Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1927)

Unified Diff: net/cert/cert_database_mac.cc

Issue 2363653002: Cleanup unreachable cert adding code (Closed)
Patch Set: Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/cert/cert_database_mac.cc
diff --git a/net/cert/cert_database_mac.cc b/net/cert/cert_database_mac.cc
index 42e54c1c9735578a2a2042b3a195ae5dfd788fc7..34088e2f6aa241e21bdd518664a6a8c14dd3d3e1 100644
--- a/net/cert/cert_database_mac.cc
+++ b/net/cert/cert_database_mac.cc
@@ -104,7 +104,7 @@ OSStatus CertDatabase::Notifier::KeychainCallback(
switch (keychain_event) {
case kSecKeychainListChangedEvent:
case kSecTrustSettingsChangedEvent:
- that->cert_db_->NotifyObserversOfCACertChanged(NULL);
+ that->cert_db_->NotifyObserversCertDBChanged(NULL);
break;
default:
@@ -132,45 +132,4 @@ CertDatabase::~CertDatabase() {
notifier_.release()->Shutdown();
Ryan Sleevi 2016/09/22 08:44:29 In the future, cleaning this up would allow elimin
}
-int CertDatabase::CheckUserCert(X509Certificate* cert) {
- if (!cert)
- return ERR_CERT_INVALID;
- if (cert->HasExpired())
- return ERR_CERT_DATE_INVALID;
-
- // Verify the Keychain already has the corresponding private key:
- SecIdentityRef identity = NULL;
- OSStatus err = SecIdentityCreateWithCertificate(NULL, cert->os_cert_handle(),
- &identity);
- if (err == errSecItemNotFound)
- return ERR_NO_PRIVATE_KEY_FOR_CERT;
-
- if (err != noErr || !identity) {
- // TODO(snej): Map the error code more intelligently.
- return ERR_CERT_INVALID;
- }
-
- CFRelease(identity);
- return OK;
-}
-
-int CertDatabase::AddUserCert(X509Certificate* cert) {
- OSStatus err;
- {
- base::AutoLock locked(crypto::GetMacSecurityServicesLock());
- err = SecCertificateAddToKeychain(cert->os_cert_handle(), NULL);
- }
- switch (err) {
- case noErr:
- CertDatabase::NotifyObserversOfCertAdded(cert);
- // Fall through.
- case errSecDuplicateItem:
- return OK;
- default:
- OSSTATUS_LOG(ERROR, err) << "CertDatabase failed to add cert to keychain";
- // TODO(snej): Map the error code more intelligently.
- return ERR_ADD_USER_CERT_FAILED;
- }
-}
-
} // namespace net

Powered by Google App Engine
This is Rietveld 408576698