Module Name: src
Committed By: riastradh
Date: Wed Oct 11 19:57:25 UTC 2023
Modified Files:
src/external/mpl/mozilla-certdata/share: certdata.awk
Log Message:
certdata.awk: Treat CKT_NSS_TRUSTED as untrusted _as a CA_.
This means the certificate is trusted for the listed purpose, not as
a CA to issue certificates for the listed purpose.
Clarify warning message in this case.
No change to imported certificates so no need to regen or pull up --
this designator does not actually appear in certdata.txt, only in
Mozilla nss source code.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/external/mpl/mozilla-certdata/share/certdata.awk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/mozilla-certdata/share/certdata.awk
diff -u src/external/mpl/mozilla-certdata/share/certdata.awk:1.1 src/external/mpl/mozilla-certdata/share/certdata.awk:1.2
--- src/external/mpl/mozilla-certdata/share/certdata.awk:1.1 Sat Aug 26 05:47:53 2023
+++ src/external/mpl/mozilla-certdata/share/certdata.awk Wed Oct 11 19:57:25 2023
@@ -160,7 +160,7 @@ function addtrust(trustfile, desc) {
return
}
trust_lineno[desc":"lolab] = NR
- if ($3 == "CKT_NSS_TRUSTED" || $3 == "CKT_NSS_TRUSTED_DELEGATOR") {
+ if ($3 == "CKT_NSS_TRUSTED_DELEGATOR") {
if (distrusted[lolab]) {
if (VERBOSE) {
printf "line %d: distrusted for %s\n", \
@@ -173,11 +173,12 @@ function addtrust(trustfile, desc) {
}
printf "%s\n", label >trustfile
}
- } else if ($3 == "CKT_NSS_MUST_VERIFY_TRUST" ||
+ } else if ($3 == "CKT_NSS_TRUSTED" ||
+ $3 == "CKT_NSS_MUST_VERIFY_TRUST" ||
$3 == "CKT_NSS_UNTRUSTED" ||
$3 == "CKT_NSS_NOT_TRUSTED") {
if (VERBOSE) {
- printf "line %d: untrusted for %s\n", \
+ printf "line %d: untrusted as CA for %s\n", \
NR, desc
}
} else {
