Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(602)

Side by Side Diff: chromeos/network/client_cert_util.cc

Issue 145273015: Fix a leak in client_cert_resolver (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebased Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chromeos/network/client_cert_resolver.cc ('k') | tools/valgrind/memcheck/suppressions.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chromeos/network/client_cert_util.h" 5 #include "chromeos/network/client_cert_util.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 9
10 #include <list> 10 #include <list>
11 #include <string> 11 #include <string>
12 #include <vector> 12 #include <vector>
13 13
14 #include "base/values.h" 14 #include "base/values.h"
15 #include "chromeos/network/certificate_pattern.h" 15 #include "chromeos/network/certificate_pattern.h"
16 #include "net/base/net_errors.h" 16 #include "net/base/net_errors.h"
17 #include "net/cert/cert_database.h" 17 #include "net/cert/cert_database.h"
18 #include "net/cert/nss_cert_database.h" 18 #include "net/cert/nss_cert_database.h"
19 #include "net/cert/scoped_nss_types.h"
19 #include "net/cert/x509_cert_types.h" 20 #include "net/cert/x509_cert_types.h"
20 #include "net/cert/x509_certificate.h" 21 #include "net/cert/x509_certificate.h"
21 #include "third_party/cros_system_api/dbus/service_constants.h" 22 #include "third_party/cros_system_api/dbus/service_constants.h"
22 23
23 namespace chromeos { 24 namespace chromeos {
24 25
25 namespace client_cert { 26 namespace client_cert {
26 27
27 namespace { 28 namespace {
28 29
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 // Functor to filter out certs that don't have an issuer in the associated 65 // Functor to filter out certs that don't have an issuer in the associated
65 // IssuerCAPEMs list. 66 // IssuerCAPEMs list.
66 class IssuerCaFilter { 67 class IssuerCaFilter {
67 public: 68 public:
68 explicit IssuerCaFilter(const std::vector<std::string>& issuer_ca_pems) 69 explicit IssuerCaFilter(const std::vector<std::string>& issuer_ca_pems)
69 : issuer_ca_pems_(issuer_ca_pems) {} 70 : issuer_ca_pems_(issuer_ca_pems) {}
70 bool operator()(const scoped_refptr<net::X509Certificate>& cert) const { 71 bool operator()(const scoped_refptr<net::X509Certificate>& cert) const {
71 // Find the certificate issuer for each certificate. 72 // Find the certificate issuer for each certificate.
72 // TODO(gspencer): this functionality should be available from 73 // TODO(gspencer): this functionality should be available from
73 // X509Certificate or NSSCertDatabase. 74 // X509Certificate or NSSCertDatabase.
74 CERTCertificate* issuer_cert = CERT_FindCertIssuer( 75 net::ScopedCERTCertificate issuer_cert(CERT_FindCertIssuer(
75 cert.get()->os_cert_handle(), PR_Now(), certUsageAnyCA); 76 cert.get()->os_cert_handle(), PR_Now(), certUsageAnyCA));
76 77
77 if (!issuer_cert) 78 if (!issuer_cert)
78 return true; 79 return true;
79 80
80 std::string pem_encoded; 81 std::string pem_encoded;
81 if (!net::X509Certificate::GetPEMEncoded(issuer_cert, &pem_encoded)) { 82 if (!net::X509Certificate::GetPEMEncoded(issuer_cert.get(),
83 &pem_encoded)) {
82 LOG(ERROR) << "Couldn't PEM-encode certificate."; 84 LOG(ERROR) << "Couldn't PEM-encode certificate.";
83 return true; 85 return true;
84 } 86 }
85 87
86 return (std::find(issuer_ca_pems_.begin(), issuer_ca_pems_.end(), 88 return (std::find(issuer_ca_pems_.begin(), issuer_ca_pems_.end(),
87 pem_encoded) == 89 pem_encoded) ==
88 issuer_ca_pems_.end()); 90 issuer_ca_pems_.end());
89 } 91 }
90 private: 92 private:
91 const std::vector<std::string>& issuer_ca_pems_; 93 const std::vector<std::string>& issuer_ca_pems_;
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after
270 return !cert_id.empty() && !key_id.empty() && !identity.empty(); 272 return !cert_id.empty() && !key_id.empty() && !identity.empty();
271 } 273 }
272 } 274 }
273 NOTREACHED(); 275 NOTREACHED();
274 return false; 276 return false;
275 } 277 }
276 278
277 } // namespace client_cert 279 } // namespace client_cert
278 280
279 } // namespace chromeos 281 } // namespace chromeos
OLDNEW
« no previous file with comments | « chromeos/network/client_cert_resolver.cc ('k') | tools/valgrind/memcheck/suppressions.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698