| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" | 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" |
| 6 | 6 |
| 7 #include <keyhi.h> | 7 #include <keyhi.h> |
| 8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| (...skipping 911 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 922 LOG(WARNING) << "Cert GUID is already in use: " << guid; | 922 LOG(WARNING) << "Cert GUID is already in use: " << guid; |
| 923 parse_error_ = l10n_util::GetStringUTF8( | 923 parse_error_ = l10n_util::GetStringUTF8( |
| 924 IDS_NETWORK_CONFIG_ERROR_CERT_GUID_COLLISION); | 924 IDS_NETWORK_CONFIG_ERROR_CERT_GUID_COLLISION); |
| 925 return NULL; | 925 return NULL; |
| 926 } | 926 } |
| 927 | 927 |
| 928 net::CertificateList cert_list; | 928 net::CertificateList cert_list; |
| 929 cert_list.push_back(x509_cert); | 929 cert_list.push_back(x509_cert); |
| 930 net::CertDatabase::ImportCertFailureList failures; | 930 net::CertDatabase::ImportCertFailureList failures; |
| 931 bool success = false; | 931 bool success = false; |
| 932 net::CertDatabase::TrustBits trust = web_trust ? |
| 933 net::CertDatabase::TRUSTED_SSL : |
| 934 net::CertDatabase::UNTRUSTED; |
| 932 if (cert_type == "Server") { | 935 if (cert_type == "Server") { |
| 933 success = cert_database.ImportServerCert(cert_list, &failures); | 936 success = cert_database.ImportServerCert(cert_list, trust, &failures); |
| 934 } else { // Authority cert | 937 } else { // Authority cert |
| 935 net::CertDatabase::TrustBits trust = web_trust ? | |
| 936 net::CertDatabase::TRUSTED_SSL : | |
| 937 net::CertDatabase::UNTRUSTED; | |
| 938 success = cert_database.ImportCACerts(cert_list, trust, &failures); | 938 success = cert_database.ImportCACerts(cert_list, trust, &failures); |
| 939 } | 939 } |
| 940 if (!failures.empty()) { | 940 if (!failures.empty()) { |
| 941 LOG(WARNING) << "ONC File: Error (" | 941 LOG(WARNING) << "ONC File: Error (" |
| 942 << net::ErrorToString(failures[0].net_error) | 942 << net::ErrorToString(failures[0].net_error) |
| 943 << ") importing " << cert_type << " certificate at index " | 943 << ") importing " << cert_type << " certificate at index " |
| 944 << cert_index; | 944 << cert_index; |
| 945 parse_error_ = l10n_util::GetStringUTF8( | 945 parse_error_ = l10n_util::GetStringUTF8( |
| 946 IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT); | 946 IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT); |
| 947 return NULL; | 947 return NULL; |
| (...skipping 1039 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1987 // on the value of AuthenticationType. | 1987 // on the value of AuthenticationType. |
| 1988 { "L2TP-IPsec", PROVIDER_TYPE_L2TP_IPSEC_PSK }, | 1988 { "L2TP-IPsec", PROVIDER_TYPE_L2TP_IPSEC_PSK }, |
| 1989 { "OpenVPN", PROVIDER_TYPE_OPEN_VPN }, | 1989 { "OpenVPN", PROVIDER_TYPE_OPEN_VPN }, |
| 1990 }; | 1990 }; |
| 1991 CR_DEFINE_STATIC_LOCAL(EnumMapper<ProviderType>, parser, | 1991 CR_DEFINE_STATIC_LOCAL(EnumMapper<ProviderType>, parser, |
| 1992 (table, arraysize(table), PROVIDER_TYPE_MAX)); | 1992 (table, arraysize(table), PROVIDER_TYPE_MAX)); |
| 1993 return parser.Get(type); | 1993 return parser.Get(type); |
| 1994 } | 1994 } |
| 1995 | 1995 |
| 1996 } // namespace chromeos | 1996 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9940001:
Fix imported server certs being distrusted in NSS 3.13. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src