Index: ios/web/net/crw_ssl_status_updater.mm |
diff --git a/ios/web/net/crw_ssl_status_updater.mm b/ios/web/net/crw_ssl_status_updater.mm |
index da487021799da360f862422c0b7fb44ebcff23a6..000eb6075b06c6479e0f3c697a52f8fcc7d6cda8 100644 |
--- a/ios/web/net/crw_ssl_status_updater.mm |
+++ b/ios/web/net/crw_ssl_status_updater.mm |
@@ -101,14 +101,13 @@ using web::SecurityStyle; |
if (item->GetURL().SchemeIsCryptographic()) { |
cert = web::CreateCertFromTrust(trust); |
if (cert) { |
- int oldCertID = item->GetSSL().cert_id; |
+ scoped_refptr<net::X509Certificate> oldCert = item->GetSSL().certificate; |
std::string oldHost = item->GetSSL().cert_status_host; |
- item->GetSSL().cert_id = web::CertStore::GetInstance()->StoreCert( |
- cert.get(), self.certGroupID); |
+ item->GetSSL().certificate = cert; |
item->GetSSL().cert_status_host = base::SysNSStringToUTF8(host); |
// Only recompute the SSLStatus information if the certificate or host has |
// since changed. Host can be changed in case of redirect. |
- if (oldCertID != item->GetSSL().cert_id || |
+ if (!oldCert.get() || !oldCert->Equals(cert.get()) || |
oldHost != item->GetSSL().cert_status_host) { |
// Real SSL status is unknown, reset cert status and security style. |
// They will be asynchronously updated in |
@@ -122,7 +121,7 @@ using web::SecurityStyle; |
} |
if (!cert) { |
- item->GetSSL().cert_id = 0; |
+ item->GetSSL().certificate = nullptr; |
if (!item->GetURL().SchemeIsCryptographic()) { |
// HTTP or other non-secure connection. |
item->GetSSL().security_style = web::SECURITY_STYLE_UNAUTHENTICATED; |
@@ -154,11 +153,11 @@ using web::SecurityStyle; |
// NavigationItem's UniqueID is preserved even after redirects, so |
// checking that cert and URL match is necessary. |
scoped_refptr<net::X509Certificate> cert(web::CreateCertFromTrust(trust)); |
- int certID = |
- web::CertStore::GetInstance()->StoreCert(cert.get(), self.certGroupID); |
std::string GURLHost = base::SysNSStringToUTF8(host); |
web::SSLStatus& SSLStatus = item->GetSSL(); |
- if (item->GetURL().SchemeIsCryptographic() && SSLStatus.cert_id == certID && |
+ if (item->GetURL().SchemeIsCryptographic() && |
+ !!SSLStatus.certificate.get() && |
+ SSLStatus.certificate->Equals(cert.get()) && |
item->GetURL().host() == GURLHost) { |
web::SSLStatus previousSSLStatus = item->GetSSL(); |
SSLStatus.cert_status = certStatus; |