[PATCH] schannel: Don't use SSLCopyPeerCertificates on Mac OS 10.4.
Charles Davis
cdavis at mymail.mines.edu
Wed Oct 26 23:57:30 CDT 2011
---
configure.ac | 5 +++++
dlls/secur32/schannel_macosx.c | 16 ++++++++++++++++
2 files changed, 21 insertions(+), 0 deletions(-)
diff --git a/configure.ac b/configure.ac
index ad4f36f..c4e44af 100644
--- a/configure.ac
+++ b/configure.ac
@@ -720,6 +720,11 @@ case $host_os in
if test "$ac_cv_header_Security_Security_h" = "yes"
then
AC_SUBST(SECURITYLIB,"-framework Security -framework CoreFoundation")
+ dnl Check for the SSLCopyPeerCertificates function
+ ac_save_LIBS="$LIBS"
+ LIBS="$LIBS $SECURITYLIB"
+ AC_CHECK_FUNCS(SSLCopyPeerCertificates)
+ LIBS="$ac_save_LIBS"
with_gnutls=${with_gnutls:-no}
fi
if test "$ac_cv_header_CoreAudio_CoreAudio_h" = "yes" -a "$ac_cv_header_AudioUnit_AudioUnit_h" = "yes"
diff --git a/dlls/secur32/schannel_macosx.c b/dlls/secur32/schannel_macosx.c
index 1158b14..01493b1 100644
--- a/dlls/secur32/schannel_macosx.c
+++ b/dlls/secur32/schannel_macosx.c
@@ -670,6 +670,13 @@ SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
return SEC_E_OK;
}
+#ifndef HAVE_SSLCOPYPEERCERTIFICATES
+static void schan_imp_cf_release(const void *arg, void *ctx)
+{
+ CFRelease(arg);
+}
+#endif
+
SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session,
PCCERT_CONTEXT *cert)
{
@@ -680,7 +687,11 @@ SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session
TRACE("(%p/%p, %p)\n", s, s->context, cert);
+#ifdef HAVE_SSLCOPYPEERCERTIFICATES
status = SSLCopyPeerCertificates(s->context, &certs);
+#else
+ status = SSLGetPeerCertificates(s->context, &certs);
+#endif
if (status == noErr && certs)
{
SecCertificateRef mac_cert;
@@ -702,6 +713,11 @@ SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session
}
else
WARN("Couldn't extract certificate data\n");
+#ifndef HAVE_SSLCOPYPEERCERTIFICATES
+ /* This is why SSLGetPeerCertificates was deprecated */
+ CFArrayApplyFunction(certs, CFRangeMake(0, CFArrayGetCount(certs)),
+ schan_imp_cf_release, NULL);
+#endif
CFRelease(certs);
}
else
--
1.7.7.1
More information about the wine-patches
mailing list