Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(616)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/spdy/spdy_session.cc

Issue 508823009: Mark SHA-1 as deprecated (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@cert_verify_result_sha1
Patch Set: Moar work Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/cert/cert_status_flags_list.h ('K') | « net/http/http_cache_transaction.cc ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/spdy/spdy_session.cc
diff --git a/net/spdy/spdy_session.cc b/net/spdy/spdy_session.cc
index 285bccf7deee62c5680d5659881d2409b74d6378..5984579b2cf37ed824f3bb4c49b8cc1e73903606 100644
--- a/net/spdy/spdy_session.cc
+++ b/net/spdy/spdy_session.cc
@@ -559,8 +559,10 @@ bool SpdySession::CanPool(TransportSecurityState* transport_security_state,
// Pooling is prohibited if the server cert is not valid for the new domain,
// and for connections on which client certs were sent. It is also prohibited
// when channel ID was sent if the hosts are from different eTLDs+1.
- if (IsCertStatusError(ssl_info.cert_status))
+ if (IsCertStatusError(ssl_info.cert_status) &&
+ !IsCertStatusMinorError(ssl_info.cert_status)) {
return false;
+ }
if (ssl_info.client_cert_sent)
return false;
« net/cert/cert_status_flags_list.h ('K') | « net/http/http_cache_transaction.cc ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698