Index: net/base/x509_certificate_openssl.cc |
diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc |
index c672615319561d810ccd0e5afa5d311ab4a282ae..9c5951fbf9801660396d9291847aee18daeee0b2 100644 |
--- a/net/base/x509_certificate_openssl.cc |
+++ b/net/base/x509_certificate_openssl.cc |
@@ -307,6 +307,11 @@ void X509Certificate::FreeOSCertHandle(OSCertHandle cert_handle) { |
X509_free(cert_handle); |
} |
+// static |
+void X509Certificate::FreeOSCertListHandle(OSCertListHandle cert_list) { |
wtc
2011/10/04 00:26:34
cert_list => cert_list_handle
|
+ sk_X509_pop_free(cert_list, X509_free); |
+} |
+ |
void X509Certificate::Initialize() { |
crypto::EnsureOpenSSLInit(); |
fingerprint_ = CalculateFingerprint(cert_handle_); |
@@ -342,6 +347,34 @@ SHA1Fingerprint X509Certificate::CalculateFingerprint(OSCertHandle cert) { |
} |
// static |
+X509Certificate::OSCertListHandle |
+X509Certificate::CreateOSCertListHandle() const { |
wtc
2011/10/04 00:26:34
Change VerifyInternal to use CreateOSCertListHandl
|
+ STACK_OF(X509)* cert_list_handle = sk_X509_new_null(); |
+ if (!cert_list_handle) |
+ return NULL; |
+ |
+ if (!sk_X509_push(cert_list_handle, DupOSCertHandle(cert_handle_))) { |
+ FreeOSCertListHandle(cert_list_handle); |
+ return NULL; |
+ } |
+ |
+ bool ok = true; |
+ for (size_t i = 0; i < intermediate_ca_certs_.size(); ++i) { |
+ if (!sk_X509_push(cert_list_handle, |
+ DupOSCertHandle(intermediate_ca_certs_[i]))) { |
+ ok = false; |
+ break; |
+ } |
+ } |
+ if (!ok) { |
+ FreeOSCertListHandle(cert_list_handle); |
+ return NULL; |
+ } |
+ |
+ return cert_list_handle; |
+} |
+ |
+// static |
X509Certificate::OSCertHandle X509Certificate::CreateOSCertHandleFromBytes( |
const char* data, int length) { |
if (length < 0) |