Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(174)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/x509_util_mac.cc

Issue 2373533003: Mac: Use SecPolicyCreateSSL instead of CreatePolicy(&CSSMOID_APPLE_TP_SSL, ...) (Closed)
Patch Set: Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/x509_util_mac.cc
diff --git a/net/cert/x509_util_mac.cc b/net/cert/x509_util_mac.cc
index 3e71be1d7755804f064223008c82b4d86fc3bb3b..4e891e0812b782f0424e8eb5d73d9a174bb0e09b 100644
--- a/net/cert/x509_util_mac.cc
+++ b/net/cert/x509_util_mac.cc
@@ -6,6 +6,8 @@
#include "base/logging.h"
#include "base/mac/mac_util.h"
+#include "base/mac/scoped_cftyperef.h"
+#include "base/strings/sys_string_conversions.h"
#include "third_party/apple_apsl/cssmapplePriv.h"
namespace net {
@@ -52,29 +54,25 @@ OSStatus CreatePolicy(const CSSM_OID* policy_oid,
OSStatus CreateSSLClientPolicy(SecPolicyRef* policy) {
- CSSM_APPLE_TP_SSL_OPTIONS tp_ssl_options;
- memset(&tp_ssl_options, 0, sizeof(tp_ssl_options));
- tp_ssl_options.Version = CSSM_APPLE_TP_SSL_OPTS_VERSION;
- tp_ssl_options.Flags |= CSSM_APPLE_TP_SSL_CLIENT;
-
- return CreatePolicy(&CSSMOID_APPLE_TP_SSL, &tp_ssl_options,
- sizeof(tp_ssl_options), policy);
+ *policy = SecPolicyCreateSSL(false /* server */, nullptr);
+ // XXX check *policy is not null?
+ return noErr;
Ryan Sleevi 2016/09/27 22:04:42 ERR_NOT_IMPLEMENTED / errSecNoPolicyModule
mattm 2016/09/27 23:39:22 Done.
}
OSStatus CreateSSLServerPolicy(const std::string& hostname,
SecPolicyRef* policy) {
+ base::ScopedCFTypeRef<CFStringRef> hostname_cfstring;
Ryan Sleevi 2016/09/27 22:04:42 hostname_cfstring feels a little weird (naming), i
mattm 2016/09/27 23:39:22 I suppose an argument could be made about variable
if (!hostname.empty()) {
- CSSM_APPLE_TP_SSL_OPTIONS tp_ssl_options;
- memset(&tp_ssl_options, 0, sizeof(tp_ssl_options));
- tp_ssl_options.Version = CSSM_APPLE_TP_SSL_OPTS_VERSION;
- tp_ssl_options.ServerName = hostname.data();
- tp_ssl_options.ServerNameLen = hostname.size();
-
- return CreatePolicy(&CSSMOID_APPLE_TP_SSL, &tp_ssl_options,
- sizeof(tp_ssl_options), policy);
+ hostname_cfstring.reset(base::SysUTF8ToCFStringRef(hostname));
+ if (!hostname_cfstring) {
+ // XXX better error code?
Ryan Sleevi 2016/09/27 22:04:42 ERR_NOT_IMPLEMENTED / errSecNoPolicyModule
mattm 2016/09/27 23:39:22 Done.
+ return errSecParam;
+ }
}
- return CreatePolicy(&CSSMOID_APPLE_TP_SSL, nullptr, 0U, policy);
+ *policy = SecPolicyCreateSSL(true /* server */, hostname_cfstring.get());
+ // XXX check *policy is not null?
+ return noErr;
}
OSStatus CreateBasicX509Policy(SecPolicyRef* policy) {
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698