Commit 39214543 authored by Ken Thomases's avatar Ken Thomases Committed by Alexandre Julliard

crypt32: Read trusted root certificates from system keychain on Mac OS X.

parent ff57ba9d
...@@ -6,6 +6,7 @@ VPATH = @srcdir@ ...@@ -6,6 +6,7 @@ VPATH = @srcdir@
MODULE = crypt32.dll MODULE = crypt32.dll
IMPORTLIB = crypt32 IMPORTLIB = crypt32
IMPORTS = user32 advapi32 kernel32 ntdll IMPORTS = user32 advapi32 kernel32 ntdll
EXTRALIBS = @SECURITYLIB@
C_SRCS = \ C_SRCS = \
base64.c \ base64.c \
......
...@@ -40,6 +40,9 @@ ...@@ -40,6 +40,9 @@
#include "winternl.h" #include "winternl.h"
#include "wine/debug.h" #include "wine/debug.h"
#include "crypt32_private.h" #include "crypt32_private.h"
#ifdef __APPLE__
#include <Security/Security.h>
#endif
WINE_DEFAULT_DEBUG_CHANNEL(crypt); WINE_DEFAULT_DEBUG_CHANNEL(crypt);
...@@ -713,6 +716,35 @@ static void read_trusted_roots_from_known_locations(HCERTSTORE store) ...@@ -713,6 +716,35 @@ static void read_trusted_roots_from_known_locations(HCERTSTORE store)
DWORD i; DWORD i;
BOOL ret = FALSE; BOOL ret = FALSE;
#ifdef __APPLE__
OSStatus status;
CFArrayRef rootCerts;
status = SecTrustCopyAnchorCertificates(&rootCerts);
if (status == noErr)
{
int i;
for (i = 0; i < CFArrayGetCount(rootCerts); i++)
{
SecCertificateRef cert = (SecCertificateRef)CFArrayGetValueAtIndex(rootCerts, i);
CFDataRef certData;
if ((status = SecKeychainItemExport(cert, kSecFormatX509Cert, 0, NULL, &certData)) == noErr)
{
if (CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
CFDataGetBytePtr(certData), CFDataGetLength(certData),
CERT_STORE_ADD_NEW, NULL))
ret = TRUE;
else
WARN("adding root cert %d failed: %08x\n", i, GetLastError());
CFRelease(certData);
}
else
WARN("could not export certificate %d to X509 format: 0x%08x\n", i, (unsigned int)status);
}
CFRelease(rootCerts);
}
#endif
for (i = 0; !ret && for (i = 0; !ret &&
i < sizeof(CRYPT_knownLocations) / sizeof(CRYPT_knownLocations[0]); i < sizeof(CRYPT_knownLocations) / sizeof(CRYPT_knownLocations[0]);
i++) i++)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment