diff options
author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-01-29 03:25:04 +0000 |
---|---|---|
committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-01-29 03:25:04 +0000 |
commit | 09a1bd76e3fd08b2ba0035af7ee2f0b60661174b (patch) | |
tree | 825db69ff522a1bacecf9b58eef87b01747509c8 /net/http/http_cache.cc | |
parent | 507bdd1707edb7a90971f90e9b7e654c96cbb810 (diff) | |
download | chromium_src-09a1bd76e3fd08b2ba0035af7ee2f0b60661174b.zip chromium_src-09a1bd76e3fd08b2ba0035af7ee2f0b60661174b.tar.gz chromium_src-09a1bd76e3fd08b2ba0035af7ee2f0b60661174b.tar.bz2 |
Work around our not caching the intermediate CA
certificates by passing the source of each OSCertHandle to
CreateFromHandle and the X509Certificate constructor. If
the OSCertHandle comes from the network layer, we know it
has a complete certificate chain and therefore prefer it to
an OSCertHandle that comes from the HTTP cache, which
doesn't have the intermediate CA certificates. A
certificate from the network layer can kick out a
certificate from the HTTP cache in our certificate cache.
This workaround seems good enough to fix all the known
symptoms of not caching the intermediate CA certificates.
Move the common code in x509_certificate_<os>.cc to
x509_certificate.cc.
R=eroman
BUG=3154,7065
Review URL: http://codereview.chromium.org/18836
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@8864 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_cache.cc')
-rw-r--r-- | net/http/http_cache.cc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/http/http_cache.cc b/net/http/http_cache.cc index fe0a130..accd7da 100644 --- a/net/http/http_cache.cc +++ b/net/http/http_cache.cc @@ -855,6 +855,8 @@ void HttpCache::Transaction::OnNetworkInfoAvailable(int result) { if (mode_ == READ_WRITE) { if (new_response->headers->response_code() == 304) { // Update cached response based on headers in new_response + // TODO(wtc): should we update cached certificate + // (response_.ssl_info), too? response_.headers->Update(*new_response->headers); if (response_.headers->HasHeaderValue("cache-control", "no-store")) { cache_->DoomEntry(cache_key_); |