Index: net/base/x509_certificate_openssl.cc |
diff --git a/net/base/x509_certificate_openssl.cc b/net/base/x509_certificate_openssl.cc |
index 80e2517a0be870ea269589ab259128772f3246a9..8cc4ef0eefb7624a86630a5792336b6816b02b93 100644 |
--- a/net/base/x509_certificate_openssl.cc |
+++ b/net/base/x509_certificate_openssl.cc |
@@ -164,8 +164,6 @@ CertStatus MapCertErrorToCertStatus(int err) { |
#endif |
case X509_V_ERR_CERT_REVOKED: |
return CERT_STATUS_REVOKED; |
- case X509_V_ERR_KEYUSAGE_NO_CERTSIGN: |
- return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; |
// All these status are mapped to CERT_STATUS_INVALID. |
case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: |
case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: |
@@ -182,6 +180,7 @@ CertStatus MapCertErrorToCertStatus(int err) { |
case X509_V_ERR_AKID_SKID_MISMATCH: |
case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: |
case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: |
+ case X509_V_ERR_KEYUSAGE_NO_CERTSIGN: |
wtc
2011/10/24 22:36:42
The change in this file is correct, regardless of
|
case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: |
case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: |
case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: |