chrome/browser/ssl/ssl_error_info.cc - Issue 20628006: Reject certificates that are valid for too long.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/ssl/ssl_error_info.cc

Issue 20628006: Reject certificates that are valid for too long. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/ssl/ssl_error_info.cc

diff --git a/chrome/browser/ssl/ssl_error_info.cc b/chrome/browser/ssl/ssl_error_info.cc

index a6860dd0886e3d9f417916ed8ff1d8a06026310c..cf85c450b6f5fad611fd70ef25b48a4ebaa89116 100644

--- a/chrome/browser/ssl/ssl_error_info.cc

+++ b/chrome/browser/ssl/ssl_error_info.cc

@@ -199,6 +199,19 @@ SSLErrorInfo SSLErrorInfo::CreateError(ErrorType error_type,

l10n_util::GetStringUTF16(

IDS_CERT_ERROR_WEAK_KEY_EXTRA_INFO_2));

break;

+ case CERT_TOO_LONG_VALIDITY:

+ title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_TOO_LONG_VALIDITY_TITLE);

+ details = l10n_util::GetStringFUTF16(

+ IDS_CERT_ERROR_TOO_LONG_VALIDITY_DETAILS,

+ UTF8ToUTF16(request_url.host()));

+ short_description = l10n_util::GetStringUTF16(

+ IDS_CERT_ERROR_TOO_LONG_VALIDITY_DESCRIPTION);

+ extra_info.push_back(

+ l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1));

+ extra_info.push_back(

+ l10n_util::GetStringUTF16(

+ IDS_CERT_ERROR_TOO_LONG_VALIDITY_EXTRA_INFO_2));

+ break;

case UNKNOWN:

title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_TITLE);

details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS);

@@ -257,7 +270,8 @@ int SSLErrorInfo::GetErrorsForCertStatus(int cert_id,

net::CERT_STATUS_REVOKED,

net::CERT_STATUS_INVALID,

net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM,

- net::CERT_STATUS_WEAK_KEY

+ net::CERT_STATUS_WEAK_KEY,

+ net::CERT_STATUS_TOO_LONG_VALIDITY

};

const ErrorType kErrorTypes[] = {

@@ -269,7 +283,8 @@ int SSLErrorInfo::GetErrorsForCertStatus(int cert_id,

CERT_REVOKED,

CERT_INVALID,

CERT_WEAK_SIGNATURE_ALGORITHM,

- CERT_WEAK_KEY

+ CERT_WEAK_KEY,

+ CERT_TOO_LONG_VALIDITY

};

DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes));

@@ -283,9 +298,10 @@ int SSLErrorInfo::GetErrorsForCertStatus(int cert_id,

cert_id, &cert);

DCHECK(r);

}

- if (errors)

+ if (errors) {

errors->push_back(

SSLErrorInfo::CreateError(kErrorTypes[i], cert.get(), url));

+ }

}

return count;

« chrome/app/generated_resources.grd ('K') | « chrome/app/generated_resources.grd ('k') | content/browser/ssl/ssl_policy.cc » ('j') | net/cert/cert_verify_proc.h » ('J')