Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(404)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/cert_verify_proc_ios.cc

Issue 2719273002: Disable commonName matching for certificates (Closed)
Patch Set: Update tests & fix small bug with IPvsDNS sans Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/cert_verify_proc_android.cc ('k') | net/cert/cert_verify_proc_mac.cc » ('j') | net/cert/x509_certificate_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/cert_verify_proc_ios.cc
diff --git a/net/cert/cert_verify_proc_ios.cc b/net/cert/cert_verify_proc_ios.cc
index 19dc20fa7227e4d5fa2519f9d7bae2fc1ae20603..84ecd2aea84ba31730c706d83dc16c03ed414667 100644
--- a/net/cert/cert_verify_proc_ios.cc
+++ b/net/cert/cert_verify_proc_ios.cc
@@ -266,12 +266,9 @@ int CertVerifyProcIOS::VerifyInternal(
GetCertChainInfo(final_chain, verify_result);
- // Perform hostname verification independent of SecTrustEvaluate.
- if (!verify_result->verified_cert->VerifyNameMatch(
- hostname, &verify_result->common_name_fallback_used)) {
- verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID;
- }
-
+ // iOS lacks the ability to distinguish built-in versus non-built-in roots,
+ // so opt to 'fail open' of any restrictive policies that apply to built-in
+ // roots.
verify_result->is_issued_by_known_root = false;
if (IsCertStatusError(verify_result->cert_status))
« no previous file with comments | « net/cert/cert_verify_proc_android.cc ('k') | net/cert/cert_verify_proc_mac.cc » ('j') | net/cert/x509_certificate_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698