Ken Thomases : crypt32: Read trusted root certificates from system keychain on Mac OS X.
Alexandre Julliard
julliard at winehq.org
Mon Nov 23 08:49:48 CST 2009
Module: wine
Branch: master
Commit: 3921454398d8808fb0e3d4e03f023c4ec70cba17
URL: http://source.winehq.org/git/wine.git/?a=commit;h=3921454398d8808fb0e3d4e03f023c4ec70cba17
Author: Ken Thomases <ken at codeweavers.com>
Date: Fri Nov 20 15:49:11 2009 -0600
crypt32: Read trusted root certificates from system keychain on Mac OS X.
---
dlls/crypt32/Makefile.in | 1 +
dlls/crypt32/rootstore.c | 32 ++++++++++++++++++++++++++++++++
2 files changed, 33 insertions(+), 0 deletions(-)
diff --git a/dlls/crypt32/Makefile.in b/dlls/crypt32/Makefile.in
index c2284b7..2daa01a 100644
--- a/dlls/crypt32/Makefile.in
+++ b/dlls/crypt32/Makefile.in
@@ -6,6 +6,7 @@ VPATH = @srcdir@
MODULE = crypt32.dll
IMPORTLIB = crypt32
IMPORTS = user32 advapi32 kernel32 ntdll
+EXTRALIBS = @SECURITYLIB@
C_SRCS = \
base64.c \
diff --git a/dlls/crypt32/rootstore.c b/dlls/crypt32/rootstore.c
index a55b281..70b5ef8 100644
--- a/dlls/crypt32/rootstore.c
+++ b/dlls/crypt32/rootstore.c
@@ -40,6 +40,9 @@
#include "winternl.h"
#include "wine/debug.h"
#include "crypt32_private.h"
+#ifdef __APPLE__
+#include <Security/Security.h>
+#endif
WINE_DEFAULT_DEBUG_CHANNEL(crypt);
@@ -713,6 +716,35 @@ static void read_trusted_roots_from_known_locations(HCERTSTORE store)
DWORD i;
BOOL ret = FALSE;
+#ifdef __APPLE__
+ OSStatus status;
+ CFArrayRef rootCerts;
+
+ status = SecTrustCopyAnchorCertificates(&rootCerts);
+ if (status == noErr)
+ {
+ int i;
+ for (i = 0; i < CFArrayGetCount(rootCerts); i++)
+ {
+ SecCertificateRef cert = (SecCertificateRef)CFArrayGetValueAtIndex(rootCerts, i);
+ CFDataRef certData;
+ if ((status = SecKeychainItemExport(cert, kSecFormatX509Cert, 0, NULL, &certData)) == noErr)
+ {
+ if (CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
+ CFDataGetBytePtr(certData), CFDataGetLength(certData),
+ CERT_STORE_ADD_NEW, NULL))
+ ret = TRUE;
+ else
+ WARN("adding root cert %d failed: %08x\n", i, GetLastError());
+ CFRelease(certData);
+ }
+ else
+ WARN("could not export certificate %d to X509 format: 0x%08x\n", i, (unsigned int)status);
+ }
+ CFRelease(rootCerts);
+ }
+#endif
+
for (i = 0; !ret &&
i < sizeof(CRYPT_knownLocations) / sizeof(CRYPT_knownLocations[0]);
i++)
More information about the wine-cvs
mailing list