Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(404)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_mac.cc

Issue 452042: Define X509Certificate::intermediate_ca_certs_ as a std::vector of... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Update retain the result comment. Sync to ToT. Created 11 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/socket/ssl_client_socket_mac.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2008-2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket_mac.h" 5 #include "net/socket/ssl_client_socket_mac.h"
6 6
7 #include "base/scoped_cftyperef.h" 7 #include "base/scoped_cftyperef.h"
8 #include "base/singleton.h" 8 #include "base/singleton.h"
9 #include "base/string_util.h" 9 #include "base/string_util.h"
10 #include "net/base/cert_verifier.h" 10 #include "net/base/cert_verifier.h"
(...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after
279 const_cast<void*>(CFArrayGetValueAtIndex(certs, 0))); 279 const_cast<void*>(CFArrayGetValueAtIndex(certs, 0)));
280 CFRetain(server_cert); 280 CFRetain(server_cert);
281 X509Certificate *x509_cert = X509Certificate::CreateFromHandle( 281 X509Certificate *x509_cert = X509Certificate::CreateFromHandle(
282 server_cert, X509Certificate::SOURCE_FROM_NETWORK); 282 server_cert, X509Certificate::SOURCE_FROM_NETWORK);
283 if (!x509_cert) 283 if (!x509_cert)
284 return NULL; 284 return NULL;
285 285
286 // Add each of the intermediate certificates in the server's chain to the 286 // Add each of the intermediate certificates in the server's chain to the
287 // server's X509Certificate object. This makes them available to 287 // server's X509Certificate object. This makes them available to
288 // X509Certificate::Verify() for chain building. 288 // X509Certificate::Verify() for chain building.
289 // TODO(wtc): Since X509Certificate::CreateFromHandle may return a cached
290 // X509Certificate object, we may be adding intermediate CA certificates to
291 // it repeatedly!
289 CFIndex certs_length = CFArrayGetCount(certs); 292 CFIndex certs_length = CFArrayGetCount(certs);
290 for (CFIndex i = 1; i < certs_length; ++i) { 293 for (CFIndex i = 1; i < certs_length; ++i) {
291 SecCertificateRef cert_ref = reinterpret_cast<SecCertificateRef>( 294 SecCertificateRef cert_ref = reinterpret_cast<SecCertificateRef>(
292 const_cast<void*>(CFArrayGetValueAtIndex(certs, i))); 295 const_cast<void*>(CFArrayGetValueAtIndex(certs, i)));
296 CFRetain(cert_ref);
293 x509_cert->AddIntermediateCertificate(cert_ref); 297 x509_cert->AddIntermediateCertificate(cert_ref);
294 } 298 }
295 299
296 return x509_cert; 300 return x509_cert;
297 } 301 }
298 302
299 } // namespace 303 } // namespace
300 304
301 //----------------------------------------------------------------------------- 305 //-----------------------------------------------------------------------------
302 306
(...skipping 538 matching lines...) Expand 10 before | Expand all | Expand 10 after
841 if (total_read) { 845 if (total_read) {
842 memcpy(data, &us->recv_buffer_[0], total_read); 846 memcpy(data, &us->recv_buffer_[0], total_read);
843 us->recv_buffer_.clear(); 847 us->recv_buffer_.clear();
844 } 848 }
845 849
846 if (rv != ERR_IO_PENDING) 850 if (rv != ERR_IO_PENDING)
847 us->read_io_buf_ = NULL; 851 us->read_io_buf_ = NULL;
848 852
849 if (rv < 0) 853 if (rv < 0)
850 return OSStatusFromNetError(rv); 854 return OSStatusFromNetError(rv);
851 else if (rv == 0) // stream closed 855 else if (rv == 0) // stream closed
852 return errSSLClosedGraceful; 856 return errSSLClosedGraceful;
853 else 857 else
854 return noErr; 858 return noErr;
855 } 859 }
856 860
857 // static 861 // static
858 OSStatus SSLClientSocketMac::SSLWriteCallback(SSLConnectionRef connection, 862 OSStatus SSLClientSocketMac::SSLWriteCallback(SSLConnectionRef connection,
859 const void* data, 863 const void* data,
860 size_t* data_length) { 864 size_t* data_length) {
861 SSLClientSocketMac* us = 865 SSLClientSocketMac* us =
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
899 if (rv < 0 && rv != ERR_IO_PENDING) { 903 if (rv < 0 && rv != ERR_IO_PENDING) {
900 us->write_io_buf_ = NULL; 904 us->write_io_buf_ = NULL;
901 return OSStatusFromNetError(rv); 905 return OSStatusFromNetError(rv);
902 } 906 }
903 907
904 // always lie to our caller 908 // always lie to our caller
905 return noErr; 909 return noErr;
906 } 910 }
907 911
908 } // namespace net 912 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket_mac.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698