Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(683)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/ssl/client_cert_store_chromeos.cc

Issue 1274143002: ClientCertStoreChromeOS: support additional non-platform certs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Remove inefficient filtering Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/profiles/profile_io_data.cc ('K') | « net/ssl/client_cert_store_chromeos.h ('k') | net/ssl/client_cert_store_chromeos_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/ssl/client_cert_store_chromeos.cc
diff --git a/net/ssl/client_cert_store_chromeos.cc b/net/ssl/client_cert_store_chromeos.cc
index a4abef0244e9e7211a9e49c76e38c6dabb6c03f1..1a909a976d2c788bcb83db3663ecc01309ebd85e 100644
--- a/net/ssl/client_cert_store_chromeos.cc
+++ b/net/ssl/client_cert_store_chromeos.cc
@@ -20,6 +20,7 @@ class CertNotAllowedPredicate {
explicit CertNotAllowedPredicate(
const ClientCertStoreChromeOS::CertFilter& filter)
: filter_(filter) {}
+
bool operator()(const scoped_refptr<X509Certificate>& cert) const {
return !filter_.IsCertAllowed(cert);
}
@@ -31,11 +32,12 @@ class CertNotAllowedPredicate {
} // namespace
ClientCertStoreChromeOS::ClientCertStoreChromeOS(
+ const CertificateList& additional_certs,
scoped_ptr<CertFilter> cert_filter,
const PasswordDelegateFactory& password_delegate_factory)
: ClientCertStoreNSS(password_delegate_factory),
- cert_filter_(cert_filter.Pass()) {
-}
+ additional_certs_(additional_certs),
+ cert_filter_(cert_filter.Pass()) {}
ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {}
@@ -65,12 +67,28 @@ void ClientCertStoreChromeOS::GetClientCertsImpl(
cert_list, request, query_nssdb, selected_certs);
size_t pre_size = selected_certs->size();
- selected_certs->erase(std::remove_if(selected_certs->begin(),
- selected_certs->end(),
- CertNotAllowedPredicate(*cert_filter_)),
- selected_certs->end());
+ selected_certs->erase(
+ std::remove_if(selected_certs->begin(), selected_certs->end(),
+ CertNotAllowedPredicate(*cert_filter_)),
+ selected_certs->end());
+
DVLOG(1) << "filtered " << pre_size - selected_certs->size() << " of "
<< pre_size << " certs";
+
+ // Additionally to the matching certs from the platform's store, allow
+ // matching certificates from |additional_certs_|.
+ CERTCertList* additional_cert_list = CERT_NewCertList();
+ for (const auto& cert : additional_certs_) {
+ CERT_AddCertToListTail(additional_cert_list,
+ CERT_DupCertificate(cert->os_cert_handle()));
+ }
+ CertificateList filtered_additional_certs;
+ ClientCertStoreNSS::GetClientCertsImpl(
+ additional_cert_list, request, query_nssdb, &filtered_additional_certs);
+
+ selected_certs->insert(selected_certs->end(),
+ filtered_additional_certs.begin(),
+ filtered_additional_certs.end());
}
void ClientCertStoreChromeOS::CertFilterInitialized(
« chrome/browser/profiles/profile_io_data.cc ('K') | « net/ssl/client_cert_store_chromeos.h ('k') | net/ssl/client_cert_store_chromeos_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698