Chromium Code Reviews Chromium Code Reviews
Issue 9875010:
nss: Fix GetCertType returning SERVER_CERT for explicitly distrusted CA certs. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp |
| diff --git a/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp b/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp |
| index 2f9a4e9e017e5064a1aa721dea83e59cc48a789c..e654a3dae8b483c7b847eab43efbce3d420e02b4 100644 |
| --- a/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp |
| +++ b/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp |
| @@ -1058,10 +1058,10 @@ net::CertType GetCertType(CERTCertificate *cert) { |
| return net::USER_CERT; |
| if (trust.HasAnyCA()) |
| return net::CA_CERT; |
| - if (trust.HasPeer(PR_TRUE, PR_FALSE, PR_FALSE)) |
| - return net::SERVER_CERT; |
| if (CERT_IsCACert(cert, NULL)) |
| return net::CA_CERT; |
|
wtc
2012/03/28 19:36:05
I suggest combining these two:
if (trust.HasAnyC
mattm
2012/03/29 00:24:45
Done.
|
| + if (trust.HasPeer(PR_TRUE, PR_FALSE, PR_FALSE)) |
| + return net::SERVER_CERT; |
| return net::UNKNOWN_CERT; |
| } |
