Retry failed calls to open SecTrust enumerators.

bartonjs · bartonjs · commit 6585f9c23365 · 2017-05-12T11:28:03.000-07:00
It doesn't seem to fail very often, but I've seen it fail, and CI has seen it fail.
Presumably there's some sort of race/sync condition in the OS that's being
encountered, so treat it as an intermittent problem and retry.
diff --git a/src/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Trust.cs b/src/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Trust.cs
@@ -55,36 +55,50 @@ private static SafeCFArrayHandle EnumerateStore(
             StoreEnumerator userEnumerator,
             StoreEnumerator machineEnumerator)
         {
-            int result;
-            SafeCFArrayHandle matches;
-            int osStatus;
+            const int RetryLimit = 3;
+            int osStatus = 0;
 
-            if (location == StoreLocation.CurrentUser)
+            // Occasionally calls to enumerate the trust list get errSecInvalidRecord.
+            // So, if we fail with result 0 ("see osStatus") just retry and see if the
+            // intermediate state has flushed itself.
+            for (int i = 0; i < RetryLimit; i++)
             {
-                result = userEnumerator(out matches, out osStatus);
-            }
-            else if (location == StoreLocation.LocalMachine)
-            {
-                result = machineEnumerator(out matches, out osStatus);
-            }
-            else
-            {
-                Debug.Fail($"Unrecognized StoreLocation value: {location}");
-                throw new CryptographicException();
-            }
+                int result;
+                SafeCFArrayHandle matches;
 
-            if (result == 1)
-            {
-                return matches;
-            }
+                if (location == StoreLocation.CurrentUser)
+                {
+                    result = userEnumerator(out matches, out osStatus);
+                }
+                else if (location == StoreLocation.LocalMachine)
+                {
+                    result = machineEnumerator(out matches, out osStatus);
+                }
+                else
+                {
+                    Debug.Fail($"Unrecognized StoreLocation value: {location}");
+                    throw new CryptographicException();
+                }
+
+                if (result == 1)
+                {
+                    return matches;
+                }
 
-            matches.Dispose();
+                matches.Dispose();
 
-            if (result == 0)
-                throw CreateExceptionForOSStatus(osStatus);
+                if (result == 0)
+                {
+                    // Instead of limiting it to particular error codes, just try it again.
+                    // A permanent error will be stable, a temporary one will hopefully go away.
+                    continue;
+                }
+
+                Debug.Fail($"Unexpected result from {location} trust store enumeration: {result}");
+                throw new CryptographicException();
+            }
 
-            Debug.Fail($"Unexpected result from {location} trust store enumeration: {result}");
-            throw new CryptographicException();
+            throw CreateExceptionForOSStatus(osStatus);
         }
     }
 }
