net/base/x509_certificate_mac.cc - Issue 7324039: Ensure X509Certificate::OSCertHandles are safe to be used on both UI and IO threads on Win

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/base/x509_certificate_mac.cc

Issue 7324039: Ensure X509Certificate::OSCertHandles are safe to be used on both UI and IO threads on Win (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/x509_certificate_mac.cc

diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc

index 4afe307c24d66630098d56f3d80ba4490c29dfef..787c041c47fc931f15e7bb0c814565f8d22ea27e 100644

--- a/net/base/x509_certificate_mac.cc

+++ b/net/base/x509_certificate_mac.cc

@@ -755,6 +755,22 @@ void X509Certificate::GetDNSNames(std::vector<std::string>* dns_names) const {

dns_names->push_back(subject_.common_name);

}

+X509Certificate::OSCertListHandle

+X509Certificate::CreateOSCertListHandle() const {

+ CFMutableArrayRef cert_list =

+ CFArrayCreateMutable(kCFAllocatorDefault, 0,

+ &kCFTypeArrayCallBacks);

+ if (!cert_list)

+ return NULL;

+ CFArrayAppendValue(cert_list, cert_handle_);

+ for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) {

+ CFArrayAppendValue(cert_list, intermediate_ca_certs_[i]);

+ }

wtc 2011/10/04 00:26:34 Remove curly braces. A comment like lines 783-786

+ return cert_list;

int X509Certificate::VerifyInternal(const std::string& hostname,

int flags,

CertVerifyResult* verify_result) const {

@@ -768,14 +784,7 @@ int X509Certificate::VerifyInternal(const std::string& hostname,

// array of certificates, the first of which is the certificate we're

// verifying, and the subsequent (optional) certificates are used for

// chain building.

- CFMutableArrayRef cert_array = CFArrayCreateMutable(kCFAllocatorDefault, 0,

- &kCFTypeArrayCallBacks);

- if (!cert_array)

- return ERR_OUT_OF_MEMORY;

- ScopedCFTypeRef<CFArrayRef> scoped_cert_array(cert_array);

- CFArrayAppendValue(cert_array, cert_handle_);

- for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i)

- CFArrayAppendValue(cert_array, intermediate_ca_certs_[i]);

+ ScopedCFTypeRef<CFArrayRef> cert_array(CreateOSCertListHandle());

// From here on, only one thread can be active at a time. We have had a number

// of sporadic crashes in the SecTrustEvaluate call below, way down inside

@@ -1074,6 +1083,11 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) {

}

// static

+void X509Certificate::FreeOSCertListHandle(OSCertListHandle identity) {

wtc 2011/10/04 00:26:34 identity => cert_list_handle

+ CFRelease(identity);

+// static

SHA1Fingerprint X509Certificate::CalculateFingerprint(

OSCertHandle cert) {

SHA1Fingerprint sha1;

« net/base/x509_certificate.h ('K') | « net/base/x509_certificate.h ('k') | net/base/x509_certificate_nss.cc » ('j') | net/base/x509_certificate_nss.cc » ('J')