2 files changed, 13 insertions, 7 deletions

diff --git a/chrome/browser/ssl/ssl_browser_tests.cc b/chrome/browser/ssl/ssl_browser_tests.cc
index fb3d447..d6ef458 100644
--- a/chrome/browser/ssl/ssl_browser_tests.cc
+++ b/chrome/browser/ssl/ssl_browser_tests.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -65,6 +65,9 @@ class SSLUITest : public InProcessBrowserTest {
               entry->page_type());
     EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN,
               entry->ssl().security_style());
+    // CERT_STATUS_UNABLE_TO_CHECK_REVOCATION doesn't lower the security style
+    // to SECURITY_STYLE_AUTHENTICATION_BROKEN.
+    ASSERT_NE(net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, error);
     EXPECT_EQ(error, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS);
     EXPECT_FALSE(entry->ssl().has_mixed_content());
     EXPECT_FALSE(entry->ssl().has_unsafe_content());
diff --git a/chrome/browser/ssl/ssl_policy.cc b/chrome/browser/ssl/ssl_policy.cc
index 2f21e5d..5f15772 100644
--- a/chrome/browser/ssl/ssl_policy.cc
+++ b/chrome/browser/ssl/ssl_policy.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -67,10 +67,9 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
       handler->ContinueRequest();
       break;
     case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION:
-      // We ignore this error and display an infobar.
+      // We ignore this error but will show a warning status in the location
+      // bar.
       handler->ContinueRequest();
-      backend_->ShowMessage(l10n_util::GetString(
-          IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_INFO_BAR));
       break;
     case net::ERR_CERT_CONTAINS_ERRORS:
     case net::ERR_CERT_REVOKED:
@@ -127,8 +126,12 @@ void SSLPolicy::UpdateEntry(NavigationEntry* entry) {
     return;
   }
 
-  if (net::IsCertStatusError(entry->ssl().cert_status())) {
-    entry->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN);
+  // If CERT_STATUS_UNABLE_TO_CHECK_REVOCATION is the only certificate error,
+  // don't lower the security style to SECURITY_STYLE_AUTHENTICATION_BROKEN.
+  int cert_errors = entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS;
+  if (cert_errors) {
+    if (cert_errors != net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION)
+      entry->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN);
     return;
   }