Index: net/base/x509_certificate_mac.cc |
diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc |
index 4afe307c24d66630098d56f3d80ba4490c29dfef..787c041c47fc931f15e7bb0c814565f8d22ea27e 100644 |
--- a/net/base/x509_certificate_mac.cc |
+++ b/net/base/x509_certificate_mac.cc |
@@ -755,6 +755,22 @@ void X509Certificate::GetDNSNames(std::vector<std::string>* dns_names) const { |
dns_names->push_back(subject_.common_name); |
} |
+X509Certificate::OSCertListHandle |
+X509Certificate::CreateOSCertListHandle() const { |
+ CFMutableArrayRef cert_list = |
+ CFArrayCreateMutable(kCFAllocatorDefault, 0, |
+ &kCFTypeArrayCallBacks); |
+ if (!cert_list) |
+ return NULL; |
+ |
+ CFArrayAppendValue(cert_list, cert_handle_); |
+ for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { |
+ CFArrayAppendValue(cert_list, intermediate_ca_certs_[i]); |
+ } |
wtc
2011/10/04 00:26:34
Remove curly braces.
A comment like lines 783-786
|
+ |
+ return cert_list; |
+} |
+ |
int X509Certificate::VerifyInternal(const std::string& hostname, |
int flags, |
CertVerifyResult* verify_result) const { |
@@ -768,14 +784,7 @@ int X509Certificate::VerifyInternal(const std::string& hostname, |
// array of certificates, the first of which is the certificate we're |
// verifying, and the subsequent (optional) certificates are used for |
// chain building. |
- CFMutableArrayRef cert_array = CFArrayCreateMutable(kCFAllocatorDefault, 0, |
- &kCFTypeArrayCallBacks); |
- if (!cert_array) |
- return ERR_OUT_OF_MEMORY; |
- ScopedCFTypeRef<CFArrayRef> scoped_cert_array(cert_array); |
- CFArrayAppendValue(cert_array, cert_handle_); |
- for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) |
- CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]); |
+ ScopedCFTypeRef<CFArrayRef> cert_array(CreateOSCertListHandle()); |
// From here on, only one thread can be active at a time. We have had a number |
// of sporadic crashes in the SecTrustEvaluate call below, way down inside |
@@ -1074,6 +1083,11 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { |
} |
// static |
+void X509Certificate::FreeOSCertListHandle(OSCertListHandle identity) { |
wtc
2011/10/04 00:26:34
identity => cert_list_handle
|
+ CFRelease(identity); |
+} |
+ |
+// static |
SHA1Fingerprint X509Certificate::CalculateFingerprint( |
OSCertHandle cert) { |
SHA1Fingerprint sha1; |