Issue 300103011: Use X509_STORE_CTX::untrusted, not X509_STORE_CTX::chain in CertVerifyCallback.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 300103011: Use X509_STORE_CTX::untrusted, not X509_STORE_CTX::chain in CertVerifyCallback. (Closed)

Created:
6 years, 7 months ago by davidben

Modified:
6 years, 7 months ago

Reviewers:
agl, Ryan Sleevi

CC:
chromium-reviews, cbentzel+watch_chromium.org

Base URL:
svn://svn.chromium.org/chrome/trunk/src

Visibility:
Public.

Use X509_STORE_CTX::untrusted, not X509_STORE_CTX::chain in CertVerifyCallback. The latter is always NULL since the certificate chain hasn't been verified yet. BUG=375821 TEST=Visit https://www.imperialviolet.org/2014/03/03/triplehandshake.html on Android; image still doesn't load. TEST=Visit https://scripts.mit.edu:444/__scripts/certerror. Tap 'Cancel' on the certificate prompt. Hit 'More' on the error page. Should show ERR_SSL_PROTOCOL_ERROR, not ERR_SSL_SERVER_CERT_CHANGED. Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=273055