зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1038098: Save intermediate certificates during TLS handshake, r=keeler
--HG-- extra : rebase_source : 99e2551e78bc8eac91174e5320c15623ede26642 extra : histedit_source : c4af1c24b95b1b3c8a86d06575645b6ffc5308a6
This commit is contained in:
Родитель
17375cc8b3
Коммит
7cd854102a
|
@ -429,10 +429,11 @@ CertVerifier::VerifySSLServerCert(CERTCertificate* peerCert,
|
|||
return SECFailure;
|
||||
}
|
||||
|
||||
ScopedCERTCertList builtChainTemp;
|
||||
// CreateCertErrorRunnable assumes that CERT_VerifyCertName is only called
|
||||
// if VerifyCert succeeded.
|
||||
SECStatus rv = VerifyCert(peerCert, certificateUsageSSLServer, time, pinarg,
|
||||
hostname, 0, stapledOCSPResponse, builtChain,
|
||||
hostname, 0, stapledOCSPResponse, &builtChainTemp,
|
||||
evOidPolicy);
|
||||
if (rv != SECSuccess) {
|
||||
return rv;
|
||||
|
@ -443,8 +444,12 @@ CertVerifier::VerifySSLServerCert(CERTCertificate* peerCert,
|
|||
return rv;
|
||||
}
|
||||
|
||||
if (saveIntermediatesInPermanentDatabase && builtChain) {
|
||||
SaveIntermediateCerts(*builtChain);
|
||||
if (saveIntermediatesInPermanentDatabase) {
|
||||
SaveIntermediateCerts(builtChainTemp);
|
||||
}
|
||||
|
||||
if (builtChain) {
|
||||
*builtChain = builtChainTemp.forget();
|
||||
}
|
||||
|
||||
return SECSuccess;
|
||||
|
|
Загрузка…
Ссылка в новой задаче