Introduce a typedef for users of the SSL cert trust bits. This allows lots of callers wishing to refer to "a bitfield composed of these values" to use an explicit type instead of "int". I find the resulting code to be noticeably clearer, and a similar change for another type exposed a bug where not having an explicit type allowed a function argument ordering bug to creep in, so I claim this is safer too.

The constants are still defined using an enum, because due to how macros like EXPECT_EQ are implemented, converting to use the typedef requires either separating the constant declarations and definitions (reducing readability) or converting EXPECT_EQ(b, a) -> EXPECT_TRUE (a == b) in various places. BUG=92247 TEST=Compiles Review URL: http://codereview.chromium.org/7823006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@101989 0039d316-1c4b-4281-b951-d872f2087c98
author: pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-09-20 18:44:54 +0000
committer: pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-09-20 18:44:54 +0000
commit: c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45 (patch)
tree: 3c634bd1944153837a88d4b209a7eb985c4c0add /net/third_party
parent: d5a0913eae47ba1dbf0c50429b02f65963dde5fd (diff)
download: chromium_src-c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45.zip
chromium_src-c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45.tar.gz
chromium_src-c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45.tar.bz2
2 files changed, 8 insertions, 8 deletions
diff --git a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
index a430889..3e50cd1 100644
--- a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
+++ b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.cpp
@@ -54,7 +54,7 @@ namespace mozilla_security_manager {
 // Based on nsNSSCertificateDB::handleCACertDownload, minus the UI bits.
 bool ImportCACerts(const net::CertificateList& certificates,
                    net::X509Certificate* root,
-                   unsigned int trustBits,
+                   net::CertDatabase::TrustBits trustBits,
                    net::CertDatabase::ImportCertFailureList* not_imported) {
   crypto::ScopedPK11Slot slot(crypto::GetPublicNSSKeySlot());
   if (!slot.get()) {
@@ -200,7 +200,7 @@ bool ImportServerCert(const net::CertificateList& certificates,
 bool
 SetCertTrust(const net::X509Certificate* cert,
              net::CertType type,
-             unsigned int trusted)
+             net::CertDatabase::TrustBits trustBits)
 {
   SECStatus srv;
   nsNSSCertTrust trust;
@@ -208,16 +208,16 @@ SetCertTrust(const net::X509Certificate* cert,
   if (type == net::CA_CERT) {
     // always start with untrusted and move up
     trust.SetValidCA();
-    trust.AddCATrust(trusted & net::CertDatabase::TRUSTED_SSL,
-                     trusted & net::CertDatabase::TRUSTED_EMAIL,
-                     trusted & net::CertDatabase::TRUSTED_OBJ_SIGN);
+    trust.AddCATrust(trustBits & net::CertDatabase::TRUSTED_SSL,
+                     trustBits & net::CertDatabase::TRUSTED_EMAIL,
+                     trustBits & net::CertDatabase::TRUSTED_OBJ_SIGN);
     srv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
                                nsscert,
                                trust.GetTrust());
   } else if (type == net::SERVER_CERT) {
     // always start with untrusted and move up
     trust.SetValidPeer();
-    trust.AddPeerTrust(trusted & net::CertDatabase::TRUSTED_SSL, 0, 0);
+    trust.AddPeerTrust(trustBits & net::CertDatabase::TRUSTED_SSL, 0, 0);
     srv = CERT_ChangeCertTrust(CERT_GetDefaultCertDB(),
                                nsscert,
                                trust.GetTrust());
diff --git a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.h b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.h
index f41c60e..29acaf9 100644
--- a/net/third_party/mozilla_security_manager/nsNSSCertificateDB.h
+++ b/net/third_party/mozilla_security_manager/nsNSSCertificateDB.h
@@ -54,7 +54,7 @@ namespace mozilla_security_manager {
 
 bool ImportCACerts(const net::CertificateList& certificates,
                    net::X509Certificate* root,
-                   unsigned int trustBits,
+                   net::CertDatabase::TrustBits trustBits,
                    net::CertDatabase::ImportCertFailureList* not_imported);
 
 bool ImportServerCert(const net::CertificateList& certificates,
@@ -62,7 +62,7 @@ bool ImportServerCert(const net::CertificateList& certificates,
 
 bool SetCertTrust(const net::X509Certificate* cert,
                   net::CertType type,
-                  unsigned int trusted);
+                  net::CertDatabase::TrustBits trustBits);
 
 }  // namespace mozilla_security_manager
author	pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-09-20 18:44:54 +0000
committer	pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-09-20 18:44:54 +0000
commit	c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45 (patch)
tree	3c634bd1944153837a88d4b209a7eb985c4c0add /net/third_party
parent	d5a0913eae47ba1dbf0c50429b02f65963dde5fd (diff)
download	chromium_src-c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45.zip chromium_src-c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45.tar.gz chromium_src-c79b784d1fe54002f3ed259c9ffcaa2a71c9cf45.tar.bz2