Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(145)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_certificate_win.cc

Issue 7473009: Revert r92977 partially to fix a certificate verification regression (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_certificate.cc ('K') | « net/base/x509_certificate.cc ('k') | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_certificate.h" 5 #include "net/base/x509_certificate.h"
6 6
7 #include "base/lazy_instance.h"
7 #include "base/logging.h" 8 #include "base/logging.h"
8 #include "base/pickle.h" 9 #include "base/pickle.h"
9 #include "base/sha1.h" 10 #include "base/sha1.h"
10 #include "base/string_tokenizer.h" 11 #include "base/string_tokenizer.h"
11 #include "base/string_util.h" 12 #include "base/string_util.h"
12 #include "base/utf_string_conversions.h" 13 #include "base/utf_string_conversions.h"
13 #include "crypto/rsa_private_key.h" 14 #include "crypto/rsa_private_key.h"
14 #include "crypto/scoped_capi_types.h" 15 #include "crypto/scoped_capi_types.h"
15 #include "net/base/asn1_util.h" 16 #include "net/base/asn1_util.h"
16 #include "net/base/cert_status_flags.h" 17 #include "net/base/cert_status_flags.h"
(...skipping 618 matching lines...) Expand 10 before | Expand all | Expand 10 after
635 } else if (ip_addrs && 636 } else if (ip_addrs &&
636 entry.dwAltNameChoice == CERT_ALT_NAME_IP_ADDRESS) { 637 entry.dwAltNameChoice == CERT_ALT_NAME_IP_ADDRESS) {
637 ip_addrs->push_back(std::string( 638 ip_addrs->push_back(std::string(
638 reinterpret_cast<const char*>(entry.IPAddress.pbData), 639 reinterpret_cast<const char*>(entry.IPAddress.pbData),
639 entry.IPAddress.cbData)); 640 entry.IPAddress.cbData));
640 } 641 }
641 } 642 }
642 } 643 }
643 } 644 }
644 645
646 class GlobalCertStore {
647 public:
648 HCERTSTORE cert_store() {
649 return cert_store_;
650 }
651
652 private:
653 friend struct base::DefaultLazyInstanceTraits<GlobalCertStore>;
654
655 GlobalCertStore()
656 : cert_store_(CertOpenStore(CERT_STORE_PROV_MEMORY, 0, NULL, 0, NULL)) {
657 }
658
659 ~GlobalCertStore() {
660 CertCloseStore(cert_store_, 0 /* flags */);
661 }
662
663 const HCERTSTORE cert_store_;
664
665 DISALLOW_COPY_AND_ASSIGN(GlobalCertStore);
666 };
667
668 static base::LazyInstance<GlobalCertStore,
669 base::LeakyLazyInstanceTraits<GlobalCertStore> >
670 g_cert_store(base::LINKER_INITIALIZED);
wtc 2011/07/20 19:25:04 rsleevi: I made this lazy instance leaky based on
671
672 // static
673 HCERTSTORE X509Certificate::cert_store() {
674 return g_cert_store.Get().cert_store();
675 }
676
645 int X509Certificate::VerifyInternal(const std::string& hostname, 677 int X509Certificate::VerifyInternal(const std::string& hostname,
646 int flags, 678 int flags,
647 CertVerifyResult* verify_result) const { 679 CertVerifyResult* verify_result) const {
648 if (!cert_handle_) 680 if (!cert_handle_)
649 return ERR_UNEXPECTED; 681 return ERR_UNEXPECTED;
650 682
651 // Build and validate certificate chain. 683 // Build and validate certificate chain.
652 CERT_CHAIN_PARA chain_para; 684 CERT_CHAIN_PARA chain_para;
653 memset(&chain_para, 0, sizeof(chain_para)); 685 memset(&chain_para, 0, sizeof(chain_para));
654 chain_para.cbSize = sizeof(chain_para); 686 chain_para.cbSize = sizeof(chain_para);
(...skipping 348 matching lines...) Expand 10 before | Expand all | Expand 10 after
1003 if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0], 1035 if (!CertSerializeCertificateStoreElement(cert_handle, 0, &buffer[0],
1004 &length)) { 1036 &length)) {
1005 return false; 1037 return false;
1006 } 1038 }
1007 1039
1008 return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]), 1040 return pickle->WriteData(reinterpret_cast<const char*>(&buffer[0]),
1009 length); 1041 length);
1010 } 1042 }
1011 1043
1012 } // namespace net 1044 } // namespace net
OLDNEW
« net/base/x509_certificate.cc ('K') | « net/base/x509_certificate.cc ('k') | net/socket/ssl_client_socket_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698