diff options
| -rw-r--r-- | base/base.gypi | 4 | ||||
| -rw-r--r-- | base/crypto/cssm_init.cc | 27 | ||||
| -rw-r--r-- | base/crypto/cssm_init.h | 9 | ||||
| -rw-r--r-- | base/crypto/mac_security_services_lock.cc | 42 | ||||
| -rw-r--r-- | base/crypto/mac_security_services_lock.h | 22 | ||||
| -rw-r--r-- | net/base/cert_database_mac.cc | 2 | ||||
| -rw-r--r-- | net/base/keygen_handler_mac.cc | 1 |
7 files changed, 70 insertions, 37 deletions
diff --git a/base/base.gypi b/base/base.gypi index ef1d8d8..c265f36 100644 --- a/base/base.gypi +++ b/base/base.gypi @@ -506,6 +506,8 @@ 'sources!': [ 'crypto/cssm_init.cc', 'crypto/cssm_init.h', + 'crypto/mac_security_services_lock.cc', + 'crypto/mac_security_services_lock.h', ], }], [ 'OS == "mac" or OS == "win"', { @@ -577,6 +579,8 @@ 'crypto/encryptor_nss.cc', 'crypto/encryptor_openssl.cc', 'crypto/encryptor_win.cc', + 'crypto/mac_security_services_lock.cc', + 'crypto/mac_security_services_lock.h', 'crypto/rsa_private_key.h', 'crypto/rsa_private_key.cc', 'crypto/rsa_private_key_mac.cc', diff --git a/base/crypto/cssm_init.cc b/base/crypto/cssm_init.cc index 570dcc3..3071716 100644 --- a/base/crypto/cssm_init.cc +++ b/base/crypto/cssm_init.cc @@ -9,7 +9,6 @@ #include "base/logging.h" #include "base/mac/scoped_cftyperef.h" #include "base/singleton.h" -#include "base/synchronization/lock.h" #include "base/sys_string_conversions.h" // When writing crypto code for Mac OS X, you may find the following @@ -154,28 +153,6 @@ class CSSMInitSingleton { friend struct DefaultSingletonTraits<CSSMInitSingleton>; }; -// This singleton is separate as it pertains to Apple's wrappers over -// their own CSSM handles, as opposed to our own CSSM_CSP_HANDLE. -class SecurityServicesSingleton { - public: - static SecurityServicesSingleton* GetInstance() { - return Singleton<SecurityServicesSingleton, - LeakySingletonTraits<SecurityServicesSingleton> >::get(); - } - - base::Lock& lock() { return lock_; } - - private: - friend struct DefaultSingletonTraits<SecurityServicesSingleton>; - - SecurityServicesSingleton() {} - ~SecurityServicesSingleton() {} - - base::Lock lock_; - - DISALLOW_COPY_AND_ASSIGN(SecurityServicesSingleton); -}; - } // namespace namespace base { @@ -213,10 +190,6 @@ void LogCSSMError(const char* fn_name, CSSM_RETURN err) { << " (" << SysCFStringRefToUTF8(cfstr) << ")"; } -base::Lock& GetMacSecurityServicesLock() { - return SecurityServicesSingleton::GetInstance()->lock(); -} - ScopedCSSMData::ScopedCSSMData() { memset(&data_, 0, sizeof(data_)); } diff --git a/base/crypto/cssm_init.h b/base/crypto/cssm_init.h index b51a3b5..bce5954 100644 --- a/base/crypto/cssm_init.h +++ b/base/crypto/cssm_init.h @@ -12,8 +12,6 @@ namespace base { -class Lock; - // Initialize CSSM if it isn't already initialized. This must be called before // any other CSSM functions. This function is thread-safe, and CSSM will only // ever be initialized once. CSSM will be properly shut down on program exit. @@ -38,13 +36,6 @@ void LogCSSMError(const char *function_name, CSSM_RETURN err); void* CSSMMalloc(CSSM_SIZE size); void CSSMFree(void* ptr); -// The OS X certificate and key management wrappers over CSSM are not -// thread-safe. In particular, code that accesses the CSSM database is -// problematic. -// -// http://developer.apple.com/mac/library/documentation/Security/Reference/certifkeytrustservices/Reference/reference.html -Lock& GetMacSecurityServicesLock(); - // Wrapper class for CSSM_DATA type. This should only be used when using the // CL/TP/CSP handles from above, since that's the only time we're guaranteed (or // supposed to be guaranteed) that our memory management functions will be used. diff --git a/base/crypto/mac_security_services_lock.cc b/base/crypto/mac_security_services_lock.cc new file mode 100644 index 0000000..df1e3ce --- /dev/null +++ b/base/crypto/mac_security_services_lock.cc @@ -0,0 +1,42 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/crypto/mac_security_services_lock.h" + +#include "base/singleton.h" +#include "base/synchronization/lock.h" + +namespace { + +// This singleton pertains to Apple's wrappers over their own CSSM handles, +// as opposed to our own CSSM_CSP_HANDLE in cssm_init.cc. +class SecurityServicesSingleton { + public: + static SecurityServicesSingleton* GetInstance() { + return Singleton<SecurityServicesSingleton, + LeakySingletonTraits<SecurityServicesSingleton> >::get(); + } + + base::Lock& lock() { return lock_; } + + private: + friend struct DefaultSingletonTraits<SecurityServicesSingleton>; + + SecurityServicesSingleton() {} + ~SecurityServicesSingleton() {} + + base::Lock lock_; + + DISALLOW_COPY_AND_ASSIGN(SecurityServicesSingleton); +}; + +} // namespace + +namespace base { + +base::Lock& GetMacSecurityServicesLock() { + return SecurityServicesSingleton::GetInstance()->lock(); +} + +} // namespace base diff --git a/base/crypto/mac_security_services_lock.h b/base/crypto/mac_security_services_lock.h new file mode 100644 index 0000000..42c2bff --- /dev/null +++ b/base/crypto/mac_security_services_lock.h @@ -0,0 +1,22 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ +#define BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ +#pragma once + +namespace base { + +class Lock; + +// The Mac OS X certificate and key management wrappers over CSSM are not +// thread-safe. In particular, code that accesses the CSSM database is +// problematic. +// +// http://developer.apple.com/mac/library/documentation/Security/Reference/certifkeytrustservices/Reference/reference.html +Lock& GetMacSecurityServicesLock(); + +} // namespace base + +#endif // BASE_CRYPTO_MAC_SECURITY_SERVICES_LOCK_H_ diff --git a/net/base/cert_database_mac.cc b/net/base/cert_database_mac.cc index 66828ad..05854fc 100644 --- a/net/base/cert_database_mac.cc +++ b/net/base/cert_database_mac.cc @@ -6,7 +6,7 @@ #include <Security/Security.h> -#include "base/crypto/cssm_init.h" +#include "base/crypto/mac_security_services_lock.h" #include "base/logging.h" #include "base/synchronization/lock.h" #include "net/base/net_errors.h" diff --git a/net/base/keygen_handler_mac.cc b/net/base/keygen_handler_mac.cc index df9ce4a..cfd72bb 100644 --- a/net/base/keygen_handler_mac.cc +++ b/net/base/keygen_handler_mac.cc @@ -10,6 +10,7 @@ #include "base/base64.h" #include "base/crypto/cssm_init.h" +#include "base/crypto/mac_security_services_lock.h" #include "base/logging.h" #include "base/mac/scoped_cftyperef.h" #include "base/string_util.h" |