Related: tdf#95144 Revert fixes for bad casts and unused fields

Revert "Bad cast from SanExtensionImpl to CertificateExtension_XmlSecImpl" This reverts commit 321b8ff8. Revert "loplugin:singlevalfields in writerfilter and xmlsec" This reverts commit a25327e4. cause these two together mean that we get a certificate is invalid dialog when the cert is perfectly fine on loading https sources Change-Id: Id8c1fb5ece4ecc0035500ce0b822a6b248d14282

Related: tdf#95144 Revert fixes for bad casts and unused fields
Revert "Bad cast from SanExtensionImpl to CertificateExtension_XmlSecImpl" This reverts commit 321b8ff8. Revert "loplugin:singlevalfields in writerfilter and xmlsec" This reverts commit a25327e4. cause these two together mean that we get a certificate is invalid dialog when the cert is perfectly fine on loading https sources Change-Id: Id8c1fb5ece4ecc0035500ce0b822a6b248d14282
2c110872 · Caolán McNamara · d778cb3d · 2c110872 · 2c110872 · 2c110872
Kaydet (Commit) 2c110872 authored Tem 28, 2016 tarafından Caolán McNamara
3 changed files
--- a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx
@@ -39,7 +39,9 @@ using namespace ::com::sun::star::security ;
 using ::com::sun::star::security::XCertificateExtension ;


-SanExtensionImpl::SanExtensionImpl() {
+SanExtensionImpl::SanExtensionImpl() :
+m_critical( false )
+{
 }

 SanExtensionImpl::~SanExtensionImpl() {
@@ -48,7 +50,7 @@ SanExtensionImpl::~SanExtensionImpl() {

 //Methods from XCertificateExtension
 sal_Bool SAL_CALL SanExtensionImpl::isCritical() throw( css::uno::RuntimeException, std::exception ) {
-    return false;
+    return m_critical ;
 }

 css::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl::getExtensionId() throw( css::uno::RuntimeException, std::exception ) {

--- a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx
+++ b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx
@@ -34,6 +34,7 @@ class SanExtensionImpl : public ::cppu::WeakImplHelper<
    css::security::XSanExtension >
 {
    private:
+        bool m_critical ;
        css::uno::Sequence< sal_Int8 > m_xExtnId ;
        css::uno::Sequence< sal_Int8 > m_xExtnValue ;
        css::uno::Sequence< css::security::CertAltNameEntry > m_Entries;

--- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx
@@ -28,7 +28,6 @@

 #include <sal/config.h>
 #include <comphelper/servicehelper.hxx>
-#include <rtl/ref.hxx>
 #include "x509certificate_nssimpl.hxx"

 #include "certificateextension_xmlsecimpl.hxx"
@@ -179,6 +178,8 @@ css::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectUniqu
 css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl::getExtensions() throw ( css::uno::RuntimeException, std::exception) {
    if( m_pCert != nullptr && m_pCert->extensions != nullptr ) {
        CERTCertExtension** extns ;
+        CertificateExtension_XmlSecImpl* pExtn ;
+        bool crit ;
        int len ;

        for( len = 0, extns = m_pCert->extensions; *extns != nullptr; len ++, extns ++ ) ;
@@ -197,13 +198,10 @@ css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension >
                objID = oidString;

            if ( objID.equals("2.5.29.17") )
-                xExtns[len] = reinterpret_cast<CertificateExtension_XmlSecImpl*>(new SanExtensionImpl());
+                pExtn = reinterpret_cast<CertificateExtension_XmlSecImpl*>(new SanExtensionImpl());
            else
-            {
-                CertificateExtension_XmlSecImpl* pExtn
-                    = new CertificateExtension_XmlSecImpl() ;
+                pExtn = new CertificateExtension_XmlSecImpl() ;

-                bool crit ;
            if( (*extns)->critical.data == nullptr )
                crit = false ;
            else
@@ -212,7 +210,6 @@ css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension >

            xExtns[len] = pExtn ;
        }
-        }

        return xExtns ;
    } else {
@@ -222,31 +219,28 @@ css::uno::Sequence< css::uno::Reference< css::security::XCertificateExtension >

 css::uno::Reference< css::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl::findCertificateExtension( const css::uno::Sequence< sal_Int8 >& oid ) throw (css::uno::RuntimeException, std::exception) {
    if( m_pCert != nullptr && m_pCert->extensions != nullptr ) {
+        CertificateExtension_XmlSecImpl* pExtn ;
        CERTCertExtension** extns ;
        SECItem idItem ;
+        bool crit ;

        idItem.data = reinterpret_cast<unsigned char *>(const_cast<sal_Int8 *>(oid.getConstArray()));
        idItem.len = oid.getLength() ;

-        css::uno::Reference<css::security::XCertificateExtension> pExtn;
+        pExtn = nullptr ;
        for( extns = m_pCert->extensions; *extns != nullptr; extns ++ ) {
            if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) {
                const SECItem id = (*extns)->id;
                OString objId(CERT_GetOidString(&id));
                if ( objId.equals("OID.2.5.29.17") )
-                    pExtn = new SanExtensionImpl();
+                    pExtn = reinterpret_cast<CertificateExtension_XmlSecImpl*>(new SanExtensionImpl());
                else
-                {
-                    rtl::Reference<CertificateExtension_XmlSecImpl> x(
-                        new CertificateExtension_XmlSecImpl());
-                    bool crit ;
+                    pExtn = new CertificateExtension_XmlSecImpl() ;
                if( (*extns)->critical.data == nullptr )
                    crit = false ;
                else
                    crit = (*extns)->critical.data[0] == 0xFF;
-                    x->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ;
-                    pExtn = x.get();
-                }
+                pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ;
                break;
            }
        }