Re: epiphany-browser update for stable

[Josselin Mouette <joss@debian.org>]

Le lundi 03 novembre 2008 à 12:53 +0100, Philipp Kern a écrit :
> > As I haven’t received an answer from the security team (RT#882), and as
> > the fix is not that urgent, should I upload it to s-p-u?
> 
> Would you mind to create a diff of the original certManager.js and the
> overridden one?

Sure, here it is.

Cheers,
-- 
 .''`.
: :' :      We are debian.org. Lower your prices, surrender your code.
`. `'       We will add your hardware and software distinctiveness to
  `-        our own. Resistance is futile.

--- /usr/share/xulrunner/chrome/pippki/content/pippki/certManager.js	2005-06-02 03:22:42.000000000 +0200
+++ debian/certManager.js	2008-10-28 13:59:40.000000000 +0100
@@ -343,52 +343,36 @@
   if (!numcerts)
     return;
 
-  var params = Components.classes[nsDialogParamBlock].createInstance(nsIDialogParamBlock);
-  
   var bundle = srGetStrBundle("chrome://pippki/locale/pippki.properties");
   var selTab = document.getElementById('certMgrTabbox').selectedItem;
   var selTabID = selTab.getAttribute('id');
   var t;
-
-  params.SetNumberStrings(numcerts+1);
+  var confirmtext;
 
   if (selTabID == 'mine_tab') 
   {
-    params.SetString(0,bundle.GetStringFromName("deleteUserCertFlag"));
+    confirmtext = bundle.GetStringFromName("deleteUserCertConfirm");
   } 
   else if (selTabID == "websites_tab") 
   {
-    params.SetString(0,bundle.GetStringFromName("deleteSslCertFlag"));
+    confirmtext = bundle.GetStringFromName("deleteSslCertConfirm");
   } 
   else if (selTabID == "ca_tab") 
   {
-    params.SetString(0,bundle.GetStringFromName("deleteCaCertFlag"));
+    confirmtext = bundle.GetStringFromName("deleteCaCertConfirm");
   }
   else if (selTabID == "others_tab") 
   {
-    params.SetString(0,bundle.GetStringFromName("deleteEmailCertFlag"));
+    confirmtext = bundle.GetStringFromName("deleteEmailCertConfirm");
   }
   else
   {
     return;
   }
-
-  params.SetInt(0,numcerts);
-  for (t=0; t<numcerts; t++) 
-  {
-    var cert = selected_certs[t];
-    params.SetString(t+1, cert.dbKey);  
-  }
   
-  // The dialog will modify the params.
-  // Every param item where the corresponding cert could get deleted,
-  // will still contain the db key.
-  // Certs which could not get deleted, will have their corrensponding
-  // param string erased.
-  window.openDialog('chrome://pippki/content/deletecert.xul', "",
-                    'chrome,centerscreen,modal', params);
+  var oktodelete = confirm (confirmtext);
  
-  if (params.GetInt(1) == 1) {
+  if (oktodelete) {
     // user closed dialog with OK
     var treeView = null;
     var loadParam = null;
@@ -409,15 +393,22 @@
       loadParam = nsIX509Cert.CA_CERT;
     }
 
-    for (t=numcerts-1; t>=0; t--)
+    for(var i=0;i<selected_certs.length;i++)
     {
-      var s = params.GetString(t+1);
-      if (s.length) {
-        // This cert was deleted.
-        treeView.removeCert(selected_cert_index[t]);
+      if (selected_certs[i]) {
+        try {
+          certdb.deleteCertificate(selected_certs[i]);
+        }
+        catch (e) { }
+        selected_certs[i] = null;
       }
     }
 
+    for (t=numcerts-1; t>=0; t--)
+    {      
+      treeView.removeCert(selected_cert_index[t]);
+    }
+
     treeView.selection.clearSelection();
   }
 }

Attachment: signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=