| Index: net/socket/ssl_client_socket_nss.cc
|
| diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
|
| index c95312d1ef9442bcc362524c2e225f07618981ee..3a8b39e678c2785ea4d6fd7c60fea762fb599883 100644
|
| --- a/net/socket/ssl_client_socket_nss.cc
|
| +++ b/net/socket/ssl_client_socket_nss.cc
|
| @@ -3497,11 +3497,10 @@ int SSLClientSocketNSS::DoVerifyCertComplete(int result) {
|
| ssl_config_.version_fallback;
|
| const std::string& host = host_and_port_.host();
|
|
|
| - TransportSecurityState::DomainState domain_state;
|
| - if (transport_security_state_->GetDomainState(host, sni_available,
|
| - &domain_state) &&
|
| - domain_state.HasPublicKeyPins()) {
|
| - if (!domain_state.CheckPublicKeyPins(
|
| + if (transport_security_state_->HasPublicKeyPins(host, sni_available)) {
|
| + if (!transport_security_state_->CheckPublicKeyPins(
|
| + host,
|
| + sni_available,
|
| server_cert_verify_result_.public_key_hashes,
|
| &pinning_failure_log_)) {
|
| LOG(ERROR) << pinning_failure_log_;
|
|
|
Chromium Code Reviews
Issue 103803012:
Make HSTS headers not clobber preloaded pins. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src