static PRStatus add_subject_entry ( nssCertificateStore *store, NSSCertificate *cert ) { PRStatus nssrv; nssList *subjectList; subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject); if (subjectList) { /* The subject is already in, add this cert to the list */ nssrv = nssList_AddUnique(subjectList, cert); } else { /* Create a new subject list for the subject */ subjectList = nssList_Create(NULL, PR_FALSE); if (!subjectList) { return PR_FAILURE; } nssList_SetSortFunction(subjectList, nssCertificate_SubjectListSort); /* Add the cert entry to this list of subjects */ nssrv = nssList_Add(subjectList, cert); if (nssrv != PR_SUCCESS) { return nssrv; } /* Add the subject list to the cache */ nssrv = nssHash_Add(store->subject, &cert->subject, subjectList); } return nssrv; }
NSS_IMPLEMENT PRStatus STAN_LoadDefaultNSS3TrustDomain ( void ) { NSSTrustDomain *td; SECMODModuleList *mlp; SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock(); int i; if (g_default_trust_domain || g_default_crypto_context) { /* Stan is already initialized or a previous shutdown failed. */ nss_SetError(NSS_ERROR_ALREADY_INITIALIZED); return PR_FAILURE; } td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL); if (!td) { return PR_FAILURE; } /* * Deadlock warning: we should never acquire the moduleLock while * we hold the tokensLock. We can use the NSSRWLock Rank feature to * guarrentee this. tokensLock have a higher rank than module lock. */ td->tokenList = nssList_Create(td->arena, PR_TRUE); if (!td->tokenList) { goto loser; } SECMOD_GetReadLock(moduleLock); NSSRWLock_LockWrite(td->tokensLock); for (mlp = SECMOD_GetDefaultModuleList(); mlp != NULL; mlp=mlp->next) { for (i=0; i < mlp->module->slotCount; i++) { STAN_InitTokenForSlotInfo(td, mlp->module->slots[i]); } } td->tokens = nssList_CreateIterator(td->tokenList); NSSRWLock_UnlockWrite(td->tokensLock); SECMOD_ReleaseReadLock(moduleLock); if (!td->tokens) { goto loser; } g_default_crypto_context = NSSTrustDomain_CreateCryptoContext(td, NULL); if (!g_default_crypto_context) { goto loser; } g_default_trust_domain = td; return PR_SUCCESS; loser: NSSTrustDomain_Destroy(td); return PR_FAILURE; }