summaryrefslogtreecommitdiffstats
path: root/base/worker_pool_linux.cc
diff options
context:
space:
mode:
authorukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-05-28 08:45:19 +0000
committerukai@chromium.org <ukai@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-05-28 08:45:19 +0000
commit82fbbe66c39262147ee501daa1df53e3b669e385 (patch)
tree3895314901a464e30cd60ed4471462d16870a3f6 /base/worker_pool_linux.cc
parent8cb4689636ed19bfd3291602e59eedb194ba55cb (diff)
downloadchromium_src-82fbbe66c39262147ee501daa1df53e3b669e385.zip
chromium_src-82fbbe66c39262147ee501daa1df53e3b669e385.tar.gz
chromium_src-82fbbe66c39262147ee501daa1df53e3b669e385.tar.bz2
Implement X509Certificate::Verify for Linux.
Use CERT_PKIXVerifyCert() with CRL to verify certificate. With OCSP, CERT_PKIXVerifyCert() failed with SEC_ERROR_INVALID_ARGS. Increase stack size. It was not enough size if we use CERT_PKIXVerifyCert() on some sites. For example, https://www.google.com/ works, but https://bugs.webkit.org/ or https://www.thawte.com/ would die by SIGSEGV. This is because pkix_List_Destroy() routine destroys PKIX_List recursively, so if there are some long PKIX_Lists, it consumes stack a lot and dies by stack overflow. Note that X509Certificate::Verify isn't used in SSLClientSocketNSS yet. BUG=10911 TEST=net_unittests passes Review URL: http://codereview.chromium.org/113578 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17071 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/worker_pool_linux.cc')
-rw-r--r--base/worker_pool_linux.cc4
1 files changed, 3 insertions, 1 deletions
diff --git a/base/worker_pool_linux.cc b/base/worker_pool_linux.cc
index a650b3b..31fcef1 100644
--- a/base/worker_pool_linux.cc
+++ b/base/worker_pool_linux.cc
@@ -15,7 +15,9 @@
namespace {
const int kIdleSecondsBeforeExit = 10 * 60;
-const int kWorkerThreadStackSize = 64 * 1024;
+// A stack size of 64 KB is too small for the CERT_PKIXVerifyCert
+// function of NSS because of NSS bug 439169.
+const int kWorkerThreadStackSize = 128 * 1024;
class WorkerPoolImpl {
public:
generated by cgit v1.1 at 2025-01-20 21:59:10 +0000