Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(688)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/test_root_certs_mac.cc

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/mime_util_unittest.cc ('K') | « net/cert/test_root_certs_android.cc ('k') | net/cert/test_root_certs_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/test_root_certs.h" 5 #include "net/cert/test_root_certs.h"
6 6
7 #include <Security/Security.h> 7 #include <Security/Security.h>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/mac/mac_util.h" 10 #include "base/mac/mac_util.h"
(...skipping 21 matching lines...) Expand all
32 } 32 }
33 33
34 void ReleaseWrapper(CFAllocatorRef unused, const void* value) { 34 void ReleaseWrapper(CFAllocatorRef unused, const void* value) {
35 CFRelease(value); 35 CFRelease(value);
36 } 36 }
37 37
38 // CFEqual prior to 10.6 only performed pointer checks on SecCertificateRefs, 38 // CFEqual prior to 10.6 only performed pointer checks on SecCertificateRefs,
39 // rather than checking if they were the same (logical) certificate, so a 39 // rather than checking if they were the same (logical) certificate, so a
40 // custom structure is used for the array callbacks. 40 // custom structure is used for the array callbacks.
41 const CFArrayCallBacks kCertArrayCallbacks = { 41 const CFArrayCallBacks kCertArrayCallbacks = {
42 0, // version 42 0, // version
43 RetainWrapper, 43 RetainWrapper, ReleaseWrapper, CFCopyDescription, OurSecCertificateEqual,
44 ReleaseWrapper,
45 CFCopyDescription,
46 OurSecCertificateEqual,
47 }; 44 };
48 45
49 } // namespace 46 } // namespace
50 47
51 bool TestRootCerts::Add(X509Certificate* certificate) { 48 bool TestRootCerts::Add(X509Certificate* certificate) {
52 if (CFArrayContainsValue(temporary_roots_, 49 if (CFArrayContainsValue(temporary_roots_,
53 CFRangeMake(0, CFArrayGetCount(temporary_roots_)), 50 CFRangeMake(0, CFArrayGetCount(temporary_roots_)),
54 certificate->os_cert_handle())) 51 certificate->os_cert_handle()))
55 return true; 52 return true;
56 CFArrayAppendValue(temporary_roots_, certificate->os_cert_handle()); 53 CFArrayAppendValue(temporary_roots_, certificate->os_cert_handle());
57 return true; 54 return true;
58 } 55 }
59 56
60 void TestRootCerts::Clear() { 57 void TestRootCerts::Clear() {
61 CFArrayRemoveAllValues(temporary_roots_); 58 CFArrayRemoveAllValues(temporary_roots_);
62 } 59 }
63 60
64 bool TestRootCerts::IsEmpty() const { 61 bool TestRootCerts::IsEmpty() const {
65 return CFArrayGetCount(temporary_roots_) == 0; 62 return CFArrayGetCount(temporary_roots_) == 0;
66 } 63 }
67 64
68 OSStatus TestRootCerts::FixupSecTrustRef(SecTrustRef trust_ref) const { 65 OSStatus TestRootCerts::FixupSecTrustRef(SecTrustRef trust_ref) const {
69 if (IsEmpty()) 66 if (IsEmpty())
70 return noErr; 67 return noErr;
71 68
72 // Despite SecTrustSetAnchorCertificatesOnly existing in OS X 10.6, and 69 // Despite SecTrustSetAnchorCertificatesOnly existing in OS X 10.6, and
73 // being documented as available, it is not actually implemented. On 10.7+, 70 // being documented as available, it is not actually implemented. On 10.7+,
74 // however, it always works. 71 // however, it always works.
75 if (base::mac::IsOSLionOrLater()) { 72 if (base::mac::IsOSLionOrLater()) {
76 OSStatus status = SecTrustSetAnchorCertificates(trust_ref, 73 OSStatus status =
77 temporary_roots_); 74 SecTrustSetAnchorCertificates(trust_ref, temporary_roots_);
78 if (status) 75 if (status)
79 return status; 76 return status;
80 return SecTrustSetAnchorCertificatesOnly(trust_ref, !allow_system_trust_); 77 return SecTrustSetAnchorCertificatesOnly(trust_ref, !allow_system_trust_);
81 } 78 }
82 79
83 if (!allow_system_trust_) { 80 if (!allow_system_trust_) {
84 // Avoid any copying if system roots are not to be trusted. This acts as 81 // Avoid any copying if system roots are not to be trusted. This acts as
85 // an exclusive list on 10.6, replacing the built-ins. 82 // an exclusive list on 10.6, replacing the built-ins.
86 return SecTrustSetAnchorCertificates(trust_ref, temporary_roots_); 83 return SecTrustSetAnchorCertificates(trust_ref, temporary_roots_);
87 } 84 }
88 85
89 // Otherwise, both system trust and temporary_roots_ must be trusted. 86 // Otherwise, both system trust and temporary_roots_ must be trusted.
90 // Emulate the functionality of SecTrustSetAnchorCertificatesOnly by 87 // Emulate the functionality of SecTrustSetAnchorCertificatesOnly by
91 // creating a copy of the system roots and merging with temporary_roots_. 88 // creating a copy of the system roots and merging with temporary_roots_.
92 CFArrayRef system_roots = NULL; 89 CFArrayRef system_roots = NULL;
93 OSStatus status = SecTrustCopyAnchorCertificates(&system_roots); 90 OSStatus status = SecTrustCopyAnchorCertificates(&system_roots);
94 if (status) 91 if (status)
95 return status; 92 return status;
96 93
97 base::ScopedCFTypeRef<CFArrayRef> scoped_system_roots(system_roots); 94 base::ScopedCFTypeRef<CFArrayRef> scoped_system_roots(system_roots);
98 base::ScopedCFTypeRef<CFMutableArrayRef> scoped_roots( 95 base::ScopedCFTypeRef<CFMutableArrayRef> scoped_roots(
99 CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, scoped_system_roots)); 96 CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, scoped_system_roots));
100 CFArrayAppendArray(scoped_roots, temporary_roots_, 97 CFArrayAppendArray(scoped_roots,
98 temporary_roots_,
101 CFRangeMake(0, CFArrayGetCount(temporary_roots_))); 99 CFRangeMake(0, CFArrayGetCount(temporary_roots_)));
102 return SecTrustSetAnchorCertificates(trust_ref, scoped_roots); 100 return SecTrustSetAnchorCertificates(trust_ref, scoped_roots);
103 } 101 }
104 102
105 void TestRootCerts::SetAllowSystemTrust(bool allow_system_trust) { 103 void TestRootCerts::SetAllowSystemTrust(bool allow_system_trust) {
106 allow_system_trust_ = allow_system_trust; 104 allow_system_trust_ = allow_system_trust;
107 } 105 }
108 106
109 TestRootCerts::~TestRootCerts() {} 107 TestRootCerts::~TestRootCerts() {
108 }
110 109
111 void TestRootCerts::Init() { 110 void TestRootCerts::Init() {
112 temporary_roots_.reset(CFArrayCreateMutable(kCFAllocatorDefault, 0, 111 temporary_roots_.reset(
113 &kCertArrayCallbacks)); 112 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCertArrayCallbacks));
114 allow_system_trust_ = true; 113 allow_system_trust_ = true;
115 } 114 }
116 115
117 } // namespace net 116 } // namespace net
OLDNEW
« net/base/mime_util_unittest.cc ('K') | « net/cert/test_root_certs_android.cc ('k') | net/cert/test_root_certs_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698