diff options
| author | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-08-14 09:31:04 +0000 |
|---|---|---|
| committer | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-08-14 09:32:18 +0000 |
| commit | 24176affb65718b3f002dd8654f8c127185c78d4 (patch) | |
| tree | 1f0d1f1c8e5cda67f0015def84524270b9bb9935 /net/socket | |
| parent | ac33c2f0493ce2569f4e04e2526ee0ae9aed2269 (diff) | |
| download | chromium_src-24176affb65718b3f002dd8654f8c127185c78d4.zip chromium_src-24176affb65718b3f002dd8654f8c127185c78d4.tar.gz chromium_src-24176affb65718b3f002dd8654f8c127185c78d4.tar.bz2 | |
Remove manual CRYPTO_add calls.
Use X509_chain_up_ref, EVP_PKEY_dup, and newly-added X509_up_ref
instead. Also RAII OpenSSLClientKeyStore.
BUG=none
Review URL: https://codereview.chromium.org/474663002
Cr-Commit-Position: refs/heads/master@{#289498}
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@289498 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket')
| -rw-r--r-- | net/socket/ssl_client_socket_openssl.cc | 24 |
1 files changed, 4 insertions, 20 deletions
diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc index 89cb405..ed1138f 100644 --- a/net/socket/ssl_client_socket_openssl.cc +++ b/net/socket/ssl_client_socket_openssl.cc @@ -244,12 +244,8 @@ SSLClientSocketOpenSSL::PeerCertificateChain::operator=( // os_chain_ is reference counted by scoped_refptr; os_chain_ = other.os_chain_; - // Must increase the reference count manually for sk_X509_dup - openssl_chain_.reset(sk_X509_dup(other.openssl_chain_.get())); - for (size_t i = 0; i < sk_X509_num(openssl_chain_.get()); ++i) { - X509* x = sk_X509_value(openssl_chain_.get(), i); - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); - } + openssl_chain_.reset(X509_chain_up_ref(other.openssl_chain_.get())); + return *this; } @@ -271,15 +267,7 @@ void SSLClientSocketOpenSSL::PeerCertificateChain::Reset( os_chain_ = X509Certificate::CreateFromHandle(sk_X509_value(chain, 0), intermediates); - // sk_X509_dup does not increase reference count on the certs in the stack. - openssl_chain_.reset(sk_X509_dup(chain)); - - std::vector<base::StringPiece> der_chain; - for (size_t i = 0; i < sk_X509_num(openssl_chain_.get()); ++i) { - X509* x = sk_X509_value(openssl_chain_.get(), i); - // Increase the reference count for the certs in openssl_chain_. - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); - } + openssl_chain_.reset(X509_chain_up_ref(chain)); } #else // !defined(USE_OPENSSL_CERTS) void SSLClientSocketOpenSSL::PeerCertificateChain::Reset( @@ -290,16 +278,12 @@ void SSLClientSocketOpenSSL::PeerCertificateChain::Reset( if (!chain) return; - // sk_X509_dup does not increase reference count on the certs in the stack. - openssl_chain_.reset(sk_X509_dup(chain)); + openssl_chain_.reset(X509_chain_up_ref(chain)); std::vector<base::StringPiece> der_chain; for (size_t i = 0; i < sk_X509_num(openssl_chain_.get()); ++i) { X509* x = sk_X509_value(openssl_chain_.get(), i); - // Increase the reference count for the certs in openssl_chain_. - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); - unsigned char* cert_data = NULL; int cert_data_length = i2d_X509(x, &cert_data); if (cert_data_length && cert_data) |