| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/test_root_certs.h" | 5 #include "net/cert/test_root_certs.h" |
| 6 | 6 |
| 7 #include <Security/Security.h> | 7 #include <Security/Security.h> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "net/cert/x509_certificate.h" | 10 #include "net/cert/x509_certificate.h" |
| 11 | 11 |
| 12 namespace net { | 12 namespace net { |
| 13 | 13 |
| 14 namespace { | |
| 15 | |
| 16 typedef OSStatus (*SecTrustSetAnchorCertificatesOnlyFuncPtr)(SecTrustRef, | |
| 17 Boolean); | |
| 18 | |
| 19 Boolean OurSecCertificateEqual(const void* value1, const void* value2) { | |
| 20 if (CFGetTypeID(value1) != SecCertificateGetTypeID() || | |
| 21 CFGetTypeID(value2) != SecCertificateGetTypeID()) | |
| 22 return CFEqual(value1, value2); | |
| 23 return X509Certificate::IsSameOSCert( | |
| 24 reinterpret_cast<SecCertificateRef>(const_cast<void*>(value1)), | |
| 25 reinterpret_cast<SecCertificateRef>(const_cast<void*>(value2))); | |
| 26 } | |
| 27 | |
| 28 const void* RetainWrapper(CFAllocatorRef unused, const void* value) { | |
| 29 return CFRetain(value); | |
| 30 } | |
| 31 | |
| 32 void ReleaseWrapper(CFAllocatorRef unused, const void* value) { | |
| 33 CFRelease(value); | |
| 34 } | |
| 35 | |
| 36 // CFEqual prior to 10.6 only performed pointer checks on SecCertificateRefs, | |
| 37 // rather than checking if they were the same (logical) certificate, so a | |
| 38 // custom structure is used for the array callbacks. | |
| 39 const CFArrayCallBacks kCertArrayCallbacks = { | |
| 40 0, // version | |
| 41 RetainWrapper, | |
| 42 ReleaseWrapper, | |
| 43 CFCopyDescription, | |
| 44 OurSecCertificateEqual, | |
| 45 }; | |
| 46 | |
| 47 } // namespace | |
| 48 | |
| 49 bool TestRootCerts::Add(X509Certificate* certificate) { | 14 bool TestRootCerts::Add(X509Certificate* certificate) { |
| 50 if (CFArrayContainsValue(temporary_roots_, | 15 if (CFArrayContainsValue(temporary_roots_, |
| 51 CFRangeMake(0, CFArrayGetCount(temporary_roots_)), | 16 CFRangeMake(0, CFArrayGetCount(temporary_roots_)), |
| 52 certificate->os_cert_handle())) | 17 certificate->os_cert_handle())) |
| 53 return true; | 18 return true; |
| 54 CFArrayAppendValue(temporary_roots_, certificate->os_cert_handle()); | 19 CFArrayAppendValue(temporary_roots_, certificate->os_cert_handle()); |
| 55 return true; | 20 return true; |
| 56 } | 21 } |
| 57 | 22 |
| 58 void TestRootCerts::Clear() { | 23 void TestRootCerts::Clear() { |
| (...skipping 14 matching lines...) Expand all Loading... |
| 73 return SecTrustSetAnchorCertificatesOnly(trust_ref, !allow_system_trust_); | 38 return SecTrustSetAnchorCertificatesOnly(trust_ref, !allow_system_trust_); |
| 74 } | 39 } |
| 75 | 40 |
| 76 void TestRootCerts::SetAllowSystemTrust(bool allow_system_trust) { | 41 void TestRootCerts::SetAllowSystemTrust(bool allow_system_trust) { |
| 77 allow_system_trust_ = allow_system_trust; | 42 allow_system_trust_ = allow_system_trust; |
| 78 } | 43 } |
| 79 | 44 |
| 80 TestRootCerts::~TestRootCerts() {} | 45 TestRootCerts::~TestRootCerts() {} |
| 81 | 46 |
| 82 void TestRootCerts::Init() { | 47 void TestRootCerts::Init() { |
| 83 temporary_roots_.reset(CFArrayCreateMutable(kCFAllocatorDefault, 0, | 48 temporary_roots_.reset( |
| 84 &kCertArrayCallbacks)); | 49 CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks)); |
| 85 allow_system_trust_ = true; | 50 allow_system_trust_ = true; |
| 86 } | 51 } |
| 87 | 52 |
| 88 } // namespace net | 53 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2756733003:
Delete SecCertificate equality hacks for old macOS versions (Closed)
