[Mac] Add locking as speculative fix for X509Certificate crashes.

net/base/x509_certificate_mac.cc

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/x509_certificate.h"
 
 #include <CommonCrypto/CommonDigest.h>
 #include <Security/Security.h>
 #include <time.h>
 
@@ skipping 429 matching lines @@
   // chain building.
   CFMutableArrayRef cert_array = CFArrayCreateMutable(kCFAllocatorDefault, 0,
                                                       &kCFTypeArrayCallBacks);
   if (!cert_array)
     return ERR_OUT_OF_MEMORY;
   scoped_cftyperef<CFArrayRef> scoped_cert_array(cert_array);
   CFArrayAppendValue(cert_array, cert_handle_);
   for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i)
     CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]);
 
+  // From here on, only one thread can be active at a time.

[wtc, 2010/04/27 00:06:43]

It would be nice to explain why you break the Verify method
into two parts at this point.

I guess the code before this point can clearly be executed
by multiple threads.  After this point, it's less clear.
And we know for sure that we do not want multiple threads
to call SecTrustEvaluate (line 503) simultaneously.

+  AutoLock lock(lock_);
+
   SecTrustRef trust_ref = NULL;
   status = SecTrustCreateWithCertificates(cert_array, ssl_policy, &trust_ref);
   if (status)
     return NetErrorFromOSStatus(status);
   scoped_cftyperef<SecTrustRef> scoped_trust_ref(trust_ref);
 
   // Set the trusted anchor certificates for the SecTrustRef by merging the
   // system trust anchors and the test root certificate.
   CFArrayRef anchor_array =
       Singleton<MacTrustedCertificates>::get()->CopyTrustedCertificateArray();
@@ skipping 401 matching lines @@
     }
     CFRelease(cert_chain);
   }
 exit:
   if (result)
     LOG(ERROR) << "CreateIdentityCertificateChain error " << result;
   return chain.release();
 }
 
 }  // namespace net