| Index: net/socket/client_socket_pool_manager_impl.cc
|
| diff --git a/net/socket/client_socket_pool_manager_impl.cc b/net/socket/client_socket_pool_manager_impl.cc
|
| index b557874d011161845f4d672f331ac6425c07daf4..39bf6980272e8eefc86a28744e4cb869e36725c5 100644
|
| --- a/net/socket/client_socket_pool_manager_impl.cc
|
| +++ b/net/socket/client_socket_pool_manager_impl.cc
|
| @@ -371,7 +371,7 @@ base::Value* ClientSocketPoolManagerImpl::SocketPoolInfoToValue() const {
|
| }
|
|
|
| void ClientSocketPoolManagerImpl::OnCertAdded(const X509Certificate* cert) {
|
| - FlushSocketPoolsWithError(ERR_NETWORK_CHANGED);
|
| + OnDatabaseChanged();
|
| }
|
|
|
| void ClientSocketPoolManagerImpl::OnCertTrustChanged(
|
| @@ -386,6 +386,20 @@ void ClientSocketPoolManagerImpl::OnCertTrustChanged(
|
| // Since the OnCertTrustChanged method doesn't tell us what
|
| // kind of trust change it is, we have to flush the socket
|
| // pools to be safe.
|
| + OnDatabaseChanged();
|
| +}
|
| +
|
| +void ClientSocketPoolManagerImpl::OnDatabaseChanged() {
|
| + // We should flush the socket pools if we removed trust from a
|
| + // cert, because a previously trusted server may have become
|
| + // untrusted.
|
| + //
|
| + // We should not flush the socket pools if we added trust to a
|
| + // cert.
|
| + //
|
| + // Since the OnDatabaseChanged method doesn't tell us what
|
| + // kind of trust change it is, we have to flush the socket
|
| + // pools to be safe.
|
| FlushSocketPoolsWithError(ERR_NETWORK_CHANGED);
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 27500004:
Listen for new system certificates. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src