Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(436)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/nss_profile_filter_chromeos.cc

Issue 137553004: NSS Cros multiprofile: trust roots added by a profile shouldn't apply to other profiles. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: expanded test, found one problem Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/cert/cert_verify_proc_nss.cc ('K') | « net/cert/nss_profile_filter_chromeos.h ('k') | net/cert/nss_profile_filter_chromeos_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/nss_profile_filter_chromeos.cc
diff --git a/net/cert/nss_profile_filter_chromeos.cc b/net/cert/nss_profile_filter_chromeos.cc
index 48718174e8b37a4f0626c95fce7340034e795bd5..5317bfdcd056eaa9556896c8905f70fdb2da551a 100644
--- a/net/cert/nss_profile_filter_chromeos.cc
+++ b/net/cert/nss_profile_filter_chromeos.cc
@@ -6,16 +6,17 @@
#include "base/bind.h"
#include "base/callback.h"
+#include "base/strings/string_piece.h"
#include "base/strings/stringprintf.h"
namespace net {
namespace {
-std::string CertSlotsString(const scoped_refptr<X509Certificate>& cert) {
+std::string CertSlotsString(CERTCertificate* cert) {
std::string result;
crypto::ScopedPK11SlotList slots_for_cert(
- PK11_GetAllSlotsForCert(cert->os_cert_handle(), NULL));
+ PK11_GetAllSlotsForCert(cert, NULL));
for (PK11SlotListElement* slot_element =
PK11_GetFirstSafe(slots_for_cert.get());
slot_element;
@@ -66,12 +67,13 @@ bool NSSProfileFilterChromeOS::IsModuleAllowed(PK11SlotInfo* slot) const {
return false;
}
-bool NSSProfileFilterChromeOS::IsCertAllowed(
- const scoped_refptr<X509Certificate>& cert) const {
+bool NSSProfileFilterChromeOS::IsCertAllowed(CERTCertificate* cert) const {
crypto::ScopedPK11SlotList slots_for_cert(
- PK11_GetAllSlotsForCert(cert->os_cert_handle(), NULL));
+ PK11_GetAllSlotsForCert(cert, NULL));
if (!slots_for_cert) {
- DVLOG(2) << "cert no slots: " << cert->subject().GetDisplayName();
+ DVLOG(2) << "cert no slots: " << base::StringPiece(cert->nickname);
+ // XXX if this is changed to false, the CertVerifyProcChromeOS tests pass,
+ // but other ones fail (eg, ones that depend on ScopedTestRoot).
return true;
}
@@ -82,13 +84,13 @@ bool NSSProfileFilterChromeOS::IsCertAllowed(
PK11_GetNextSafe(slots_for_cert.get(), slot_element, PR_FALSE)) {
if (IsModuleAllowed(slot_element->slot)) {
DVLOG(3) << "cert from " << CertSlotsString(cert)
- << " allowed: " << cert->subject().GetDisplayName();
+ << " allowed: " << base::StringPiece(cert->nickname);
PK11_FreeSlotListElement(slots_for_cert.get(), slot_element);
return true;
}
}
DVLOG(2) << "cert from " << CertSlotsString(cert)
- << " filtered: " << cert->subject().GetDisplayName();
+ << " filtered: " << base::StringPiece(cert->nickname);
return false;
}
@@ -98,7 +100,7 @@ NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate::
bool NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate::operator()(
const scoped_refptr<X509Certificate>& cert) const {
- return !filter_.IsCertAllowed(cert);
+ return !filter_.IsCertAllowed(cert->os_cert_handle());
}
NSSProfileFilterChromeOS::ModuleNotAllowedForProfilePredicate::
« net/cert/cert_verify_proc_nss.cc ('K') | « net/cert/nss_profile_filter_chromeos.h ('k') | net/cert/nss_profile_filter_chromeos_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698