--- a/Plugins/Purple Service/AIPurpleCertificateTrustWarningAlert.m Sat Jun 09 10:36:46 2012 -0400
+++ b/Plugins/Purple Service/AIPurpleCertificateTrustWarningAlert.m Sat Jun 09 15:32:00 2012 -0400
@@ -100,68 +100,38 @@
- (IBAction)showWindow:(id)sender {
- SecPolicySearchRef searchRef = NULL;
- err = SecCertificateGetData((SecCertificateRef)CFArrayGetValueAtIndex(certificates, 0), &data);
+ CFDataRef data = SecCertificateCopyData((SecCertificateRef)CFArrayGetValueAtIndex(certificates, 0)); // Did we ask the user to confirm this certificate before?
// Note that this information is not stored on the disk, which is on purpose.
NSUInteger oldCertHash = [[acceptedCertificates objectForKey:hostname] unsignedIntegerValue];
- NSData *certData = [[NSData alloc] initWithBytesNoCopy:data.Data length:data.Length freeWhenDone:NO];
- NSUInteger newCertHash = [certData hash];
+ NSUInteger newCertHash = [(__bridge NSData *)data hash]; if (oldCertHash == newCertHash) {
query_cert_cb(true, userdata);
- err = SecPolicySearchCreate(CSSM_CERT_X_509v3, &CSSMOID_APPLE_TP_SSL, NULL, &searchRef);
- err = SecPolicySearchCopyNext(searchRef, &policyRef);
NSAssert( UINT_MAX > [hostname length],
@"More string data than libpurple can handle. Abort." );
- CSSM_APPLE_TP_SSL_OPTIONS ssloptions = {
- .Version = CSSM_APPLE_TP_SSL_OPTS_VERSION,
- .ServerNameLen = (UInt32)([hostname length]+1),
- .ServerName = [hostname cStringUsingEncoding:NSASCIIStringEncoding],
- CSSM_DATA theCssmData = {
- .Length = sizeof(ssloptions),
- .Data = (uint8*)&ssloptions
- SecPolicySetValue(policyRef, &theCssmData); // Don't care about the error
+ policyRef = SecPolicyCreateSSL(YES, (__bridge CFStringRef)hostname); err = SecTrustCreateWithCertificates(certificates, policyRef, &trustRef);
// test whether we aren't already trusting this certificate
SecTrustResultType result;
err = SecTrustEvaluate(trustRef, &result);
@@ -210,7 +180,6 @@
query_cert_cb(false, userdata);
@@ -222,19 +191,7 @@
static SecPolicyRef SSLSecPolicyCopy()
- SecPolicyRef policy = NULL;
- SecPolicySearchRef policy_search;
- status = SecPolicySearchCreate(CSSM_CERT_X_509v3, &CSSMOID_APPLE_TP_SSL, NULL, &policy_search);
- status = SecPolicySearchCopyNext(policy_search, &policy);
- if (status != noErr) policy = NULL;
- CFRelease(policy_search);
+ return SecPolicyCreateSSL(NO, NULL); - (void)runTrustPanelOnWindow:(NSWindow *)window
@@ -290,16 +247,14 @@
* (doing otherwise might be particularily annoying on auto-reconnect)
- OSStatus err = SecCertificateGetData((SecCertificateRef)CFArrayGetValueAtIndex(certificates, 0), &certdata);
- [acceptedCertificates setObject:[NSNumber numberWithUnsignedInteger:[[NSData dataWithBytes:certdata.Data length:certdata.Length] hash]]
+ CFDataRef data = SecCertificateCopyData((SecCertificateRef)CFArrayGetValueAtIndex(certificates, 0)); + [acceptedCertificates setObject:[NSNumber numberWithUnsignedInteger:[(__bridge NSData *)data hash]]
[parentWindow performClose:nil];