Index: net/cert/cert_verify_proc_mac.cc |
diff --git a/net/cert/cert_verify_proc_mac.cc b/net/cert/cert_verify_proc_mac.cc |
index 4efdaacffed3830465ae0f5d96915bed5dd8d5de..542fba1151459814e7629aa12f23fa1ad3022494 100644 |
--- a/net/cert/cert_verify_proc_mac.cc |
+++ b/net/cert/cert_verify_proc_mac.cc |
@@ -656,8 +656,10 @@ int CertVerifyProcMac::VerifyInternal( |
// Perform hostname verification independent of SecTrustEvaluate. In order to |
// do so, mask off any reported name errors first. |
verify_result->cert_status &= ~CERT_STATUS_COMMON_NAME_INVALID; |
- if (!cert->VerifyNameMatch(hostname)) |
+ if (!cert->VerifyNameMatch(hostname, |
+ &verify_result->common_name_fallback_used)) { |
verify_result->cert_status |= CERT_STATUS_COMMON_NAME_INVALID; |
+ } |
// TODO(wtc): Suppress CERT_STATUS_NO_REVOCATION_MECHANISM for now to be |
// compatible with Windows, which in turn implements this behavior to be |