diff options
| author | David Benjamin <davidben@chromium.org> | 2015-10-06 12:45:59 -0400 |
|---|---|---|
| committer | David Benjamin <davidben@chromium.org> | 2015-10-06 16:49:54 +0000 |
| commit | 1d86df29cf184213f2a98b95e30d8d171d091c9d (patch) | |
| tree | 38457adfd116101ebae703ae00d8456a0e54bbfc | |
| parent | 3b63877aa8b35fd7a94641063db97f0aa319cb6f (diff) | |
| download | chromium_src-1d86df29cf184213f2a98b95e30d8d171d091c9d.zip chromium_src-1d86df29cf184213f2a98b95e30d8d171d091c9d.tar.gz chromium_src-1d86df29cf184213f2a98b95e30d8d171d091c9d.tar.bz2 | |
Call EnsureNSSHttpIOInit in the chimera build.
Otherwise we end up using the default NSS client and not
SystemURLRequestContext.
This is a minimal fix to be merged onto release branches.
A follow-up will revise this to be somewhat less error-prone.
BUG=539520
TEST=Open about:net-internals on Linux or Chrome OS
Visit https://incomplete-chain.badssl.com/ in a new tab
The Events tab of about:net-internals should show a fetch for http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
Review URL: https://codereview.chromium.org/1384343002
Cr-Commit-Position: refs/heads/master@{#352536}
(cherry picked from commit a477a70ad63769c456ed87b78830e2ccbf75d583)
TBR=rsleevi@chromium.org
Review URL: https://codereview.chromium.org/1377973006 .
Cr-Commit-Position: refs/branch-heads/2490@{#503}
Cr-Branched-From: 7790a3535f2a81a03685eca31a32cf69ae0c114f-refs/heads/master@{#344925}
| -rw-r--r-- | net/socket/ssl_client_socket_openssl.cc | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc index 721b69c..e61816d 100644 --- a/net/socket/ssl_client_socket_openssl.cc +++ b/net/socket/ssl_client_socket_openssl.cc @@ -57,6 +57,10 @@ #include "net/ssl/ssl_platform_key.h" #endif +#if defined(USE_NSS_CERTS) || defined(OS_IOS) +#include "net/cert_net/nss_ocsp.h" +#endif + namespace net { namespace { @@ -805,6 +809,14 @@ int SSLClientSocketOpenSSL::Init() { DCHECK(!ssl_); DCHECK(!transport_bio_); +#if defined(USE_NSS_CERTS) || defined(OS_IOS) + if (ssl_config_.cert_io_enabled) { + // TODO(davidben): Move this out of SSLClientSocket. See + // https://crbug.com/539520. + EnsureNSSHttpIOInit(); + } +#endif + SSLContext* context = SSLContext::GetInstance(); crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |