Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(112)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_mac.cc

Issue 3052035: Mac: Look for issuer in a certificate chain instead of subject (Closed)
Patch Set: Add unit test Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/base/x509_certificate_unittest.cc » ('j') | net/base/x509_certificate_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include <CommonCrypto/CommonDigest.h> 7 #include <CommonCrypto/CommonDigest.h>
8 #include <Security/Security.h> 8 #include <Security/Security.h>
9 #include <time.h> 9 #include <time.h>
10 10
(...skipping 843 matching lines...) Expand 10 before | Expand all | Expand 10 after
854 // Check all the certs in the chain for a match. 854 // Check all the certs in the chain for a match.
855 int n = CFArrayGetCount(cert_chain); 855 int n = CFArrayGetCount(cert_chain);
856 for (int i = 0; i < n; ++i) { 856 for (int i = 0; i < n; ++i) {
857 SecCertificateRef cert_handle = reinterpret_cast<SecCertificateRef>( 857 SecCertificateRef cert_handle = reinterpret_cast<SecCertificateRef>(
858 const_cast<void*>(CFArrayGetValueAtIndex(cert_chain, i))); 858 const_cast<void*>(CFArrayGetValueAtIndex(cert_chain, i)));
859 scoped_refptr<X509Certificate> cert = X509Certificate::CreateFromHandle( 859 scoped_refptr<X509Certificate> cert = X509Certificate::CreateFromHandle(
860 cert_handle, 860 cert_handle,
861 X509Certificate::SOURCE_LONE_CERT_IMPORT, 861 X509Certificate::SOURCE_LONE_CERT_IMPORT,
862 X509Certificate::OSCertHandles()); 862 X509Certificate::OSCertHandles());
863 for (unsigned j = 0; j < valid_issuers.size(); j++) { 863 for (unsigned j = 0; j < valid_issuers.size(); j++) {
864 if (cert->subject().Matches(valid_issuers[j])) 864 if (cert->issuer().Matches(valid_issuers[j]))
wtc 2010/08/03 03:25:54 No wonder this bug looks familiar to me. I noted
865 return true; 865 return true;
866 } 866 }
867 } 867 }
868 return false; 868 return false;
869 } 869 }
870 870
871 // static 871 // static
872 OSStatus X509Certificate::CreateSSLClientPolicy(SecPolicyRef* out_policy) { 872 OSStatus X509Certificate::CreateSSLClientPolicy(SecPolicyRef* out_policy) {
873 CSSM_APPLE_TP_SSL_OPTIONS tp_ssl_options = { 873 CSSM_APPLE_TP_SSL_OPTIONS tp_ssl_options = {
874 CSSM_APPLE_TP_SSL_OPTS_VERSION, 874 CSSM_APPLE_TP_SSL_OPTS_VERSION,
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
987 } 987 }
988 CFRelease(cert_chain); 988 CFRelease(cert_chain);
989 } 989 }
990 exit: 990 exit:
991 if (result) 991 if (result)
992 LOG(ERROR) << "CreateIdentityCertificateChain error " << result; 992 LOG(ERROR) << "CreateIdentityCertificateChain error " << result;
993 return chain.release(); 993 return chain.release();
994 } 994 }
995 995
996 } // namespace net 996 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/base/x509_certificate_unittest.cc » ('j') | net/base/x509_certificate_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698