ios/web/net/crw_ssl_status_updater.mm - Issue 2327433002: Stop using CertStore which is not compatible with PlzNavigate.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: ios/web/net/crw_ssl_status_updater.mm

Issue 2327433002: Stop using CertStore which is not compatible with PlzNavigate. (Closed)

Patch Set: remove certstore on non-ios and update plznavigate test filter Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« ios/chrome/browser/ssl/ios_ssl_blocking_page.mm ('K') | « ios/chrome/browser/ssl/ios_ssl_blocking_page.mm ('k') | ios/web/net/crw_ssl_status_updater_unittest.mm » ('j') | ios/web/net/crw_ssl_status_updater_unittest.mm » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: ios/web/net/crw_ssl_status_updater.mm

diff --git a/ios/web/net/crw_ssl_status_updater.mm b/ios/web/net/crw_ssl_status_updater.mm

index da487021799da360f862422c0b7fb44ebcff23a6..000eb6075b06c6479e0f3c697a52f8fcc7d6cda8 100644

--- a/ios/web/net/crw_ssl_status_updater.mm

+++ b/ios/web/net/crw_ssl_status_updater.mm

@@ -101,14 +101,13 @@ using web::SecurityStyle;

if (item->GetURL().SchemeIsCryptographic()) {

cert = web::CreateCertFromTrust(trust);

if (cert) {

- int oldCertID = item->GetSSL().cert_id;

+ scoped_refptr<net::X509Certificate> oldCert = item->GetSSL().certificate;

std::string oldHost = item->GetSSL().cert_status_host;

- item->GetSSL().cert_id = web::CertStore::GetInstance()->StoreCert(

- cert.get(), self.certGroupID);

+ item->GetSSL().certificate = cert;

item->GetSSL().cert_status_host = base::SysNSStringToUTF8(host);

// Only recompute the SSLStatus information if the certificate or host has

// since changed. Host can be changed in case of redirect.

- if (oldCertID != item->GetSSL().cert_id ||

+ if (!oldCert.get() || !oldCert->Equals(cert.get()) ||

oldHost != item->GetSSL().cert_status_host) {

// Real SSL status is unknown, reset cert status and security style.

// They will be asynchronously updated in

@@ -122,7 +121,7 @@ using web::SecurityStyle;

}

if (!cert) {

- item->GetSSL().cert_id = 0;

+ item->GetSSL().certificate = nullptr;

if (!item->GetURL().SchemeIsCryptographic()) {

// HTTP or other non-secure connection.

item->GetSSL().security_style = web::SECURITY_STYLE_UNAUTHENTICATED;

@@ -154,11 +153,11 @@ using web::SecurityStyle;

// NavigationItem's UniqueID is preserved even after redirects, so

// checking that cert and URL match is necessary.

scoped_refptr<net::X509Certificate> cert(web::CreateCertFromTrust(trust));

- int certID =

- web::CertStore::GetInstance()->StoreCert(cert.get(), self.certGroupID);

std::string GURLHost = base::SysNSStringToUTF8(host);

web::SSLStatus& SSLStatus = item->GetSSL();

- if (item->GetURL().SchemeIsCryptographic() && SSLStatus.cert_id == certID &&

+ if (item->GetURL().SchemeIsCryptographic() &&

+ !!SSLStatus.certificate.get() &&

+ SSLStatus.certificate->Equals(cert.get()) &&

item->GetURL().host() == GURLHost) {

web::SSLStatus previousSSLStatus = item->GetSSL();

SSLStatus.cert_status = certStatus;