Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(309)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate.cc

Issue 2867026: Make X509Certificate::CreateFromHandle() copy the OSCertHandle, rather than assume ownership (Closed)
Patch Set: Deleted one comment too many Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #if defined(OS_MACOSX) 7 #if defined(OS_MACOSX)
8 #include <Security/Security.h> 8 #include <Security/Security.h>
9 #elif defined(USE_NSS) 9 #elif defined(USE_NSS)
10 #include <cert.h> 10 #include <cert.h>
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after
134 // Check if we already have this certificate in memory. 134 // Check if we already have this certificate in memory.
135 X509Certificate::Cache* cache = X509Certificate::Cache::GetInstance(); 135 X509Certificate::Cache* cache = X509Certificate::Cache::GetInstance();
136 X509Certificate* cached_cert = 136 X509Certificate* cached_cert =
137 cache->Find(CalculateFingerprint(cert_handle)); 137 cache->Find(CalculateFingerprint(cert_handle));
138 if (cached_cert) { 138 if (cached_cert) {
139 DCHECK(cached_cert->source_ != SOURCE_UNUSED); 139 DCHECK(cached_cert->source_ != SOURCE_UNUSED);
140 if (cached_cert->source_ > source || 140 if (cached_cert->source_ > source ||
141 (cached_cert->source_ == source && 141 (cached_cert->source_ == source &&
142 cached_cert->HasIntermediateCertificates(intermediates))) { 142 cached_cert->HasIntermediateCertificates(intermediates))) {
143 // Return the certificate with the same fingerprint from our cache. 143 // Return the certificate with the same fingerprint from our cache.
144 // But we own the input OSCertHandle, which makes it our job to free it.
145 FreeOSCertHandle(cert_handle);
146 DHISTOGRAM_COUNTS("X509CertificateReuseCount", 1); 144 DHISTOGRAM_COUNTS("X509CertificateReuseCount", 1);
147 return cached_cert; 145 return cached_cert;
148 } 146 }
149 // Else the new cert is better and will replace the old one in the cache. 147 // Else the new cert is better and will replace the old one in the cache.
150 } 148 }
151 149
152 // Otherwise, allocate and cache a new object. 150 // Otherwise, allocate and cache a new object.
153 X509Certificate* cert = new X509Certificate(cert_handle, source, 151 X509Certificate* cert = new X509Certificate(cert_handle, source,
154 intermediates); 152 intermediates);
155 cache->Insert(cert); 153 cache->Insert(cert);
156 return cert; 154 return cert;
157 } 155 }
158 156
159 // static 157 // static
160 X509Certificate* X509Certificate::CreateFromBytes(const char* data, 158 X509Certificate* X509Certificate::CreateFromBytes(const char* data,
161 int length) { 159 int length) {
162 OSCertHandle cert_handle = CreateOSCertHandleFromBytes(data, length); 160 OSCertHandle cert_handle = CreateOSCertHandleFromBytes(data, length);
163 if (!cert_handle) 161 if (!cert_handle)
164 return NULL; 162 return NULL;
165 163
166 return CreateFromHandle(cert_handle, 164 X509Certificate* cert = CreateFromHandle(cert_handle,
167 SOURCE_LONE_CERT_IMPORT, 165 SOURCE_LONE_CERT_IMPORT,
168 OSCertHandles()); 166 OSCertHandles());
167 FreeOSCertHandle(cert_handle);
168 return cert;
169 } 169 }
170 170
171 X509Certificate::X509Certificate(OSCertHandle cert_handle, 171 X509Certificate::X509Certificate(OSCertHandle cert_handle,
172 Source source, 172 Source source,
173 const OSCertHandles& intermediates) 173 const OSCertHandles& intermediates)
174 : cert_handle_(cert_handle), 174 : cert_handle_(DupOSCertHandle(cert_handle)),
175 source_(source) { 175 source_(source) {
176 #if defined(OS_MACOSX) || defined(OS_WIN) 176 #if defined(OS_MACOSX) || defined(OS_WIN)
177 // Copy/retain the intermediate cert handles. 177 // Copy/retain the intermediate cert handles.
178 for (size_t i = 0; i < intermediates.size(); ++i) 178 for (size_t i = 0; i < intermediates.size(); ++i)
179 intermediate_ca_certs_.push_back(DupOSCertHandle(intermediates[i])); 179 intermediate_ca_certs_.push_back(DupOSCertHandle(intermediates[i]));
180 #endif 180 #endif
181 // Platform-specific initialization. 181 // Platform-specific initialization.
182 Initialize(); 182 Initialize();
183 } 183 }
184 184
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
224 224
225 bool X509Certificate::HasIntermediateCertificates(const OSCertHandles& certs) { 225 bool X509Certificate::HasIntermediateCertificates(const OSCertHandles& certs) {
226 for (size_t i = 0; i < certs.size(); ++i) { 226 for (size_t i = 0; i < certs.size(); ++i) {
227 if (!HasIntermediateCertificate(certs[i])) 227 if (!HasIntermediateCertificate(certs[i]))
228 return false; 228 return false;
229 } 229 }
230 return true; 230 return true;
231 } 231 }
232 232
233 } // namespace net 233 } // namespace net
OLDNEW
« no previous file with comments | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_mac.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698