Ubuntu
firefox-3.0 package

Bug #376484
Comment #15

Comment 15 for bug 376484

Revision history for this message

In Mozilla Bugzilla #159483, Wan-Teh Chang (wtc-google) wrote on 2007-11-03:

#15

If anyone would like to write a patch, the starting point is the
CERT_VerifyCertName function:
http://lxr.mozilla.org/security/ident?i=CERT_VerifyCertName

The actual matching is done in the cert_TestHostName function:
http://lxr.mozilla.org/security/ident?i=cert_TestHostName

which delegates pattern matching to the PORT_RegExpCaseSearch
function:
http://lxr.mozilla.org/security/ident?i=PORT_RegExpCaseSearch

Note on the backward compatibility of exported NSS functions:

Since PORT_RegExpCaseSearch will be exported for the first time
in the upcoming NSS 3.12 release, if a patch for this bug is accepted
before NSS 3.12 is released, we can change PORT_RegExpCaseSearch
directly. Otherwise, we will need to add a new function that
does the RFC-compliant pattern matching.

Alternatively, we can move nss/lib/util/portreg.{h,c} to
nss/lib/certdb so that the PORT_RegExpCaseSearch doesn't need
to be exported from the new libnssutil3.so shared library in
NSS 3.12.

Ubuntufirefox-3.0 package

Comment 15 for bug 376484

Ubuntu
firefox-3.0 package