Chromium Code Reviews| Index: net/base/cert_database_nss.cc |
| diff --git a/net/base/cert_database_nss.cc b/net/base/cert_database_nss.cc |
| index 8fb51e06001db72607a13d1d6e57f056baf98e88..004abb02a1a99446ef225bde410f65e6f4120ac1 100644 |
| --- a/net/base/cert_database_nss.cc |
| +++ b/net/base/cert_database_nss.cc |
| @@ -21,6 +21,12 @@ |
| #include "net/third_party/mozilla_security_manager/nsNSSCertTrust.h" |
| #include "net/third_party/mozilla_security_manager/nsPKCS12Blob.h" |
| +// In NSS 3.13, CERTDB_VALID_PEER was renamed CERTDB_TERMINAL_RECORD. So we use |
| +// the new name of the macro. |
| +#if !defined(CERTDB_TERMINAL_RECORD) |
| +#define CERTDB_TERMINAL_RECORD CERTDB_VALID_PEER |
| +#endif |
| + |
| // PSM = Mozilla's Personal Security Manager. |
| namespace psm = mozilla_security_manager; |
| @@ -236,6 +242,37 @@ unsigned int CertDatabase::GetCertTrust( |
| } |
| } |
| +bool CertDatabase::IsUntrusted(const X509Certificate* cert) const { |
| + CERTCertTrust nsstrust; |
| + SECStatus rv = CERT_GetCertTrust(cert->os_cert_handle(), &nsstrust); |
| + if (rv != SECSuccess) { |
| + LOG(ERROR) << "CERT_GetCertTrust failed with error " << PORT_GetError(); |
| + return false; |
| + } |
| + |
| + // handle explicitly distrusted certificates. |
|
wtc
2011/09/21 17:05:33
Nit: capitalize "handle".
|
| + unsigned int flags = SEC_GET_TRUST_FLAGS(&nsstrust, trustSSL); |
| + static const unsigned int kTrusted = CERTDB_TRUSTED_CA | CERTDB_TRUSTED; |
| + if ((flags & CERTDB_TERMINAL_RECORD) && (flags & kTrusted) == 0) { |
| + // In a terminal trust record, three bits may be set: CERTDB_VALID_CA, |
| + // CERTDB_TRUSTED_CA, and CERTDB_TRUSTED. The CERTDB_VALID_CA bit is |
| + // irrelevant to distrust, so we don't test that bit. |
| + return true; |
| + } |
|
wtc
2011/09/21 17:05:33
IMPORTANT: Did you omit the checking of distrust f
agl
2011/09/21 17:53:53
I did deliberately omit the tests for email and co
|
| + |
| + // Self-signed certificates that don't have any trust bits set are untrusted. |
| + // Other certificates that don't have any trust bits set may still be trusted |
| + // if they chain up to a trust anchor. |
| + if (CERT_CompareName(&cert->os_cert_handle()->issuer, |
| + &cert->os_cert_handle()->subject) == SECEqual) { |
| + return (nsstrust.sslFlags & kTrusted) == 0 && |
| + (nsstrust.emailFlags & kTrusted) == 0 && |
| + (nsstrust.objectSigningFlags & kTrusted) == 0; |
| + } |
| + |
| + return false; |
| +} |
| + |
| bool CertDatabase::SetCertTrust(const X509Certificate* cert, |
| CertType type, |
| unsigned int trusted) { |