Bug 1312158 - Stop using Scoped.h NSS types under netwerk/. r?nwgh
Scoped.h is deprecated.
MozReview-Commit-ID: AKfsw0lqTfw
--- a/netwerk/base/TLSServerSocket.cpp
+++ b/netwerk/base/TLSServerSocket.cpp
@@ -108,29 +108,30 @@ TLSServerSocket::CreateClientTransport(P
nsresult
TLSServerSocket::OnSocketListen()
{
if (NS_WARN_IF(!mServerCert)) {
return NS_ERROR_NOT_INITIALIZED;
}
- ScopedCERTCertificate cert(mServerCert->GetCert());
+ UniqueCERTCertificate cert(mServerCert->GetCert());
if (NS_WARN_IF(!cert)) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
- ScopedSECKEYPrivateKey key(PK11_FindKeyByAnyCert(cert, nullptr));
+ UniqueSECKEYPrivateKey key(PK11_FindKeyByAnyCert(cert.get(), nullptr));
if (NS_WARN_IF(!key)) {
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
}
- SSLKEAType certKEA = NSS_FindCertKEAType(cert);
+ SSLKEAType certKEA = NSS_FindCertKEAType(cert.get());
- nsresult rv = MapSECStatus(SSL_ConfigSecureServer(mFD, cert, key, certKEA));
+ nsresult rv = MapSECStatus(SSL_ConfigSecureServer(mFD, cert.get(), key.get(),
+ certKEA));
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
return NS_OK;
}
// static
@@ -452,17 +453,17 @@ TLSServerConnectionInfo::HandshakeCallba
}
}
nsresult
TLSServerConnectionInfo::HandshakeCallback(PRFileDesc* aFD)
{
nsresult rv;
- ScopedCERTCertificate clientCert(SSL_PeerCertificate(aFD));
+ UniqueCERTCertificate clientCert(SSL_PeerCertificate(aFD));
if (clientCert) {
nsCOMPtr<nsIX509CertDB> certDB =
do_GetService(NS_X509CERTDB_CONTRACTID, &rv);
if (NS_FAILED(rv)) {
return rv;
}
nsCOMPtr<nsIX509Cert> clientCertPSM;
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -1802,17 +1802,17 @@ nsHttpChannel::ProcessSSLInformation()
AddSecurityMessage(consoleErrorTag, consoleErrorCategory);
}
}
// Send (SHA-1) signature algorithm errors to the web console
nsCOMPtr<nsIX509Cert> cert;
sslstat->GetServerCert(getter_AddRefs(cert));
if (cert) {
- ScopedCERTCertificate nssCert(cert->GetCert());
+ UniqueCERTCertificate nssCert(cert->GetCert());
if (nssCert) {
SECOidTag tag = SECOID_GetAlgorithmTag(&nssCert->signature);
LOG(("Checking certificate signature: The OID tag is %i [this=%p]\n", tag, this));
// Check to see if the signature is sha-1 based.
// Not including checks for SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE
// from http://tools.ietf.org/html/rfc2437#section-8 since I
// can't see reference to it outside this spec
if (tag == SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION ||