Implement SSL certificate error handling on the Mac. If the user gives

us bad certs to allow, we tell SecureTransport to not verify the server
cert, and only allow the cert to be one of the bad certs the user allows.

In the future we should figure out how to verify the server cert ourselves.

R=avi,eroman
BUG=http://crbug.com/11983
TEST=Visit https://www.ssl247.com/ and https://alioth.debian.org/.  Clicking
the "Proceed anyway" button should bring you to the site with a red
"https" in the location bar. 
Review URL: http://codereview.chromium.org/165191

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@23321 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 4 insertions, 1 deletions

diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc
index 1a1b2f0..a3f5513 100644
--- a/net/http/http_network_transaction.cc
+++ b/net/http/http_network_transaction.cc
@@ -1378,7 +1378,10 @@ int HttpNetworkTransaction::HandleCertificateError(int error) {
     // SSL info object. This data structure will be consulted after calling
     // RestartIgnoringLastError(). And the user will be asked interactively
     // before RestartIgnoringLastError() is ever called.
-    ssl_config_.allowed_bad_certs_.insert(response_.ssl_info.cert);
+    SSLConfig::CertAndStatus bad_cert;
+    bad_cert.cert = response_.ssl_info.cert;
+    bad_cert.cert_status = response_.ssl_info.cert_status;
+    ssl_config_.allowed_bad_certs.push_back(bad_cert);
   }
   return error;
 }