Changeset 60332 in vbox for trunk

Timestamp:

Apr 5, 2016 12:32:22 PM (9 years ago)

Author:

vboxsync

Message:

ApplianceImpl: The what's needed to determine the trusted state of the certificate is already all there, no need of extra variables. Also: Data members shall start with 'm' unless obvious (like with 'm->xxx'). There shall be space after 'if'. A 'bool' shall under no circumstances start with a 'l' prefix.

Location:

trunk/src/VBox/Main

Files:

• include/ApplianceImpl.h (modified) (1 diff)
• src-server/ApplianceImpl.cpp (modified) (3 diffs)
• src-server/ApplianceImplImport.cpp (modified) (5 diffs)

trunk/src/VBox/Main/include/ApplianceImpl.h

@@ -115 +115 @@
     VirtualBox* const mVirtualBox;
 
-    ComObjPtr<Certificate> pCertificateInfo;
+    ComObjPtr<Certificate> mptrCertificateInfo;
     struct ImportStack;
     class TaskOVF;

trunk/src/VBox/Main/src-server/ApplianceImpl.cpp

@@ -410 +410 @@
     AssertReturn(m->m_pSecretKeyStore, E_FAIL);
 
-    pCertificateInfo.createObject();
-    pCertificateInfo->init(this);
+    mptrCertificateInfo.createObject();
+    mptrCertificateInfo->init(this);
 
     i_initApplianceIONameMap();
@@ -522 +522 @@
 HRESULT Appliance::getCertificate(ComPtr<ICertificate> &aCertificateInfo)
 {
-
     AutoReadLock alock(this COMMA_LOCKVAL_SRC_POS);
 
@@ -528 +527 @@
         return E_ACCESSDENIED;
 
-
-        pCertificateInfo.queryInterfaceTo(aCertificateInfo.asOutParam());
-
-
+/** @todo r=bird: What about when there is no signature and certificate? */
+    mptrCertificateInfo.queryInterfaceTo(aCertificateInfo.asOutParam());
     return S_OK;
 }

trunk/src/VBox/Main/src-server/ApplianceImplImport.cpp

@@ -1716 +1716 @@
      * digest that is encrypted with the certificate in the latter part.
      */
-    bool lTrusted = false;
-
     if (m->pbSignedDigest)
     {
@@ -1810 +1808 @@
              * is acceptible.  But, first make sure it makes internal sense.
              */
-            m->fCertificateMissingPath = false;
+            m->fCertificateMissingPath = false; /** @todo need to check if the certificate is trusted by the system! */
             vrc = RTCrX509Certificate_VerifySignatureSelfSigned(&m->SignerCert, RTErrInfoInitStatic(&StaticErrInfo));
             if (RT_SUCCESS(vrc))
@@ -1831 +1829 @@
                 if (   !m->SignerCert.TbsCertificate.T3.pBasicConstraints
                     || !m->SignerCert.TbsCertificate.T3.pBasicConstraints->CA.fValue)
-                {
                     i_addWarning(tr("Self signed certificate used to sign '%s' is not marked as certificate authority (CA)"),
                                  pTask->locInfo.strPath.c_str());
-                }
-                else
-                    lTrusted = true;
             }
             else
@@ -1920 +1914 @@
                             else
                                 hrc2 = setErrorVrc(vrc, "RTCrX509CertPathsSetValidTimeSpec failed: %Rrc", vrc);
-
-                            if(RT_SUCCESS(vrc))
-                                lTrusted = true;
                         }
                         else if (vrc == VERR_CR_X509_CPV_NO_TRUSTED_PATHS)
@@ -1959 +1950 @@
 
     /** @todo provide details about the signatory, signature, etc.  */
-    if(m->fSignerCertLoaded)
-    {
-        pCertificateInfo->initCertificate(&m->SignerCert, lTrusted);
-    }
+    if (m->fSignerCertLoaded)
+        mptrCertificateInfo->initCertificate(&m->SignerCert, m->fCertificateValid && !m->fCertificateMissingPath);
 
     /*