| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" | 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" |
| 6 | 6 |
| 7 #include <keyhi.h> | 7 #include <keyhi.h> |
| 8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
| 9 | 9 |
| 10 #include "base/base64.h" | 10 #include "base/base64.h" |
| (...skipping 904 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 915 LOG(WARNING) << "Cert GUID is already in use: " << guid; | 915 LOG(WARNING) << "Cert GUID is already in use: " << guid; |
| 916 parse_error_ = l10n_util::GetStringUTF8( | 916 parse_error_ = l10n_util::GetStringUTF8( |
| 917 IDS_NETWORK_CONFIG_ERROR_CERT_GUID_COLLISION); | 917 IDS_NETWORK_CONFIG_ERROR_CERT_GUID_COLLISION); |
| 918 return NULL; | 918 return NULL; |
| 919 } | 919 } |
| 920 | 920 |
| 921 net::CertificateList cert_list; | 921 net::CertificateList cert_list; |
| 922 cert_list.push_back(x509_cert); | 922 cert_list.push_back(x509_cert); |
| 923 net::CertDatabase::ImportCertFailureList failures; | 923 net::CertDatabase::ImportCertFailureList failures; |
| 924 bool success = false; | 924 bool success = false; |
| 925 net::CertDatabase::TrustBits trust = web_trust ? |
| 926 net::CertDatabase::TRUSTED_SSL : |
| 927 net::CertDatabase::UNTRUSTED; |
| 925 if (cert_type == "Server") { | 928 if (cert_type == "Server") { |
| 926 success = cert_database.ImportServerCert(cert_list, &failures); | 929 success = cert_database.ImportServerCert(cert_list, trust, &failures); |
| 927 } else { // Authority cert | 930 } else { // Authority cert |
| 928 net::CertDatabase::TrustBits trust = web_trust ? | |
| 929 net::CertDatabase::TRUSTED_SSL : | |
| 930 net::CertDatabase::UNTRUSTED; | |
| 931 success = cert_database.ImportCACerts(cert_list, trust, &failures); | 931 success = cert_database.ImportCACerts(cert_list, trust, &failures); |
| 932 } | 932 } |
| 933 if (!failures.empty()) { | 933 if (!failures.empty()) { |
| 934 LOG(WARNING) << "ONC File: Error (" | 934 LOG(WARNING) << "ONC File: Error (" |
| 935 << net::ErrorToString(failures[0].net_error) | 935 << net::ErrorToString(failures[0].net_error) |
| 936 << ") importing " << cert_type << " certificate at index " | 936 << ") importing " << cert_type << " certificate at index " |
| 937 << cert_index; | 937 << cert_index; |
| 938 parse_error_ = l10n_util::GetStringUTF8( | 938 parse_error_ = l10n_util::GetStringUTF8( |
| 939 IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT); | 939 IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT); |
| 940 return NULL; | 940 return NULL; |
| (...skipping 1039 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1980 // on the value of AuthenticationType. | 1980 // on the value of AuthenticationType. |
| 1981 { "L2TP-IPsec", PROVIDER_TYPE_L2TP_IPSEC_PSK }, | 1981 { "L2TP-IPsec", PROVIDER_TYPE_L2TP_IPSEC_PSK }, |
| 1982 { "OpenVPN", PROVIDER_TYPE_OPEN_VPN }, | 1982 { "OpenVPN", PROVIDER_TYPE_OPEN_VPN }, |
| 1983 }; | 1983 }; |
| 1984 CR_DEFINE_STATIC_LOCAL(EnumMapper<ProviderType>, parser, | 1984 CR_DEFINE_STATIC_LOCAL(EnumMapper<ProviderType>, parser, |
| 1985 (table, arraysize(table), PROVIDER_TYPE_MAX)); | 1985 (table, arraysize(table), PROVIDER_TYPE_MAX)); |
| 1986 return parser.Get(type); | 1986 return parser.Get(type); |
| 1987 } | 1987 } |
| 1988 | 1988 |
| 1989 } // namespace chromeos | 1989 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9940001:
Fix imported server certs being distrusted in NSS 3.13. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src