From 3768122148fcc0183f8d76efc0fd743096c50767 Mon Sep 17 00:00:00 2001 From: "sergeyu@chromium.org" Date: Mon, 20 Jun 2011 18:33:57 +0000 Subject: Remove gmail cert from SSLSocketAdapter. BUG=None TEST=connection still works. Review URL: http://codereview.chromium.org/7201018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@89699 0039d316-1c4b-4281-b951-d872f2087c98 --- remoting/jingle_glue/ssl_socket_adapter.cc | 38 ------------------------------ 1 file changed, 38 deletions(-) (limited to 'remoting/jingle_glue') diff --git a/remoting/jingle_glue/ssl_socket_adapter.cc b/remoting/jingle_glue/ssl_socket_adapter.cc index 1111929..101ce3d 100644 --- a/remoting/jingle_glue/ssl_socket_adapter.cc +++ b/remoting/jingle_glue/ssl_socket_adapter.cc @@ -19,33 +19,6 @@ namespace remoting { -namespace { - -// NSS doesn't load root certificates when running in sandbox, so we -// need to have gmail's cert hardcoded. -// -// TODO(sergeyu): Remove this when we don't make XMPP connection from -// inside of sandbox. -const char kGmailCertBase64[] = - "MIIC2TCCAkKgAwIBAgIDBz+SMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT" - "MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0" - "aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcwNDExMTcxNzM4WhcNMTIwNDEwMTcxNzM4" - "WjBkMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN" - "TW91bnRhaW4gVmlldzEUMBIGA1UEChMLR29vZ2xlIEluYy4xEjAQBgNVBAMTCWdt" - "YWlsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1Hds2jWwXAVGef06" - "7PeSJF/h9BnoYlTdykx0lBTDc92/JLvuq0lJkytqll1UR4kHmF4vwqQkwcqOK03w" - "k8qDK8fh6M13PYhvPEXP02ozsuL3vqE8hcCva2B9HVnOPY17Qok37rYQ+yexswN5" - "eh0+93nddEa1PyHgEQ8CDKCJaWUCAwEAAaOBrjCBqzAOBgNVHQ8BAf8EBAMCBPAw" - "HQYDVR0OBBYEFJcjzXEevMEDIEvuQiT7puEJY737MDoGA1UdHwQzMDEwL6AtoCuG" - "KWh0dHA6Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvc2VjdXJlY2EuY3JsMB8GA1Ud" - "IwQYMBaAFEjmaPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdJQQWMBQGCCsGAQUFBwMB" - "BggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOBgQB74cGpjdENf9U+WEd29dfzY3Tz" - "JehnlY5cH5as8bOTe7PNPzj967OJ7TPWEycMwlS7CsqIsmfRGOFFfoHxo+iPugZ8" - "uO2Kd++QHCXL+MumGjkW4FcTFmceV/Q12Wdh3WApcqIZZciQ79MAeFh7bzteAYqf" - "wC98YQwylC9wVhf1yw=="; - -} // namespace - SSLSocketAdapter* SSLSocketAdapter::Create(AsyncSocket* socket) { return new SSLSocketAdapter(socket); } @@ -96,17 +69,6 @@ int SSLSocketAdapter::BeginSSL() { // object. net::SSLConfig ssl_config; - std::string gmail_cert_binary; - base::Base64Decode(kGmailCertBase64, &gmail_cert_binary); - scoped_refptr gmail_cert = - net::X509Certificate::CreateFromBytes(gmail_cert_binary.data(), - gmail_cert_binary.size()); - DCHECK(gmail_cert); - net::SSLConfig::CertAndStatus gmail_cert_status; - gmail_cert_status.cert = gmail_cert; - gmail_cert_status.cert_status = 0; - ssl_config.allowed_bad_certs.push_back(gmail_cert_status); - transport_socket_->set_addr(talk_base::SocketAddress(hostname_, 0)); ssl_socket_.reset( net::ClientSocketFactory::GetDefaultFactory()->CreateSSLClientSocket( -- cgit v1.1