Fix for 290121. Replace PRIntervalTime with PRTime when checking for the need to query the token for CRLs. r=nelson
authorjulien.pierre.bugs%sun.com
Sun, 17 Apr 2005 03:17:07 +0000
changeset 5625 4afb405c9bc020eed4c41bb339e1b7badd7f0db8
parent 5622 9348efcfc569f6fd2a6b96284b836c17fa9a76ca
child 5626 464a285a6c14e470ee3b14e35cc45d69dc585824
push idunknown
push userunknown
push dateunknown
reviewersnelson
bugs290121
Fix for 290121. Replace PRIntervalTime with PRTime when checking for the need to query the token for CRLs. r=nelson
security/nss/lib/certdb/certi.h
security/nss/lib/certdb/crl.c
--- a/security/nss/lib/certdb/certi.h
+++ b/security/nss/lib/certdb/certi.h
@@ -164,19 +164,19 @@ struct CRLDPCacheStr {
     PRUint16 invalid;       /* this state will be set if either
              CRL_CACHE_INVALID_CRLS or CRL_CACHE_LAST_FETCH_FAILED is set.
              In those cases, all certs are considered revoked as a
              security precaution. The invalid state can only be cleared
              during an update if all error states are cleared */
     PRBool refresh;        /* manual refresh from tokens has been forced */
     PRBool mustchoose;     /* trigger reselection algorithm, for case when
                               RAM CRL objects are dropped from the cache */
-    PRIntervalTime lastfetch; /* time a CRL token fetch was last performed */
-    PRIntervalTime lastcheck; /* time CRL token objects were last checked for
-                                 existence */
+    PRTime lastfetch;      /* time a CRL token fetch was last performed */
+    PRTime lastcheck;      /* time CRL token objects were last checked for
+                              existence */
 };
 
 /*  CRL issuer cache object
     This object tracks all the distribution point caches for a given issuer.
     XCRL once we support multiple issuing distribution points, this object
     will be a hash table. For now, it just holds the single CRL distribution
     point cache structure.
 */
--- a/security/nss/lib/certdb/crl.c
+++ b/security/nss/lib/certdb/crl.c
@@ -1061,29 +1061,26 @@ PreAllocator* PreAllocator_Create(PRSize
 }
 
 /* global CRL cache object */
 static CRLCache crlcache = { NULL, NULL };
 
 /* initial state is off */
 static PRBool crlcache_initialized = PR_FALSE;
 
-PRIntervalTime oneminute = 0;
-PRIntervalTime tenminutes = 0;
-
-PRIntervalTime CRLCache_Empty_TokenFetch_Interval; /* how often
+PRTime CRLCache_Empty_TokenFetch_Interval = 60 * 1000000; /* how often
     to query the tokens for CRL objects, in order to discover new objects, if
-    the cache does not contain any token CRLs */
+    the cache does not contain any token CRLs . In microseconds */
 
-PRIntervalTime CRLCache_TokenRefetch_Interval; /* how often
+PRTime CRLCache_TokenRefetch_Interval = 600 * 1000000 ; /* how often
     to query the tokens for CRL objects, in order to discover new objects, if
-    the cache already contains token CRLs */
+    the cache already contains token CRLs In microseconds */
 
-PRIntervalTime CRLCache_ExistenceCheck_Interval; /* how often to check if
-    a token CRL object still exists */
+PRTime CRLCache_ExistenceCheck_Interval = 60 * 1000000; /* how often to check
+    if a token CRL object still exists. In microseconds */
 
 /* this function is called at NSS initialization time */
 SECStatus InitCRLCache(void)
 {
     if (PR_FALSE == crlcache_initialized)
     {
         PORT_Assert(NULL == crlcache.lock);
         PORT_Assert(NULL == crlcache.issuers);
@@ -1109,19 +1106,16 @@ SECStatus InitCRLCache(void)
 #ifdef GLOBAL_RWLOCK
             NSSRWLock_Destroy(crlcache.lock);
 #else
             PR_DestroyLock(crlcache.lock);
 #endif
             crlcache.lock = NULL;
             return SECFailure;
         }
-        CRLCache_Empty_TokenFetch_Interval = CRLCache_ExistenceCheck_Interval
-            = oneminute = PR_SecondsToInterval(60);
-        CRLCache_TokenRefetch_Interval = tenminutes = PR_SecondsToInterval(600);
         crlcache_initialized = PR_TRUE;
         return SECSuccess;
     }
     else
     {
         PORT_Assert(crlcache.lock);
         PORT_Assert(crlcache.issuers);
         if ( (NULL == crlcache.lock) || (NULL == crlcache.issuers) )
@@ -1747,18 +1741,18 @@ static SECStatus DPCache_GetUpToDate(CRL
        yet, as we have no way of getting notified of new PKCS#11 object
        creation that happens in a token  */
     SECStatus rv = SECSuccess;
     PRUint32 i = 0;
     PRBool forcedrefresh = PR_FALSE;
     PRBool dirty = PR_FALSE; /* whether something was changed in the
                                 cache state during this update cycle */
     PRBool hastokenCRLs = PR_FALSE;
-    PRIntervalTime now = 0;
-    PRIntervalTime lastfetch = 0;
+    PRTime now = 0;
+    PRTime lastfetch = 0;
 
     if (!cache)
     {
         PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
         return SECFailure;
     }
 
     /* first, make sure we have obtained all the CRLs we need.
@@ -1771,17 +1765,17 @@ static SECStatus DPCache_GetUpToDate(CRL
        5) cache contains token CRLs, and it's been more than 10 minutes since
           the last fetch
     */
     forcedrefresh = cache->refresh;
     lastfetch = cache->lastfetch;
     if (PR_TRUE != forcedrefresh && 
         (!(cache->invalid & CRL_CACHE_LAST_FETCH_FAILED)))
     {
-        now = PR_IntervalNow();
+        now = PR_Now();
         hastokenCRLs = DPCache_HasTokenCRLs(cache);
     }
     if ( (0 == lastfetch) ||
 
          (PR_TRUE == forcedrefresh) ||
 
          (cache->invalid & CRL_CACHE_LAST_FETCH_FAILED) ||
 
@@ -1801,35 +1795,35 @@ static SECStatus DPCache_GetUpToDate(CRL
         {
             /* we are the first */
             rv = DPCache_FetchFromTokens(cache, vfdate, wincx);
             if (PR_TRUE == cache->refresh)
             {
                 cache->refresh = PR_FALSE; /* clear refresh state */
             }
             dirty = PR_TRUE;
-            cache->lastfetch = PR_IntervalNow();
+            cache->lastfetch = PR_Now();
         }
         DPCache_UnlockWrite();
     }
 
     /* now, make sure we have no extraneous CRLs (deleted token objects)
        we'll do this inexpensive existence check either
        1) if there was a token object fetch
        2) every minute */
     if (( PR_TRUE != dirty) && (!now) )
     {
-        now = PR_IntervalNow();
+        now = PR_Now();
     }
     if ( (PR_TRUE == dirty) ||
          ( (now - cache->lastcheck > CRLCache_ExistenceCheck_Interval) ||
            (now < cache->lastcheck)) )
     {
         PRBool mustunlock = PR_FALSE;
-        PRIntervalTime lastcheck = cache->lastcheck;
+        PRTime lastcheck = cache->lastcheck;
         /* check if all CRLs still exist */
         for (i = 0; (i < cache->ncrls) ; i++)
         {
             CachedCrl* savcrl = cache->crls[i];
             if ( (!savcrl) || (savcrl && CRL_OriginToken != savcrl->origin))
             {
                 /* we only want to check token CRLs */
                 continue;
@@ -1852,17 +1846,17 @@ static SECStatus DPCache_GetUpToDate(CRL
                     dirty = PR_TRUE;
                 }
                 /* stay locked here intentionally so we do all the other
                    updates in this thread for the remaining CRLs */
             }
         }
         if (PR_TRUE == mustunlock)
         {
-            cache->lastcheck = PR_IntervalNow();
+            cache->lastcheck = PR_Now();
             DPCache_UnlockWrite();
             mustunlock = PR_FALSE;
         }
     }
 
     /* add issuer certificate if it was previously unavailable */
     if (issuer && (NULL == cache->issuer) &&
         (SECSuccess == CERT_CheckCertUsage(issuer, KU_CRL_SIGN)))