Issue 8865006: net: move pinning checks into the SSL socket.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 8865006: net: move pinning checks into the SSL socket. (Closed)

Created:
9 years ago by agl

Modified:
9 years ago

Reviewers:
palmer

CC:
chromium-reviews, cbentzel+watch_chromium.org, darin-cc_chromium.org

Base URL:
svn://svn.chromium.org/chrome/trunk/src

Visibility:
Public.

More Reviews

Description

net: move pinning checks into the SSL socket. Previously we would reject requests with pinning errors at the URLRequest layer but, by that time, we would already have sent cookies. The commenting of the #ifdef is deliberate - it allows the builders to chew the code over. Once the builders are happy I'll land another change to uncomment the #ifdefs. This also happens to start unpicking the DNS certificate provenance stuff. BUG=none TEST=Verify that https://pinningtest.appspot.com fails to load in offical builds. Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=113823

Patch Set 1 #

Patch Set 2 : ... #

Created: 9 years ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+56 lines, -57 lines)			Patch
M	net/socket/ssl_client_socket_nss.h	View	1	2 chunks	+3 lines, -2 lines	0 comments	Download
M	net/socket/ssl_client_socket_nss.cc	View	1	6 chunks	+44 lines, -10 lines	0 comments	Download
M	net/url_request/url_request_http_job.cc	View		3 chunks	+9 lines, -45 lines	0 comments	Download

Messages

Total messages: 4 (0 generated)

Expand Messages | Collapse Messages

Sergey Ulanov

Please use try bots or CQ next time before committing something.

9 years ago (2011-12-09 22:15:36 UTC) #3

agl

9 years ago (2011-12-09 22:23:07 UTC) #4

On Fri, Dec 9, 2011 at 5:15 PM,  <sergeyu@chromium.org> wrote:
> Please use try bots or CQ next time before committing something.

Try bots, as always, were used.


Cheers

AGL

Expand Messages | Collapse Messages