diff options
| author | davidben <davidben@chromium.org> | 2015-04-27 11:08:36 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-04-27 18:08:35 +0000 |
| commit | 15f5713c41825ea900cd6dc4f6de4a6d3fff538d (patch) | |
| tree | fb3ed80bbd349e8e1f1c22b48c2483bc2bca5934 /net/cert/cert_verify_proc.cc | |
| parent | 25f1faa117156fcf67dc910d551e8225c50bfe75 (diff) | |
| download | chromium_src-15f5713c41825ea900cd6dc4f6de4a6d3fff538d.zip chromium_src-15f5713c41825ea900cd6dc4f6de4a6d3fff538d.tar.gz chromium_src-15f5713c41825ea900cd6dc4f6de4a6d3fff538d.tar.bz2 | |
Route OCSP stapling through CertVerifier.
This moves the platform-specific OCSP stapling code out of SSLClientSocket,
which enables OCSP stapling on the chimera build. It'll also make it easier to
support OCSP stapling on OS X, where a stapled OCSP response is a property of
the certificate verification (as it should be) and not the certificate.
BUG=430714,479034
Review URL: https://codereview.chromium.org/1081913003
Cr-Commit-Position: refs/heads/master@{#327070}
Diffstat (limited to 'net/cert/cert_verify_proc.cc')
| -rw-r--r-- | net/cert/cert_verify_proc.cc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/cert/cert_verify_proc.cc b/net/cert/cert_verify_proc.cc index 1e3fc89..9ea19b4 100644 --- a/net/cert/cert_verify_proc.cc +++ b/net/cert/cert_verify_proc.cc @@ -190,6 +190,7 @@ CertVerifyProc::~CertVerifyProc() {} int CertVerifyProc::Verify(X509Certificate* cert, const std::string& hostname, + const std::string& ocsp_response, int flags, CRLSet* crl_set, const CertificateList& additional_trust_anchors, @@ -209,7 +210,7 @@ int CertVerifyProc::Verify(X509Certificate* cert, if (flags & CertVerifier::VERIFY_EV_CERT) flags |= CertVerifier::VERIFY_REV_CHECKING_ENABLED_EV_ONLY; - int rv = VerifyInternal(cert, hostname, flags, crl_set, + int rv = VerifyInternal(cert, hostname, ocsp_response, flags, crl_set, additional_trust_anchors, verify_result); UMA_HISTOGRAM_BOOLEAN("Net.CertCommonNameFallback", |