Charles Davis : schannel: Don't use SSLCopyPeerCertificates on Mac OS 10.4.
Alexandre Julliard
julliard at winehq.org
Thu Oct 27 13:30:12 CDT 2011
Module: wine
Branch: master
Commit: 65634bca0be94c65e739bb00c7469c9ba27c6840
URL: http://source.winehq.org/git/wine.git/?a=commit;h=65634bca0be94c65e739bb00c7469c9ba27c6840
Author: Charles Davis <cdavis at mymail.mines.edu>
Date: Wed Oct 26 22:57:30 2011 -0600
schannel: Don't use SSLCopyPeerCertificates on Mac OS 10.4.
---
configure | 14 ++++++++++++++
configure.ac | 5 +++++
dlls/secur32/schannel_macosx.c | 16 ++++++++++++++++
include/config.h.in | 3 +++
4 files changed, 38 insertions(+), 0 deletions(-)
diff --git a/configure b/configure
index 48978ca..07c4ef2 100755
--- a/configure
+++ b/configure
@@ -6499,6 +6499,20 @@ fi
then
SECURITYLIB="-framework Security -framework CoreFoundation"
+ ac_save_LIBS="$LIBS"
+ LIBS="$LIBS $SECURITYLIB"
+ for ac_func in SSLCopyPeerCertificates
+do :
+ ac_fn_c_check_func "$LINENO" "SSLCopyPeerCertificates" "ac_cv_func_SSLCopyPeerCertificates"
+if test "x$ac_cv_func_SSLCopyPeerCertificates" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SSLCOPYPEERCERTIFICATES 1
+_ACEOF
+
+fi
+done
+
+ LIBS="$ac_save_LIBS"
with_gnutls=${with_gnutls:-no}
fi
if test "$ac_cv_header_CoreAudio_CoreAudio_h" = "yes" -a "$ac_cv_header_AudioUnit_AudioUnit_h" = "yes"
diff --git a/configure.ac b/configure.ac
index ad4f36f..c4e44af 100644
--- a/configure.ac
+++ b/configure.ac
@@ -720,6 +720,11 @@ case $host_os in
if test "$ac_cv_header_Security_Security_h" = "yes"
then
AC_SUBST(SECURITYLIB,"-framework Security -framework CoreFoundation")
+ dnl Check for the SSLCopyPeerCertificates function
+ ac_save_LIBS="$LIBS"
+ LIBS="$LIBS $SECURITYLIB"
+ AC_CHECK_FUNCS(SSLCopyPeerCertificates)
+ LIBS="$ac_save_LIBS"
with_gnutls=${with_gnutls:-no}
fi
if test "$ac_cv_header_CoreAudio_CoreAudio_h" = "yes" -a "$ac_cv_header_AudioUnit_AudioUnit_h" = "yes"
diff --git a/dlls/secur32/schannel_macosx.c b/dlls/secur32/schannel_macosx.c
index 1158b14..01493b1 100644
--- a/dlls/secur32/schannel_macosx.c
+++ b/dlls/secur32/schannel_macosx.c
@@ -670,6 +670,13 @@ SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
return SEC_E_OK;
}
+#ifndef HAVE_SSLCOPYPEERCERTIFICATES
+static void schan_imp_cf_release(const void *arg, void *ctx)
+{
+ CFRelease(arg);
+}
+#endif
+
SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session,
PCCERT_CONTEXT *cert)
{
@@ -680,7 +687,11 @@ SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session
TRACE("(%p/%p, %p)\n", s, s->context, cert);
+#ifdef HAVE_SSLCOPYPEERCERTIFICATES
status = SSLCopyPeerCertificates(s->context, &certs);
+#else
+ status = SSLGetPeerCertificates(s->context, &certs);
+#endif
if (status == noErr && certs)
{
SecCertificateRef mac_cert;
@@ -702,6 +713,11 @@ SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session
}
else
WARN("Couldn't extract certificate data\n");
+#ifndef HAVE_SSLCOPYPEERCERTIFICATES
+ /* This is why SSLGetPeerCertificates was deprecated */
+ CFArrayApplyFunction(certs, CFRangeMake(0, CFArrayGetCount(certs)),
+ schan_imp_cf_release, NULL);
+#endif
CFRelease(certs);
}
else
diff --git a/include/config.h.in b/include/config.h.in
index f70e354..bb13463 100644
--- a/include/config.h.in
+++ b/include/config.h.in
@@ -746,6 +746,9 @@
/* Define to 1 if the system has the type `ssize_t'. */
#undef HAVE_SSIZE_T
+/* Define to 1 if you have the `SSLCopyPeerCertificates' function. */
+#undef HAVE_SSLCOPYPEERCERTIFICATES
+
/* Define to 1 if you have the `statfs' function. */
#undef HAVE_STATFS
More information about the wine-cvs
mailing list