Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(296)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: telemetry/third_party/web-page-replay/certutils.py

Issue 2811373002: [web-page-replay] Roll WPR to the latest commit (Closed)
Patch Set: Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « telemetry/third_party/web-page-replay/README.chromium ('k') | telemetry/third_party/web-page-replay/certutils_test.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: telemetry/third_party/web-page-replay/certutils.py
diff --git a/telemetry/third_party/web-page-replay/certutils.py b/telemetry/third_party/web-page-replay/certutils.py
index 46c31a8167b77082160029b760a3d4c8b4e407f4..4de0560bf28a9d8a829976c7dbff52e861f9312f 100644
--- a/telemetry/third_party/web-page-replay/certutils.py
+++ b/telemetry/third_party/web-page-replay/certutils.py
@@ -130,8 +130,6 @@ def generate_dummy_ca_cert(subject='_WebPageReplayCert'):
ca_cert.set_pubkey(key)
ca_cert.add_extensions([
crypto.X509Extension('basicConstraints', True, 'CA:TRUE'),
- crypto.X509Extension('subjectAltName', False, 'DNS:' + subject),
- crypto.X509Extension('nsCertType', True, 'sslCA'),
crypto.X509Extension('extendedKeyUsage', True,
('serverAuth,clientAuth,emailProtection,'
'timeStamping,msCodeInd,msCodeCom,msCTLSign,'
@@ -230,20 +228,13 @@ def generate_cert(root_ca_cert_str, server_cert_str, server_host):
Returns:
a PEM formatted certificate string
"""
- EXTENSION_WHITELIST = set(['subjectAltName'])
-
if openssl_import_error:
raise openssl_import_error # pylint: disable=raising-bad-type
common_name = server_host
- reused_extensions = []
if server_cert_str:
original_cert = load_cert(server_cert_str)
common_name = original_cert.get_subject().commonName
- for i in xrange(original_cert.get_extension_count()):
- original_cert_extension = original_cert.get_extension(i)
- if original_cert_extension.get_short_name() in EXTENSION_WHITELIST:
- reused_extensions.append(original_cert_extension)
ca_cert = load_cert(root_ca_cert_str)
ca_key = load_privatekey(root_ca_cert_str)
@@ -255,7 +246,10 @@ def generate_cert(root_ca_cert_str, server_cert_str, server_host):
cert.set_issuer(ca_cert.get_subject())
cert.set_serial_number(int(time.time()*10000))
cert.set_pubkey(ca_key)
- cert.add_extensions(reused_extensions)
+ cert.add_extensions([
+ crypto.X509Extension('subjectAltName', False, 'DNS:' + server_host),
+ crypto.X509Extension('extendedKeyUsage', False, 'serverAuth,clientAuth'),
+ ])
cert.sign(ca_key, 'sha256')
return _dump_cert(cert)
« no previous file with comments | « telemetry/third_party/web-page-replay/README.chromium ('k') | telemetry/third_party/web-page-replay/certutils_test.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698