| Index: net/base/x509_certificate_openssl.cc
|
| diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc
|
| index 4280404db637a1cf5dc5a49bed1f6dde564f11d8..06ba6d0ad7b2a91abc426f9239efa92445c3d679 100644
|
| --- a/net/base/x509_certificate_openssl.cc
|
| +++ b/net/base/x509_certificate_openssl.cc
|
| @@ -307,6 +307,11 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {
|
| X509_free(cert_handle);
|
| }
|
|
|
| +// static
|
| +void X509Certificate::FreeOSCertListHandle(OSCertListHandle cert_list) {
|
| + sk_X509_pop_free(cert_list, X509_free);
|
| +}
|
| +
|
| void X509Certificate::Initialize() {
|
| base::EnsureOpenSSLInit();
|
| fingerprint_ = CalculateFingerprint(cert_handle_);
|
| @@ -353,6 +358,32 @@ bool X509Certificate::WriteCertHandleToPickle(OSCertHandle cert_handle,
|
| der_cache.data_length);
|
| }
|
|
|
| +X509Certificate::OSCertListHandle
|
| +X509Certificate::CreateOSCertListHandle() const {
|
| + STACK_OF(X509)* cert_list_handle = sk_X509_new_null();
|
| + if (!cert_list_handle)
|
| + return NULL;
|
| +
|
| + if (!sk_X509_push(cert_list_handle, DupOSCertHandle(cert_handle_))) {
|
| + FreeOSCertListHandle(cert_list_handle);
|
| + return NULL;
|
| + }
|
| +
|
| + bool ok = true;
|
| + for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {
|
| + if (!sk_X509_push(cert_list_handle,
|
| + DupOSCertHandle(intermediate_ca_certs_[i]))) {
|
| + ok = false;
|
| + break;
|
| + }
|
| + }
|
| + if (!ok) {
|
| + FreeOSCertListHandle(cert_list_handle);
|
| + return NULL;
|
| + }
|
| +
|
| + return cert_list_handle;
|
| +}
|
|
|
| // static
|
| X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes(
|
|
|
Chromium Code Reviews
Issue 2944008:
Refactor X509Certificate caching to cache the OS handle, rather than the X509Certificate (Closed)
