Issue 2152453002: Remove ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code.

Issue 2152453002: Remove ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code. (Closed)

Created:
4 years, 5 months ago by Bence

Modified:
4 years, 5 months ago

Reviewers:
Ryan Hamilton

CC:
chromium-reviews, cbentzel+watch_chromium.org, mmenke

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Remove ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code. Remove ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code, because (1) right now, remote TCP alternative services (where the origin and the alternative service have different hostnames) are disabled, and (2) in the future, if an existing connection to the destination of the alternative service with an origin different from the origin of the request does not have a valid certificate for the origin of the request, then a new connection to the destination of the alternative service will be opened with the origin of the request, and if that connection does not have a valid certificate for the origin of the request, then that's simply ERR_CERT_COMMON_NAME_INVALID. So there is no need for ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN. Also remove ValidSpdySessionPool class, because (1) right now there is no need for the extra cert verification, and (2) in the future, SpdySessionPool::FindAvailableSession() and SpdySessionPool::CreateAvailableSessionFromSocket() will take both an origin and a destination argument, and will make sure that the SpdySession they return has a certificate that is valid for the origin. BUG=615413 Committed: https://crrev.com/9989bd51828a155d65cd9131cee6700d2bb3164e Cr-Commit-Position: refs/heads/master@{#405342}

Patch Set 1 #

Created: 4 years, 5 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+10 lines, -285 lines)			Patch
M	net/base/net_error_list.h	View	1 chunk	+0 lines, -5 lines	0 comments	Download
M	net/http/http_network_transaction_unittest.cc	View	1 chunk	+0 lines, -160 lines	0 comments	Download
M	net/http/http_stream_factory_impl_job.h	View	2 chunks	+0 lines, -47 lines	0 comments	Download
M	net/http/http_stream_factory_impl_job.cc	View	6 chunks	+10 lines, -73 lines	0 comments	Download

Messages

Total messages: 13 (7 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2152453002/1

4 years, 5 months ago (2016-07-13 23:03:11 UTC) #9

commit-bot: I haz the power

Description was changed from ========== Remove ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code. Remove ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code, because (1) ...

4 years, 5 months ago (2016-07-13 23:12:07 UTC) #12

Message was sent while issue was closed.

Description was changed from

==========
Remove ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code.

Remove ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code, because (1) right
now, remote TCP alternative services (where the origin and the alternative
service have different hostnames) are disabled, and (2) in the future, if an
existing connection to the destination of the alternative service with an origin
different from the origin of the request does not have a valid certificate for
the origin of the request, then a new connection to the destination of the
alternative service will be opened with the origin of the request, and if that
connection does not have a valid certificate for the origin of the request, then
that's simply ERR_CERT_COMMON_NAME_INVALID.  So there is no need for
ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN.

Also remove ValidSpdySessionPool class, because (1) right now there is no need
for the extra cert verification, and (2) in the future,
SpdySessionPool::FindAvailableSession() and
SpdySessionPool::CreateAvailableSessionFromSocket() will take both an origin and
a destination argument, and will make sure that the SpdySession they return has
a certificate that is valid for the origin.

BUG=615413
==========

to

==========
Remove ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code.

Remove ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN error code, because (1) right
now, remote TCP alternative services (where the origin and the alternative
service have different hostnames) are disabled, and (2) in the future, if an
existing connection to the destination of the alternative service with an origin
different from the origin of the request does not have a valid certificate for
the origin of the request, then a new connection to the destination of the
alternative service will be opened with the origin of the request, and if that
connection does not have a valid certificate for the origin of the request, then
that's simply ERR_CERT_COMMON_NAME_INVALID.  So there is no need for
ERR_ALTERNATIVE_CERT_NOT_VALID_FOR_ORIGIN.

Also remove ValidSpdySessionPool class, because (1) right now there is no need
for the extra cert verification, and (2) in the future,
SpdySessionPool::FindAvailableSession() and
SpdySessionPool::CreateAvailableSessionFromSocket() will take both an origin and
a destination argument, and will make sure that the SpdySession they return has
a certificate that is valid for the origin.

BUG=615413

Committed: https://crrev.com/9989bd51828a155d65cd9131cee6700d2bb3164e
Cr-Commit-Position: refs/heads/master@{#405342}
==========

commit-bot: I haz the power

4 years, 5 months ago (2016-07-13 23:12:08 UTC) #13

Message was sent while issue was closed.

Patchset 1 (id:??) landed as
https://crrev.com/9989bd51828a155d65cd9131cee6700d2bb3164e
Cr-Commit-Position: refs/heads/master@{#405342}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages