OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_certificate.h" | 5 #include "net/base/x509_certificate.h" |
6 | 6 |
7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
8 #include <Security/Security.h> | 8 #include <Security/Security.h> |
9 #include <time.h> | 9 #include <time.h> |
10 | 10 |
(...skipping 453 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
464 return ERR_OUT_OF_MEMORY; | 464 return ERR_OUT_OF_MEMORY; |
465 ScopedCFTypeRef<CFArrayRef> scoped_cert_array(cert_array); | 465 ScopedCFTypeRef<CFArrayRef> scoped_cert_array(cert_array); |
466 CFArrayAppendValue(cert_array, cert_handle_); | 466 CFArrayAppendValue(cert_array, cert_handle_); |
467 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) | 467 for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) |
468 CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]); | 468 CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]); |
469 | 469 |
470 // From here on, only one thread can be active at a time. We have had a number | 470 // From here on, only one thread can be active at a time. We have had a number |
471 // of sporadic crashes in the SecTrustEvaluate call below, way down inside | 471 // of sporadic crashes in the SecTrustEvaluate call below, way down inside |
472 // Apple's cert code, which we suspect are caused by a thread-safety issue. | 472 // Apple's cert code, which we suspect are caused by a thread-safety issue. |
473 // So as a speculative fix allow only one thread to use SecTrust on this cert. | 473 // So as a speculative fix allow only one thread to use SecTrust on this cert. |
474 AutoLock lock(verification_lock_); | 474 base::AutoLock lock(verification_lock_); |
475 | 475 |
476 SecTrustRef trust_ref = NULL; | 476 SecTrustRef trust_ref = NULL; |
477 status = SecTrustCreateWithCertificates(cert_array, ssl_policy, &trust_ref); | 477 status = SecTrustCreateWithCertificates(cert_array, ssl_policy, &trust_ref); |
478 if (status) | 478 if (status) |
479 return NetErrorFromOSStatus(status); | 479 return NetErrorFromOSStatus(status); |
480 ScopedCFTypeRef<SecTrustRef> scoped_trust_ref(trust_ref); | 480 ScopedCFTypeRef<SecTrustRef> scoped_trust_ref(trust_ref); |
481 | 481 |
482 if (TestRootCerts::HasInstance()) { | 482 if (TestRootCerts::HasInstance()) { |
483 status = TestRootCerts::GetInstance()->FixupSecTrustRef(trust_ref); | 483 status = TestRootCerts::GetInstance()->FixupSecTrustRef(trust_ref); |
484 if (status) | 484 if (status) |
(...skipping 462 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
947 cert_chain, | 947 cert_chain, |
948 CFRangeMake(1, chain_count - 1)); | 948 CFRangeMake(1, chain_count - 1)); |
949 } | 949 } |
950 CFRelease(cert_chain); | 950 CFRelease(cert_chain); |
951 } | 951 } |
952 | 952 |
953 return chain.release(); | 953 return chain.release(); |
954 } | 954 } |
955 | 955 |
956 } // namespace net | 956 } // namespace net |
OLD | NEW |