Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(142)

Unified Diff: net/base/x509_certificate.h

Issue 7324039: Ensure X509Certificate::OSCertHandles are safe to be used on both UI and IO threads on Win (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Mac fix Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/base/x509_certificate.h
diff --git a/net/base/x509_certificate.h b/net/base/x509_certificate.h
index 1a8b23324e947fff9805b5626ea5ee9735120866..1abbdcdb13e9663e6aecaf507127b115e587a34c 100644
--- a/net/base/x509_certificate.h
+++ b/net/base/x509_certificate.h
@@ -28,8 +28,7 @@
#include "base/synchronization/lock.h"
#elif defined(USE_OPENSSL)
// Forward declaration; real one in <x509.h>
-struct x509_st;
-typedef struct x509_store_st X509_STORE;
+typedef struct x509_st X509;
#elif defined(USE_NSS)
// Forward declaration; real one in <cert.h>
struct CERTCertificateStr;
@@ -55,15 +54,15 @@ typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
class NET_EXPORT X509Certificate
: public base::RefCountedThreadSafe<X509Certificate> {
public:
- // A handle to the certificate object in the underlying crypto library.
- // We assume that OSCertHandle is a pointer type on all platforms and
- // NULL is an invalid OSCertHandle.
+ // An OSCertHandle is a handle to a single certificate object in the
wtc 2011/10/16 14:55:49 Nit: remove "single". Now that OSCertListHandle i
+ // underlying crypto library. We assume that OSCertHandle is a pointer type
+ // on all platforms and that NULL represents an invalid OSCertHandle.
#if defined(OS_WIN)
typedef PCCERT_CONTEXT OSCertHandle;
#elif defined(OS_MACOSX)
typedef SecCertificateRef OSCertHandle;
#elif defined(USE_OPENSSL)
- typedef struct x509_st* OSCertHandle;
+ typedef X509* OSCertHandle;
#elif defined(USE_NSS)
typedef struct CERTCertificateStr* OSCertHandle;
#else
@@ -347,6 +346,10 @@ class NET_EXPORT X509Certificate
// The content of the DER encoded certificate is written to |encoded|.
bool GetDEREncoded(std::string* encoded);
+ // Returns the current OSCertHandle.
wtc 2011/10/16 14:55:49 Nit: "the current OSCertHandle" is not clear. How
+ // Note: On Windows, CryptoAPI may return unexpected results if this handle
+ // is used on multiple threads. See x509_util::CreateOSCertChainForCert() in
+ // net/base/x509_util_win.h for more details.
OSCertHandle os_cert_handle() const { return cert_handle_; }
// Returns true if two OSCertHandles refer to identical certificates.

Powered by Google App Engine
This is Rietveld 408576698