OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h" | 5 #include "chrome/browser/chromeos/net/cert_verify_proc_chromeos.h" |
6 | 6 |
7 #include "net/cert/test_root_certs.h" | 7 #include "net/cert/test_root_certs.h" |
8 #include "net/cert/x509_certificate.h" | 8 #include "net/cert/x509_certificate.h" |
9 | 9 |
10 // NSS doesn't currently define CERT_LIST_TAIL. | 10 // NSS doesn't currently define CERT_LIST_TAIL. |
(...skipping 11 matching lines...) Expand all Loading... |
22 CertVerifyProcChromeOS* cert_verify_proc; | 22 CertVerifyProcChromeOS* cert_verify_proc; |
23 const net::CertificateList& additional_trust_anchors; | 23 const net::CertificateList& additional_trust_anchors; |
24 }; | 24 }; |
25 | 25 |
26 } // namespace | 26 } // namespace |
27 | 27 |
28 CertVerifyProcChromeOS::CertVerifyProcChromeOS() {} | 28 CertVerifyProcChromeOS::CertVerifyProcChromeOS() {} |
29 | 29 |
30 CertVerifyProcChromeOS::CertVerifyProcChromeOS( | 30 CertVerifyProcChromeOS::CertVerifyProcChromeOS( |
31 crypto::ScopedPK11Slot public_slot) { | 31 crypto::ScopedPK11Slot public_slot) { |
32 profile_filter_.Init(public_slot.Pass(), crypto::ScopedPK11Slot()); | 32 // Only the software slot is passed, since that is the only one where user |
| 33 // trust settings are stored. |
| 34 profile_filter_.Init( |
| 35 public_slot.Pass(), crypto::ScopedPK11Slot(), crypto::ScopedPK11Slot()); |
33 } | 36 } |
34 | 37 |
35 CertVerifyProcChromeOS::~CertVerifyProcChromeOS() {} | 38 CertVerifyProcChromeOS::~CertVerifyProcChromeOS() {} |
36 | 39 |
37 int CertVerifyProcChromeOS::VerifyInternal( | 40 int CertVerifyProcChromeOS::VerifyInternal( |
38 net::X509Certificate* cert, | 41 net::X509Certificate* cert, |
39 const std::string& hostname, | 42 const std::string& hostname, |
40 int flags, | 43 int flags, |
41 net::CRLSet* crl_set, | 44 net::CRLSet* crl_set, |
42 const net::CertificateList& additional_trust_anchors, | 45 const net::CertificateList& additional_trust_anchors, |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
94 // properly when the same cert is in multiple slots, this would also need | 97 // properly when the same cert is in multiple slots, this would also need |
95 // updating to check the per-slot trust values. | 98 // updating to check the per-slot trust values. |
96 *chain_ok = args->cert_verify_proc->profile_filter_.IsCertAllowed(cert) | 99 *chain_ok = args->cert_verify_proc->profile_filter_.IsCertAllowed(cert) |
97 ? PR_TRUE | 100 ? PR_TRUE |
98 : PR_FALSE; | 101 : PR_FALSE; |
99 DVLOG(3) << cert->subjectName << " is " << (*chain_ok ? "ok" : "not ok"); | 102 DVLOG(3) << cert->subjectName << " is " << (*chain_ok ? "ok" : "not ok"); |
100 return SECSuccess; | 103 return SECSuccess; |
101 } | 104 } |
102 | 105 |
103 } // namespace chromeos | 106 } // namespace chromeos |
OLD | NEW |