(&digest.get()), 1);
+ UniquePORTString fpStr(CERT_Hexify(const_cast<SECItem*>(&digest.get()), 1));
if (!fpStr) {
return NS_ERROR_FAILURE;
}
- aFingerprint.AssignASCII(fpStr);
- PORT_Free(fpStr);
+ aFingerprint.AssignASCII(fpStr.get());
return NS_OK;
}
NS_IMETHODIMP
nsNSSCertificate::GetSha256Fingerprint(nsAString& aSha256Fingerprint)
{
return GetCertificateHash(aSha256Fingerprint, SEC_OID_SHA256);
}
--- a/security/manager/ssl/nsNSSCertificateDB.cpp
+++ b/security/manager/ssl/nsNSSCertificateDB.cpp
@@ -1277,29 +1277,25 @@ nsNSSCertificateDB::get_default_nickname
CK_OBJECT_HANDLE keyHandle;
CERTCertDBHandle *defaultcertdb = CERT_GetDefaultCertDB();
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
if (NS_FAILED(rv))
return;
nsAutoCString username;
- char *temp_un = CERT_GetCommonName(&cert->subject);
- if (temp_un) {
- username = temp_un;
- PORT_Free(temp_un);
- temp_un = nullptr;
+ UniquePORTString tempCN(CERT_GetCommonName(&cert->subject));
+ if (tempCN) {
+ username = tempCN.get();
}
nsAutoCString caname;
- char *temp_ca = CERT_GetOrgName(&cert->issuer);
- if (temp_ca) {
- caname = temp_ca;
- PORT_Free(temp_ca);
- temp_ca = nullptr;
+ UniquePORTString tempIssuerOrg(CERT_GetOrgName(&cert->issuer));
+ if (tempIssuerOrg) {
+ caname = tempIssuerOrg.get();
}
nsAutoString tmpNickFmt;
nssComponent->GetPIPNSSBundleString("nick_template", tmpNickFmt);
NS_ConvertUTF16toUTF8 nickFmt(tmpNickFmt);
nsAutoCString baseName;
char *temp_nn = PR_smprintf(nickFmt.get(), username.get(), caname.get());
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -5,26 +5,26 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#define CERT_AddTempCertToPerm __CERT_AddTempCertToPerm
#include "nsNSSComponent.h"
#include "ExtendedValidation.h"
#include "NSSCertDBTrustDomain.h"
+#include "ScopedNSSTypes.h"
#include "SharedSSLState.h"
#include "cert.h"
#include "certdb.h"
#include "mozilla/Preferences.h"
#include "mozilla/PublicSSL.h"
#include "mozilla/Services.h"
#include "mozilla/StaticPtr.h"
#include "mozilla/SyncRunnable.h"
#include "mozilla/Telemetry.h"
-#include "mozilla/UniquePtr.h"
#include "nsAppDirectoryServiceDefs.h"
#include "nsCRT.h"
#include "nsCertVerificationThread.h"
#include "nsClientAuthRemember.h"
#include "nsComponentManagerUtils.h"
#include "nsDirectoryServiceDefs.h"
#include "nsIBufEntropyCollector.h"
#include "nsICertOverrideService.h"
@@ -680,18 +680,17 @@ MaybeImportFamilySafetyRoot(PCCERT_CONTE
nullptr, // nickname unnecessary
false, // not permanent
true)); // copy DER
if (!nssCertificate) {
MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("couldn't decode certificate"));
return NS_ERROR_FAILURE;
}
// Looking for a certificate with the common name 'Microsoft Family Safety'
- UniquePtr<char, void(&)(void*)> subjectName(
- CERT_GetCommonName(&nssCertificate->subject), PORT_Free);
+ UniquePORTString subjectName(CERT_GetCommonName(&nssCertificate->subject));
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
("subject name is '%s'", subjectName.get()));
if (nsCRT::strcmp(subjectName.get(), "Microsoft Family Safety") == 0) {
wasFamilySafetyRoot = true;
CERTCertTrust trust = {
CERTDB_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_USER,
0,
0
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -1,55 +1,50 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsNSSIOLayer.h"
-#include "pkix/pkixtypes.h"
-#include "nsNSSComponent.h"
+#include <algorithm>
+
+#include "NSSCertDBTrustDomain.h"
+#include "NSSErrorsService.h"
+#include "PSMRunnable.h"
+#include "SSLServerCertVerification.h"
+#include "ScopedNSSTypes.h"
+#include "SharedSSLState.h"
+#include "keyhi.h"
#include "mozilla/Casting.h"
#include "mozilla/DebugOnly.h"
-#include "mozilla/UniquePtr.h"
+#include "mozilla/Logging.h"
+#include "mozilla/Preferences.h"
#include "mozilla/Telemetry.h"
-
-#include "mozilla/Logging.h"
+#include "nsCharSeparatedTokenizer.h"
+#include "nsClientAuthRemember.h"
+#include "nsContentUtils.h"
+#include "nsIClientAuthDialogs.h"
+#include "nsIConsoleService.h"
+#include "nsIPrefService.h"
+#include "nsISocketProvider.h"
+#include "nsIWebProgressListener.h"
+#include "nsNSSCertHelper.h"
+#include "nsNSSComponent.h"
+#include "nsPrintfCString.h"
+#include "nsServiceManagerUtils.h"
+#include "pkix/pkixtypes.h"
#include "prmem.h"
#include "prnetdb.h"
-#include "nsIPrefService.h"
-#include "nsIClientAuthDialogs.h"
-#include "nsIWebProgressListener.h"
-#include "nsClientAuthRemember.h"
-#include "nsServiceManagerUtils.h"
-
-#include "nsISocketProvider.h"
-#include "nsPrintfCString.h"
-#include "SSLServerCertVerification.h"
-#include "nsNSSCertHelper.h"
-
-#include "nsCharSeparatedTokenizer.h"
-#include "nsIConsoleService.h"
-#include "PSMRunnable.h"
-#include "ScopedNSSTypes.h"
-#include "SharedSSLState.h"
-#include "mozilla/Preferences.h"
-#include "nsContentUtils.h"
-#include "NSSCertDBTrustDomain.h"
-#include "NSSErrorsService.h"
-
+#include "secder.h"
+#include "secerr.h"
#include "ssl.h"
+#include "sslerr.h"
#include "sslproto.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "secder.h"
-#include "keyhi.h"
-
-#include <algorithm>
using namespace mozilla;
using namespace mozilla::psm;
//#define DEBUG_SSL_VERBOSE //Enable this define to get minimal
//reports when doing SSL read/write
//#define DUMP_BUFFER //Enable this define along with
@@ -2313,18 +2308,17 @@ ClientAuthDataRunnable::RunOnTargetThrea
if (!nicknames) {
goto loser;
}
NS_ASSERTION(nicknames->numnicknames == NumberOfCerts, "nicknames->numnicknames != NumberOfCerts");
// Get CN and O of the subject and O of the issuer
- UniquePtr<char, void(&)(void*)>
- ccn(CERT_GetCommonName(&mServerCert->subject), PORT_Free);
+ UniquePORTString ccn(CERT_GetCommonName(&mServerCert->subject));
NS_ConvertUTF8toUTF16 cn(ccn.get());
int32_t port;
mSocketInfo->GetPort(&port);
nsString cn_host_port;
if (ccn && strcmp(ccn.get(), hostname) == 0) {
cn_host_port.Append(cn);
@@ -2333,23 +2327,21 @@ ClientAuthDataRunnable::RunOnTargetThrea
} else {
cn_host_port.Append(cn);
cn_host_port.AppendLiteral(" (");
cn_host_port.Append(':');
cn_host_port.AppendInt(port);
cn_host_port.Append(')');
}
- char* corg = CERT_GetOrgName(&mServerCert->subject);
- NS_ConvertUTF8toUTF16 org(corg);
- if (corg) PORT_Free(corg);
-
- char* cissuer = CERT_GetOrgName(&mServerCert->issuer);
- NS_ConvertUTF8toUTF16 issuer(cissuer);
- if (cissuer) PORT_Free(cissuer);
+ UniquePORTString corg(CERT_GetOrgName(&mServerCert->subject));
+ NS_ConvertUTF8toUTF16 org(corg.get());
+
+ UniquePORTString cissuer(CERT_GetOrgName(&mServerCert->issuer));
+ NS_ConvertUTF8toUTF16 issuer(cissuer.get());
certNicknameList =
(char16_t**)moz_xmalloc(sizeof(char16_t*)* nicknames->numnicknames);
if (!certNicknameList)
goto loser;
certDetailsList =
(char16_t**)moz_xmalloc(sizeof(char16_t*)* nicknames->numnicknames);
if (!certDetailsList) {