| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc_mac.h" | 5 #include "net/cert/cert_verify_proc_mac.h" |
| 6 | 6 |
| 7 #include <CommonCrypto/CommonDigest.h> | 7 #include <CommonCrypto/CommonDigest.h> |
| 8 #include <CoreServices/CoreServices.h> | 8 #include <CoreServices/CoreServices.h> |
| 9 #include <Security/Security.h> | 9 #include <Security/Security.h> |
| 10 | 10 |
| (...skipping 472 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 483 ScopedCFTypeRef<CFArrayRef> trust_policies; | 483 ScopedCFTypeRef<CFArrayRef> trust_policies; |
| 484 OSStatus status = CreateTrustPolicies(hostname, flags, &trust_policies); | 484 OSStatus status = CreateTrustPolicies(hostname, flags, &trust_policies); |
| 485 if (status) | 485 if (status) |
| 486 return NetErrorFromOSStatus(status); | 486 return NetErrorFromOSStatus(status); |
| 487 | 487 |
| 488 // Create and configure a SecTrustRef, which takes our certificate(s) | 488 // Create and configure a SecTrustRef, which takes our certificate(s) |
| 489 // and our SSL SecPolicyRef. SecTrustCreateWithCertificates() takes an | 489 // and our SSL SecPolicyRef. SecTrustCreateWithCertificates() takes an |
| 490 // array of certificates, the first of which is the certificate we're | 490 // array of certificates, the first of which is the certificate we're |
| 491 // verifying, and the subsequent (optional) certificates are used for | 491 // verifying, and the subsequent (optional) certificates are used for |
| 492 // chain building. | 492 // chain building. |
| 493 ScopedCFTypeRef<CFMutableArrayRef> cert_array(CFArrayCreateMutableCopy( | 493 ScopedCFTypeRef<CFMutableArrayRef> cert_array( |
| 494 kCFAllocatorDefault, 0, cert->CreateOSCertChainForCert())); | 494 cert->CreateOSCertChainForCert()); |
| 495 | 495 |
| 496 // Serialize all calls that may use the Keychain, to work around various | 496 // Serialize all calls that may use the Keychain, to work around various |
| 497 // issues in OS X 10.6+ with multi-threaded access to Security.framework. | 497 // issues in OS X 10.6+ with multi-threaded access to Security.framework. |
| 498 base::AutoLock lock(crypto::GetMacSecurityServicesLock()); | 498 base::AutoLock lock(crypto::GetMacSecurityServicesLock()); |
| 499 | 499 |
| 500 ScopedCFTypeRef<SecTrustRef> trust_ref; | 500 ScopedCFTypeRef<SecTrustRef> trust_ref; |
| 501 SecTrustResultType trust_result = kSecTrustResultDeny; | 501 SecTrustResultType trust_result = kSecTrustResultDeny; |
| 502 ScopedCFTypeRef<CFArrayRef> completed_chain; | 502 ScopedCFTypeRef<CFArrayRef> completed_chain; |
| 503 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info = NULL; | 503 CSSM_TP_APPLE_EVIDENCE_INFO* chain_info = NULL; |
| 504 bool candidate_untrusted = true; | 504 bool candidate_untrusted = true; |
| (...skipping 260 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 765 } | 765 } |
| 766 } | 766 } |
| 767 } | 767 } |
| 768 } | 768 } |
| 769 } | 769 } |
| 770 | 770 |
| 771 return OK; | 771 return OK; |
| 772 } | 772 } |
| 773 | 773 |
| 774 } // namespace net | 774 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 886933008:
Fix a memory leak in net::CertVerifyProcMac::VerifyInternal (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master