Index: net/spdy/spdy_session.cc |
diff --git a/net/spdy/spdy_session.cc b/net/spdy/spdy_session.cc |
index 1eaa715b28a09b671cfcac2668e14cfe4c96ee90..2ea761bd899b78018e5143f1467054698bc6db21 100644 |
--- a/net/spdy/spdy_session.cc |
+++ b/net/spdy/spdy_session.cc |
@@ -598,10 +598,13 @@ bool SpdySession::CanPool(TransportSecurityState* transport_security_state, |
return false; |
std::string pinning_failure_log; |
+ // TODO(estark): replace 0 below with the port of the connection |
+ // (though it won't actually be used since reports aren't getting |
+ // sent). |
if (!transport_security_state->CheckPublicKeyPins( |
- new_hostname, |
- ssl_info.is_issued_by_known_root, |
- ssl_info.public_key_hashes, |
+ HostPortPair(new_hostname, 0), ssl_info.is_issued_by_known_root, |
+ ssl_info.public_key_hashes, ssl_info.unverified_cert.get(), |
+ ssl_info.cert.get(), TransportSecurityState::DISABLE_PIN_REPORTS, |
davidben
2015/07/24 20:42:55
Should this send reports? I believe if we get this
estark
2015/07/25 00:10:31
Yeah... just because the certificate is valid in e
davidben
2015/07/25 01:48:58
Hrm. Okay, so it's specifically that the two certi
|
&pinning_failure_log)) { |
return false; |
} |