X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=blobdiff_plain;f=mcs%2Fclass%2FSystem%2FMono.AppleTls%2FAppleCertificateHelper.cs;h=073f16080044f4d5315b339ea99418573e80d51c;hb=74a87af7f580c59f524f79508e4ad32ccff0870a;hp=d3b29fa2721179ad4337eff51a0b33239b3a3801;hpb=d4bd4f00917bd9acac1f7c801ae04be53a73b4d1;p=mono.git

diff --git a/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs b/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
index d3b29fa2721..073f1608004 100644
--- a/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
@@ -133,28 +133,28 @@ namespace Mono.AppleTls
 					targetHost = targetHost.Substring (0, pos);
 			}
 
-			var policy = SecPolicy.CreateSslPolicy (!serverMode, targetHost);
-			var trust = new SecTrust (certificates, policy);
-
-			if (validator.Settings.TrustAnchors != null) {
-				var status = trust.SetAnchorCertificates (validator.Settings.TrustAnchors);
-				if (status != SecStatusCode.Success)
-					throw new InvalidOperationException (status.ToString ());
-				trust.SetAnchorCertificatesOnly (false);
-			}
-
-			if (validator.Settings.CertificateValidationTime != null) {
-				var status = trust.SetVerifyDate (validator.Settings.CertificateValidationTime.Value);
-				if (status != SecStatusCode.Success)
-					throw new InvalidOperationException (status.ToString ());
+			using (var policy = SecPolicy.CreateSslPolicy (!serverMode, targetHost))
+			using (var trust = new SecTrust (certificates, policy)) {
+				if (validator.Settings.TrustAnchors != null) {
+					var status = trust.SetAnchorCertificates (validator.Settings.TrustAnchors);
+					if (status != SecStatusCode.Success)
+						throw new InvalidOperationException (status.ToString ());
+					trust.SetAnchorCertificatesOnly (false);
+				}
+
+				if (validator.Settings.CertificateValidationTime != null) {
+					var status = trust.SetVerifyDate (validator.Settings.CertificateValidationTime.Value);
+					if (status != SecStatusCode.Success)
+						throw new InvalidOperationException (status.ToString ());
+				}
+
+				var result = trust.Evaluate ();
+				if (result == SecTrustResult.Unspecified || result == SecTrustResult.Proceed)
+					return true;
+
+				errors |= MonoSslPolicyErrors.RemoteCertificateChainErrors;
+				return false;
 			}
-
-			var result = trust.Evaluate ();
-			if (result == SecTrustResult.Unspecified)
-				return true;
-
-			errors |= MonoSslPolicyErrors.RemoteCertificateChainErrors;
-			return false;
 		}
 	}
 }