X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_keychain/lib/TrustAdditions.cpp diff --git a/OSX/libsecurity_keychain/lib/TrustAdditions.cpp b/OSX/libsecurity_keychain/lib/TrustAdditions.cpp index a79bfaff..4465256b 100644 --- a/OSX/libsecurity_keychain/lib/TrustAdditions.cpp +++ b/OSX/libsecurity_keychain/lib/TrustAdditions.cpp @@ -80,18 +80,18 @@ static const char *X509ANCHORS_SYSTEM_PATH = "/System/Library/Keychains/X509Anch // // Static functions // -static CFArrayRef _allowedRootCertificatesForOidString(CFStringRef oidString); +static CFArrayRef CF_RETURNS_RETAINED _allowedRootCertificatesForOidString(CFStringRef oidString); static CSSM_DATA_PTR _copyFieldDataForOid(CSSM_OID_PTR oid, CSSM_DATA_PTR cert, CSSM_CL_HANDLE clHandle); -static CFStringRef _decimalStringForOid(CSSM_OID_PTR oid); -static CFDictionaryRef _evCAOidDict(); +static CFStringRef CF_RETURNS_RETAINED _decimalStringForOid(CSSM_OID_PTR oid); +static CFDictionaryRef CF_RETURNS_RETAINED _evCAOidDict(); static void _freeFieldData(CSSM_DATA_PTR value, CSSM_OID_PTR oid, CSSM_CL_HANDLE clHandle); -static CFStringRef _oidStringForCertificatePolicies(const CE_CertPolicies *certPolicies); +static CFStringRef CF_RETURNS_RETAINED _oidStringForCertificatePolicies(const CE_CertPolicies *certPolicies); static SecCertificateRef _rootCertificateWithSubjectOfCertificate(SecCertificateRef certificate); static SecCertificateRef _rootCertificateWithSubjectKeyIDOfCertificate(SecCertificateRef certificate); // utility function to safely release (and clear) the given CFTypeRef variable. // -static void SafeCFRelease(void *cfTypeRefPtr) +static void SafeCFRelease(void * CF_CONSUMED cfTypeRefPtr) { CFTypeRef *obj = (CFTypeRef *)cfTypeRefPtr; if (obj && *obj) { @@ -103,7 +103,7 @@ static void SafeCFRelease(void *cfTypeRefPtr) // utility function to create a CFDataRef from the contents of the specified file; // caller must release // -static CFDataRef dataWithContentsOfFile(const char *fileName) +static CFDataRef CF_RETURNS_RETAINED dataWithContentsOfFile(const char *fileName) { int rtn; int fd; @@ -194,7 +194,7 @@ static SecKeychainRef systemRootStore() // returns a CFDictionaryRef created from the specified XML plist file; caller must release // -static CFDictionaryRef dictionaryWithContentsOfPlistFile(const char *fileName) +static CFDictionaryRef CF_RETURNS_RETAINED dictionaryWithContentsOfPlistFile(const char *fileName) { CFDictionaryRef resultDict = NULL; CFDataRef fileData = dataWithContentsOfFile(fileName); @@ -416,7 +416,6 @@ static SecCertificateRef _rootCertificateWithSubjectOfCertificate(SecCertificate SecKeyRef keyRef = NULL; SecCertificateRef resultCert = NULL; // note: Sec* APIs are not re-entrant due to the API lock - // status = SecCertificateCopyPublicKey(certificate, &keyRef); BEGIN_SECAPI_INTERNAL_CALL keyRef = Certificate::required(certificate)->publicKey()->handle(); END_SECAPI_INTERNAL_CALL @@ -554,7 +553,7 @@ static SecCertificateRef _rootCertificateWithSubjectKeyIDOfCertificate(SecCertif // for the given EV OID (a hex string); caller must release the array // static -CFArrayRef _possibleRootCertificatesForOidString(CFStringRef oidString) +CFArrayRef CF_RETURNS_RETAINED _possibleRootCertificatesForOidString(CFStringRef oidString) { StLock _(SecTrustKeychainsGetMutex()); @@ -648,19 +647,15 @@ CFArrayRef _allowedRootCertificatesForOidString(CFStringRef oidString) CFIndex idx, count = CFArrayGetCount(possibleRootCertificates); for (idx=0; idx gOidStringForCertificatePoliciesMutex; -static CFStringRef _oidStringForCertificatePolicies(const CE_CertPolicies *certPolicies) +static CFStringRef CF_RETURNS_RETAINED _oidStringForCertificatePolicies(const CE_CertPolicies *certPolicies) { StLock _(gOidStringForCertificatePoliciesMutex());