diff options
| author | joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-08 09:52:48 +0000 |
|---|---|---|
| committer | joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-08 09:52:48 +0000 |
| commit | 7a91190005614801f63ef7b8d80b705718f23b00 (patch) | |
| tree | 9af9f8f66bb445f8878561810d2a136dc8098553 /net | |
| parent | 075e8e5e944ad91696e50ff8663333a7ee294af3 (diff) | |
| download | chromium_src-7a91190005614801f63ef7b8d80b705718f23b00.zip chromium_src-7a91190005614801f63ef7b8d80b705718f23b00.tar.gz chromium_src-7a91190005614801f63ef7b8d80b705718f23b00.tar.bz2 | |
Fix opensll, in follow up to http://src.chromium.org/viewvc/chrome?view=rev&revision=80778
BUG=None
TEST=./out/Debug/net_unittests --gtest_filter=X509CertificateTest.DISABLED_TestKnownRoot --vmodule=*openssl*=3 --gtest_also_run_disabled_tests
Review URL: http://codereview.chromium.org/6816020
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80916 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/base/x509_certificate_openssl.cc | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc index 0d2c12e..433ca0d 100644 --- a/net/base/x509_certificate_openssl.cc +++ b/net/base/x509_certificate_openssl.cc @@ -475,6 +475,13 @@ int X509Certificate::Verify(const std::string& hostname, if (IsCertStatusError(verify_result->cert_status)) return MapCertStatusToNetError(verify_result->cert_status); + // Currently we only ues OpenSSL's default root CA paths, so treat all + // correctly verified certs as being from a known root. TODO(joth): if the + // motivations described in http://src.chromium.org/viewvc/chrome?view=rev&revision=80778 + // become an issue on OpenSSL builds, we will need to embed a hardcoded list + // of well known root CAs, as per the _mac and _win versions. + verify_result->is_issued_by_known_root = true; + return OK; } |