Bug 409091, SSL Client Auth prompt should indicate port number r=rrelyea, a1.9=mtschrep
authorkaie@kuix.de
Tue, 22 Jan 2008 15:47:55 -0800
changeset 10549 5d0ce48d3bed9843e08c6964dd28352d6bbbc9a8
parent 10548 4d6ca12ae9a7843992dacfb990003e9dfe038182
child 10550 a2564480351b362767b7d63684d792fdce7dfaad
push idunknown
push userunknown
push dateunknown
reviewersrrelyea
bugs409091
milestone1.9b3pre
Bug 409091, SSL Client Auth prompt should indicate port number r=rrelyea, a1.9=mtschrep
security/manager/ssl/src/nsNSSIOLayer.cpp
--- a/security/manager/ssl/src/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
@@ -2542,18 +2542,37 @@ SECStatus nsNSS_SSLGetClientAuthData(voi
     serverCert = SSL_PeerCertificate(socket);
     if (serverCert == NULL) {
       /* couldn't get the server cert: what do I do? */
       goto loser;
     }
 
     /* Get CN and O of the subject and O of the issuer */
     char *ccn = CERT_GetCommonName(&serverCert->subject);
+    charCleaner ccnCleaner(ccn);
     NS_ConvertUTF8toUTF16 cn(ccn);
-    if (ccn) PORT_Free(ccn);
+
+    PRInt32 port;
+    info->GetPort(&port);
+    char *hostname = SSL_RevealURL(socket);
+    charCleaner hostnameCleaner(hostname);
+
+    nsString cn_host_port;
+    if (ccn && strcmp(ccn, hostname) == 0) {
+      cn_host_port.Append(cn);
+      cn_host_port.AppendLiteral(":");
+      cn_host_port.AppendInt(port);
+    }
+    else {
+      cn_host_port.Append(cn);
+      cn_host_port.AppendLiteral(" (");
+      cn_host_port.AppendLiteral(":");
+      cn_host_port.AppendInt(port);
+      cn_host_port.AppendLiteral(")");
+    }
 
     char *corg = CERT_GetOrgName(&serverCert->subject);
     NS_ConvertUTF8toUTF16 org(corg);
     if (corg) PORT_Free(corg);
 
     char *cissuer = CERT_GetOrgName(&serverCert->issuer);
     NS_ConvertUTF8toUTF16 issuer(cissuer);
     if (cissuer) PORT_Free(cissuer);
@@ -2610,17 +2629,17 @@ SECStatus nsNSS_SSLGetClientAuthData(voi
     }
 
     {
       nsPSMUITracker tracker;
       if (tracker.isUIForbidden()) {
         rv = NS_ERROR_NOT_AVAILABLE;
       }
       else {
-        rv = dialogs->ChooseCertificate(info, cn.get(), org.get(), issuer.get(), 
+        rv = dialogs->ChooseCertificate(info, cn_host_port.get(), org.get(), issuer.get(), 
           (const PRUnichar**)certNicknameList, (const PRUnichar**)certDetailsList,
           CertsToUse, &selectedIndex, &canceled);
       }
     }
 
     NS_RELEASE(dialogs);
     NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(CertsToUse, certNicknameList);
     NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(CertsToUse, certDetailsList);