From fe697a2f570379091050ac3dc0b3a122883c63ab Mon Sep 17 00:00:00 2001 From: "rsleevi@chromium.org" Date: Sat, 5 Nov 2011 04:32:59 +0000 Subject: Do not chase AIA information when locating client certificates on Windows. BUG=103099 Review URL: http://codereview.chromium.org/8437078 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108775 0039d316-1c4b-4281-b951-d872f2087c98 --- net/socket/ssl_client_socket_nss.cc | 4 +++- net/socket/ssl_client_socket_win.cc | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc index 7426c10..0c948a4 100644 --- a/net/socket/ssl_client_socket_nss.cc +++ b/net/socket/ssl_client_socket_nss.cc @@ -2278,12 +2278,14 @@ SECStatus SSLClientSocketNSS::PlatformClientAuthHandler( find_by_issuer_para.pfnFindCallback = ClientCertFindCallback; PCCERT_CHAIN_CONTEXT chain_context = NULL; + DWORD find_flags = CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG | + CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG; for (;;) { // Find a certificate chain. chain_context = CertFindChainInStore(my_cert_store, X509_ASN_ENCODING, - 0, + find_flags, CERT_CHAIN_FIND_BY_ISSUER, &find_by_issuer_para, chain_context); diff --git a/net/socket/ssl_client_socket_win.cc b/net/socket/ssl_client_socket_win.cc index 98dde95..138265a 100644 --- a/net/socket/ssl_client_socket_win.cc +++ b/net/socket/ssl_client_socket_win.cc @@ -506,12 +506,14 @@ void SSLClientSocketWin::GetSSLCertRequestInfo( find_by_issuer_para.pfnFindCallback = ClientCertFindCallback; PCCERT_CHAIN_CONTEXT chain_context = NULL; + DWORD find_flags = CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_FLAG | + CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG; for (;;) { // Find a certificate chain. chain_context = CertFindChainInStore(my_cert_store, X509_ASN_ENCODING, - 0, + find_flags, CERT_CHAIN_FIND_BY_ISSUER, &find_by_issuer_para, chain_context); -- cgit v1.1