author David Keeler <>
Fri, 04 Mar 2016 17:06:33 -0800
changeset 339997 9bce48571e58ecd43272623e852db3b83c4f1ed4
parent 338795 38bf4f8e55bcc609eaeda0e7b5666f91f82a9a6c
child 348993 578d34eb32f82b45b986f0d724c78df00ac09f55
permissions -rw-r--r--
bug 1228175 - fix IsCertBuiltInRoot r?Cykesiopka r?mgoodwin When a built-in root certificate has its trust changed from the default value, the platform has to essentially create a copy of it in the read/write certificate database with the new trust settings. At that point, the desired behavior is that the platform still considers that certificate a built-in root. Before this patch, this would indeed happen for the duration of that run of the platform, but as soon as it restarted, the certificate in question would only appear to be from the read/write database, and thus was not considered a built-in root. This patch changes the test of built-in-ness to explicitly search the built-in certificate slot for the certificate in question. If found, it is considered a built-in root. MozReview-Commit-ID: HCtZpPQVEGZ

# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at