From cc33eb7dcbe80a9dce2ff37f120ed0f2af0cce33 Mon Sep 17 00:00:00 2001
From: "rsleevi@chromium.org"
 <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 24 Oct 2013 08:14:15 +0000
Subject: Add a histogram for measuring the number of times we fall back to
 common name matching, when a certificate lacks a subjectAltName

BUG=308330

Review URL: https://codereview.chromium.org/27624002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@230679 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/cert/cert_verify_proc_nss.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'net/cert/cert_verify_proc_nss.cc')

diff --git a/net/cert/cert_verify_proc_nss.cc b/net/cert/cert_verify_proc_nss.cc
index 0a0743c..31c38c7f 100644
--- a/net/cert/cert_verify_proc_nss.cc
+++ b/net/cert/cert_verify_proc_nss.cc
@@ -763,9 +763,10 @@ int CertVerifyProcNSS::VerifyInternal(
   CERTCertificate* cert_handle = cert->os_cert_handle();
 #endif  // defined(OS_IOS)
 
-  // Make sure that the hostname matches with the common name of the cert.
-  if (!cert->VerifyNameMatch(hostname))
+  if (!cert->VerifyNameMatch(hostname,
+                             &verify_result->common_name_fallback_used)) {
     verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
+  }
 
   // Make sure that the cert is valid now.
   SECCertTimeValidity validity = CERT_CheckCertValidTimes(
-- 
cgit v1.1