Issue 2804883005: Update SSL error handling code to account for Subject CN deprecation

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 2804883005: Update SSL error handling code to account for Subject CN deprecation (Closed)

Created:
3 years, 8 months ago by elawrence

Modified:
3 years, 8 months ago

Reviewers:

CC:
chromium-reviews

Target Ref:
refs/branch-heads/3029

Project:
chromium

Visibility:
Public.

More Reviews

Description

Update SSL error handling code to account for Subject CN deprecation In Issue 308330, Chrome deprecated the use of the Subject CN field in certificate hostname validation. However, the certificate error interstitial and error classification logic were left unchanged, leading to misleading error messages and doomed error recovery attempts in the event that a certificate lacked SubjectAltNames. In this change, Chrome's Certificate Error interstitial and error recovery will no longer fallback to the certificate's Subject CN field when evaluating the certificate's valid dns names. BUG=703614 Review-Url: https://codereview.chromium.org/2777383002 Cr-Commit-Position: refs/heads/master@{#462230} (cherry picked from commit c7484f52b8ceb68e4334cad505e894aeef6cba83)

Patch Set 1 #

Created: 3 years, 8 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+404 lines, -194 lines)			Patch
M	chrome/browser/ssl/ssl_error_handler.h	View	1 chunk	+10 lines, -9 lines	0 comments	Download
M	chrome/browser/ssl/ssl_error_handler.cc	View	1 chunk	+27 lines, -26 lines	0 comments	Download
M	chrome/browser/ssl/ssl_error_handler_unittest.cc	View	7 chunks	+53 lines, -6 lines	0 comments	Download
M	components/ssl_errors/error_classification.h	View	2 chunks	+30 lines, -8 lines	0 comments	Download
M	components/ssl_errors/error_classification.cc	View	6 chunks	+22 lines, -35 lines	0 comments	Download
M	components/ssl_errors/error_classification_unittest.cc	View	2 chunks	+82 lines, -58 lines	0 comments	Download
M	components/ssl_errors/error_info.cc	View	1 chunk	+21 lines, -13 lines	0 comments	Download
M	net/BUILD.gn	View	1 chunk	+1 line, -0 lines	0 comments	Download
M	net/cert/x509_certificate.h	View	1 chunk	+4 lines, -1 line	0 comments	Download
A	net/data/ssl/certificates/subjectAltName_www_example_com.pem	View	1 chunk	+75 lines, -0 lines	0 comments	Download
M	net/data/ssl/scripts/ee.cnf	View	1 chunk	+7 lines, -0 lines	0 comments	Download
M	net/data/ssl/scripts/generate-test-certs.sh	View	1 chunk	+5 lines, -0 lines	0 comments	Download
M	net/test/test_certificate_data.h	View	3 chunks	+7 lines, -3 lines	0 comments	Download
M	tools/metrics/histograms/histograms.xml	View	3 chunks	+60 lines, -35 lines	0 comments	Download