Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3163)

Unified Diff: chrome/browser/ssl/ssl_error_info.cc

Issue 20628006: Reject certificates that are valid for too long. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/ssl/ssl_error_info.cc
diff --git a/chrome/browser/ssl/ssl_error_info.cc b/chrome/browser/ssl/ssl_error_info.cc
index a6860dd0886e3d9f417916ed8ff1d8a06026310c..cf85c450b6f5fad611fd70ef25b48a4ebaa89116 100644
--- a/chrome/browser/ssl/ssl_error_info.cc
+++ b/chrome/browser/ssl/ssl_error_info.cc
@@ -199,6 +199,19 @@ SSLErrorInfo SSLErrorInfo::CreateError(ErrorType error_type,
l10n_util::GetStringUTF16(
IDS_CERT_ERROR_WEAK_KEY_EXTRA_INFO_2));
break;
+ case CERT_TOO_LONG_VALIDITY:
+ title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_TOO_LONG_VALIDITY_TITLE);
+ details = l10n_util::GetStringFUTF16(
+ IDS_CERT_ERROR_TOO_LONG_VALIDITY_DETAILS,
+ UTF8ToUTF16(request_url.host()));
+ short_description = l10n_util::GetStringUTF16(
+ IDS_CERT_ERROR_TOO_LONG_VALIDITY_DESCRIPTION);
+ extra_info.push_back(
+ l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1));
+ extra_info.push_back(
+ l10n_util::GetStringUTF16(
+ IDS_CERT_ERROR_TOO_LONG_VALIDITY_EXTRA_INFO_2));
+ break;
case UNKNOWN:
title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_TITLE);
details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS);
@@ -257,7 +270,8 @@ int SSLErrorInfo::GetErrorsForCertStatus(int cert_id,
net::CERT_STATUS_REVOKED,
net::CERT_STATUS_INVALID,
net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM,
- net::CERT_STATUS_WEAK_KEY
+ net::CERT_STATUS_WEAK_KEY,
+ net::CERT_STATUS_TOO_LONG_VALIDITY
};
const ErrorType kErrorTypes[] = {
@@ -269,7 +283,8 @@ int SSLErrorInfo::GetErrorsForCertStatus(int cert_id,
CERT_REVOKED,
CERT_INVALID,
CERT_WEAK_SIGNATURE_ALGORITHM,
- CERT_WEAK_KEY
+ CERT_WEAK_KEY,
+ CERT_TOO_LONG_VALIDITY
};
DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes));
@@ -283,9 +298,10 @@ int SSLErrorInfo::GetErrorsForCertStatus(int cert_id,
cert_id, &cert);
DCHECK(r);
}
- if (errors)
+ if (errors) {
errors->push_back(
SSLErrorInfo::CreateError(kErrorTypes[i], cert.get(), url));
+ }
}
}
return count;

Powered by Google App Engine
This is Rietveld 408576698