diff options
| author | cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-27 22:14:22 +0000 |
|---|---|---|
| committer | cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-27 22:14:22 +0000 |
| commit | 4b61871613bc37cae4eea36183f640f47340c27f (patch) | |
| tree | b275907c86c69b85ae3d7819bf03915b08704875 /net | |
| parent | b9028a61d16188eb566df59a4dc7b42bda4bf065 (diff) | |
| download | chromium_src-4b61871613bc37cae4eea36183f640f47340c27f.zip chromium_src-4b61871613bc37cae4eea36183f640f47340c27f.tar.gz chromium_src-4b61871613bc37cae4eea36183f640f47340c27f.tar.bz2 | |
Merge 83199 - Fix https://m.gmail.com/ and https://m.googlemail.com/, which don't return a
matching CN even with SNI.
BUG=80642
TEST=TransportSecurityStateTest.Preloaded
Review URL: http://codereview.chromium.org/6902064
TBR=cevans@chromium.org
Review URL: http://codereview.chromium.org/6903086
git-svn-id: svn://svn.chromium.org/chrome/branches/742/src@83229 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/base/transport_security_state.cc | 6 | ||||
| -rw-r--r-- | net/base/transport_security_state_unittest.cc | 12 |
2 files changed, 14 insertions, 4 deletions
diff --git a/net/base/transport_security_state.cc b/net/base/transport_security_state.cc index 4d36d350..af4e866 100644 --- a/net/base/transport_security_state.cc +++ b/net/base/transport_security_state.cc @@ -559,8 +559,10 @@ bool TransportSecurityState::IsPreloadedSTS( bool include_subdomains; char dns_name[30]; } kPreloadedSNISTS[] = { - {11, true, "\005gmail\003com"}, - {16, true, "\012googlemail\003com"}, + {11, false, "\005gmail\003com"}, + {16, false, "\012googlemail\003com"}, + {15, false, "\003www\005gmail\003com"}, + {20, false, "\003www\012googlemail\003com"}, }; static const size_t kNumPreloadedSNISTS = ARRAYSIZE_UNSAFE(kPreloadedSNISTS); diff --git a/net/base/transport_security_state_unittest.cc b/net/base/transport_security_state_unittest.cc index 30377a5..dd6867f 100644 --- a/net/base/transport_security_state_unittest.cc +++ b/net/base/transport_security_state_unittest.cc @@ -497,16 +497,24 @@ TEST_F(TransportSecurityStateTest, Preloaded) { EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "gmail.com", true)); EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.gmail.com", true)); + EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "m.gmail.com", true)); EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "googlemail.com", true)); EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.googlemail.com", true)); + EXPECT_FALSE(state->IsEnabledForHost(&domain_state, + "m.googlemail.com", + true)); EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "gmail.com", false)); EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.gmail.com", false)); + EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "m.gmail.com", false)); EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "googlemail.com", false)); EXPECT_FALSE(state->IsEnabledForHost(&domain_state, - "www.googlemail.com", - false)); + "www.googlemail.com", + false)); + EXPECT_FALSE(state->IsEnabledForHost(&domain_state, + "m.googlemail.com", + false)); } TEST_F(TransportSecurityStateTest, LongNames) { |