summaryrefslogtreecommitdiffstats
path: root/net/socket/ssl_client_socket_mac.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/socket/ssl_client_socket_mac.cc')
-rw-r--r--net/socket/ssl_client_socket_mac.cc21
1 files changed, 7 insertions, 14 deletions
diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc
index b3cfc44..ebb31f2 100644
--- a/net/socket/ssl_client_socket_mac.cc
+++ b/net/socket/ssl_client_socket_mac.cc
@@ -412,29 +412,22 @@ X509Certificate* GetServerCert(SSLContextRef ssl_context) {
DCHECK_GT(CFArrayGetCount(certs), 0);
- SecCertificateRef server_cert = static_cast<SecCertificateRef>(
- const_cast<void*>(CFArrayGetValueAtIndex(certs, 0)));
- CFRetain(server_cert);
- X509Certificate *x509_cert = X509Certificate::CreateFromHandle(
- server_cert, X509Certificate::SOURCE_FROM_NETWORK);
- if (!x509_cert)
- return NULL;
-
// Add each of the intermediate certificates in the server's chain to the
// server's X509Certificate object. This makes them available to
// X509Certificate::Verify() for chain building.
- // TODO(wtc): Since X509Certificate::CreateFromHandle may return a cached
- // X509Certificate object, we may be adding intermediate CA certificates to
- // it repeatedly!
+ std::vector<SecCertificateRef> intermediate_ca_certs;
CFIndex certs_length = CFArrayGetCount(certs);
for (CFIndex i = 1; i < certs_length; ++i) {
SecCertificateRef cert_ref = reinterpret_cast<SecCertificateRef>(
const_cast<void*>(CFArrayGetValueAtIndex(certs, i)));
- CFRetain(cert_ref);
- x509_cert->AddIntermediateCertificate(cert_ref);
+ intermediate_ca_certs.push_back(cert_ref);
}
- return x509_cert;
+ SecCertificateRef server_cert = static_cast<SecCertificateRef>(
+ const_cast<void*>(CFArrayGetValueAtIndex(certs, 0)));
+ CFRetain(server_cert);
+ return X509Certificate::CreateFromHandle(
+ server_cert, X509Certificate::SOURCE_FROM_NETWORK, intermediate_ca_certs);
}
// Dynamically look up a pointer to a function exported by a bundle.
generated by cgit v1.1 at 2025-01-09 16:24:42 +0000