net/socket/ssl_client_socket_mac.cc - Issue 6874039: Return the constructed certificate chain in X509Certificate::Verify()

Unified Diff: net/socket/ssl_client_socket_mac.cc

Issue 6874039: Return the constructed certificate chain in X509Certificate::Verify() (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Ensure the EE cert is marked as a TLS server cert, not a CA cert Created 9 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: net/socket/ssl_client_socket_mac.cc

diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc

index 6a2f821ff3c94fd5ec5feb44ca4a018a262fbe53..926abcb9dfab221da5c62bc3ff0608e89cdddc0f 100644

--- a/net/socket/ssl_client_socket_mac.cc

+++ b/net/socket/ssl_client_socket_mac.cc

@@ -702,12 +702,12 @@ bool SSLClientSocketMac::SetSendBufferSize(int32 size) {

void SSLClientSocketMac::GetSSLInfo(SSLInfo* ssl_info) {

ssl_info->Reset();

- if (!server_cert_) {

wtc 2011/07/26 00:16:35 Does this mean we can set server_cert_ to NULL as

Ryan Sleevi 2011/07/26 00:44:15 Not without further updates. The SSLClientSocket*

wtc 2011/07/26 01:37:54 Those two bugs should be marked WontFix. I rememb

Ryan Sleevi 2011/07/26 01:57:17 I agree that we shouldn't emulate the server cert

+ if (!server_cert_verify_result_.verified_cert) {

NOTREACHED();

return;

}

- ssl_info->cert = server_cert_;

+ ssl_info->cert = server_cert_verify_result_.verified_cert;

ssl_info->cert_status = server_cert_verify_result_.cert_status;

ssl_info->public_key_hashes = server_cert_verify_result_.public_key_hashes;

ssl_info->is_issued_by_known_root =