Index: content/browser/renderer_host/x509_user_cert_resource_handler.cc |
=================================================================== |
--- content/browser/renderer_host/x509_user_cert_resource_handler.cc (revision 133822) |
+++ content/browser/renderer_host/x509_user_cert_resource_handler.cc (working copy) |
@@ -101,9 +101,22 @@ |
AssembleResource(); |
scoped_refptr<net::X509Certificate> cert; |
if (resource_buffer_) { |
- cert = net::X509Certificate::CreateFromBytes(resource_buffer_->data(), |
- content_length_); |
+ net::CertificateList cert_list = |
+ net::X509Certificate::CreateCertificateListFromBytes( |
+ resource_buffer_->data(), content_length_, |
+ net::X509Certificate::FORMAT_AUTO); |
+ if (cert_list.size()) { |
+ net::X509Certificate::OSCertHandle cert_handle = |
+ cert_list[0]->os_cert_handle(); |
+ net::X509Certificate::OSCertHandles intermediate_certs; |
+ for (size_t i = 1; i < cert_list.size(); ++i) |
+ intermediate_certs.push_back(cert_list[i]->os_cert_handle()); |
+ cert = net::X509Certificate::CreateFromHandle(cert_handle, |
+ intermediate_certs); |
Ryan Sleevi
2012/04/27 00:55:48
note: This is not an accurate interpretation of th
wtc
2012/04/27 21:16:50
You mean we cannot assume the first certificate in
Ryan Sleevi
2012/04/27 21:24:21
Correct. The behaviour of Firefox is to do a first
|
+ } |
} |
+ // TODO(wtc): change ContentBrowserClient::AddNewCertificate() to take |
+ // a net::CertificateList instead of a net::X509Certificate? |
content::GetContentClient()->browser()->AddNewCertificate( |
request_, cert, render_process_host_id_, render_view_id_); |
return true; |