Revert the following change in r93346:

  Change !verify_result->cert_status to
  !IsCertStatusError(verify_result->cert_status) because
  verify_result->cert_status may contain non-error status bits,
  such as whether revocation checking was done.
because it introduced a bug.

TBR=rsleevi@chromium.org
BUG=88135,90146
TEST=none
Review URL: http://codereview.chromium.org/7513005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94007 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 2 insertions, 3 deletions

diff --git a/net/base/x509_certificate_mac.cc b/net/base/x509_certificate_mac.cc
index cffcac8..1f16f20 100644
--- a/net/base/x509_certificate_mac.cc
+++ b/net/base/x509_certificate_mac.cc
@@ -921,8 +921,7 @@ int X509Certificate::VerifyInternal(const std::string& hostname,
       // call to SecTrustGetCssmResultCode() should pick up when the chain
       // is not trusted and the loop through CSSM_TP_APPLE_EVIDENCE_INFO
       // should pick up everything else, but let's be safe.
-      if (!IsCertStatusError(verify_result->cert_status) &&
-          !got_certificate_error) {
+      if (!verify_result->cert_status && !got_certificate_error) {
         LOG(ERROR) << "cssm_result=" << cssm_result;
         verify_result->cert_status |= CERT_STATUS_INVALID;
         NOTREACHED();
@@ -934,7 +933,7 @@ int X509Certificate::VerifyInternal(const std::string& hostname,
       if (status)
         return NetErrorFromOSStatus(status);
       verify_result->cert_status |= CertStatusFromOSStatus(cssm_result);
-      if (!IsCertStatusError(verify_result->cert_status)) {
+      if (!verify_result->cert_status) {
         LOG(WARNING) << "trust_result=" << trust_result;
         verify_result->cert_status |= CERT_STATUS_INVALID;
       }