Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1774)

Side by Side Diff: net/cert/cert_verify_proc_mac.cc

Issue 2411023002: *WIP* Mac Unittest for client cert selection with intermediate certs
Patch Set: rebase Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/cert/test_keychain_search_list_mac.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc_mac.h" 5 #include "net/cert/cert_verify_proc_mac.h"
6 6
7 #include <CommonCrypto/CommonDigest.h> 7 #include <CommonCrypto/CommonDigest.h>
8 #include <CoreServices/CoreServices.h> 8 #include <CoreServices/CoreServices.h>
9 #include <Security/Security.h> 9 #include <Security/Security.h>
10 10
(...skipping 732 matching lines...) Expand 10 before | Expand all | Expand 10 after
743 for (bool try_reordered_keychain : {false, true}) { 743 for (bool try_reordered_keychain : {false, true}) {
744 ScopedCFTypeRef<CFArrayRef> scoped_alternate_keychain_search_list; 744 ScopedCFTypeRef<CFArrayRef> scoped_alternate_keychain_search_list;
745 if (TestKeychainSearchList::HasInstance()) { 745 if (TestKeychainSearchList::HasInstance()) {
746 // Unit tests need to be able to hermetically simulate situations where a 746 // Unit tests need to be able to hermetically simulate situations where a
747 // user has an undesirable certificate in a per-user keychain. 747 // user has an undesirable certificate in a per-user keychain.
748 // Adding/Removing a Keychain using SecKeychainCreate/SecKeychainDelete 748 // Adding/Removing a Keychain using SecKeychainCreate/SecKeychainDelete
749 // has global side effects, which would break other tests and processes 749 // has global side effects, which would break other tests and processes
750 // running on the same machine, so instead tests may load pre-created 750 // running on the same machine, so instead tests may load pre-created
751 // keychains using SecKeychainOpen and then inject them through 751 // keychains using SecKeychainOpen and then inject them through
752 // TestKeychainSearchList. 752 // TestKeychainSearchList.
753 CFArrayRef keychain_search_list;
754 status = TestKeychainSearchList::GetInstance()->CopySearchList( 753 status = TestKeychainSearchList::GetInstance()->CopySearchList(
755 &keychain_search_list); 754 &scoped_alternate_keychain_search_list);
756 if (status) 755 if (status)
757 return NetErrorFromOSStatus(status); 756 return NetErrorFromOSStatus(status);
758 scoped_alternate_keychain_search_list.reset(keychain_search_list);
759 } 757 }
760 if (try_reordered_keychain) { 758 if (try_reordered_keychain) {
761 // If a TestKeychainSearchList is present, it will have already set 759 // If a TestKeychainSearchList is present, it will have already set
762 // |scoped_alternate_keychain_search_list|, which will be used as the 760 // |scoped_alternate_keychain_search_list|, which will be used as the
763 // basis for reordering the keychain. Otherwise, get the current keychain 761 // basis for reordering the keychain. Otherwise, get the current keychain
764 // search list and use that. 762 // search list and use that.
765 if (!scoped_alternate_keychain_search_list) { 763 if (!scoped_alternate_keychain_search_list) {
766 CFArrayRef keychain_search_list; 764 CFArrayRef keychain_search_list;
767 status = SecKeychainCopySearchList(&keychain_search_list); 765 status = SecKeychainCopySearchList(&keychain_search_list);
768 if (status) 766 if (status)
(...skipping 333 matching lines...) Expand 10 before | Expand all | Expand 10 after
1102 // EV cert and it was covered by CRLSets or revocation checking passed. 1100 // EV cert and it was covered by CRLSets or revocation checking passed.
1103 verify_result->cert_status |= CERT_STATUS_IS_EV; 1101 verify_result->cert_status |= CERT_STATUS_IS_EV;
1104 } 1102 }
1105 1103
1106 return OK; 1104 return OK;
1107 } 1105 }
1108 1106
1109 } // namespace net 1107 } // namespace net
1110 1108
1111 #pragma clang diagnostic pop // "-Wdeprecated-declarations" 1109 #pragma clang diagnostic pop // "-Wdeprecated-declarations"
OLDNEW
« no previous file with comments | « no previous file | net/cert/test_keychain_search_list_mac.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698