static PRStatus
remove_subject_entry (
nssTDCertificateCache *cache,
NSSCertificate *cert,
nssList **subjectList,
NSSUTF8 **nickname,
NSSArena **arena
)
{
PRStatus nssrv;
cache_entry *ce;
*subjectList = NULL;
*arena = NULL;
/* Get the subject list for the cert's subject */
ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
if (ce) {
/* Remove the cert from the subject hash */
nssList_Remove(ce->entry.list, cert);
*subjectList = ce->entry.list;
*nickname = ce->nickname;
*arena = ce->arena;
nssrv = PR_SUCCESS;
#ifdef DEBUG_CACHE
log_cert_ref("removed cert", cert);
log_item_dump("from subject list", &cert->subject);
#endif
} else {
nssrv = PR_FAILURE;
}
return nssrv;
}
static void
remove_subject_entry (
nssCertificateStore *store,
NSSCertificate *cert
)
{
nssList *subjectList;
/* Get the subject list for the cert's subject */
subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
if (subjectList) {
/* Remove the cert from the subject hash */
nssList_Remove(subjectList, cert);
nssHash_Remove(store->subject, &cert->subject);
if (nssList_Count(subjectList) == 0) {
nssList_Destroy(subjectList);
} else {
/* The cert being released may have keyed the subject entry.
* Since there are still subject certs around, get another and
* rekey the entry just in case.
*/
NSSCertificate *subjectCert;
(void)nssList_GetArray(subjectList, (void **)&subjectCert, 1);
nssHash_Add(store->subject, &subjectCert->subject, subjectList);
}
}
}
/*
* must be called holding the ModuleListLock (either read or write).
*/
NSS_IMPLEMENT SECStatus
STAN_RemoveModuleFromDefaultTrustDomain(
SECMODModule *module)
{
NSSToken *token;
NSSTrustDomain *td;
int i;
td = STAN_GetDefaultTrustDomain();
for (i = 0; i < module->slotCount; i++) {
token = PK11Slot_GetNSSToken(module->slots[i]);
if (token) {
nssToken_NotifyCertsNotVisible(token);
NSSRWLock_LockWrite(td->tokensLock);
nssList_Remove(td->tokenList, token);
NSSRWLock_UnlockWrite(td->tokensLock);
PK11Slot_SetNSSToken(module->slots[i], NULL);
nssToken_Destroy(token);
}
}
NSSRWLock_LockWrite(td->tokensLock);
nssListIterator_Destroy(td->tokens);
td->tokens = nssList_CreateIterator(td->tokenList);
NSSRWLock_UnlockWrite(td->tokensLock);
return SECSuccess;
}
static PRStatus
remove_email_entry(
nssTDCertificateCache *cache,
NSSCertificate *cert,
nssList *subjectList)
{
PRStatus nssrv = PR_FAILURE;
cache_entry *ce;
/* Find the subject list in the email hash */
if (cert->email) {
ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
if (ce) {
nssList *subjects = ce->entry.list;
/* Remove the subject list from the email hash */
if (subjects) {
nssList_Remove(subjects, subjectList);
#ifdef DEBUG_CACHE
log_item_dump("removed subject list", &cert->subject);
PR_LOG(s_log, PR_LOG_DEBUG, ("for email %s", cert->email));
#endif
if (nssList_Count(subjects) == 0) {
/* No more subject lists for email, delete list and
* remove hash entry
*/
(void)nssList_Destroy(subjects);
nssHash_Remove(cache->email, cert->email);
/* there are no entries left for this address, free space
* used for email entries
*/
nssArena_Destroy(ce->arena);
#ifdef DEBUG_CACHE
PR_LOG(s_log, PR_LOG_DEBUG, ("removed email %s", cert->email));
#endif
}
}
nssrv = PR_SUCCESS;
}
}
return nssrv;
}
