Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Enable CertVerifierService for ChromeOS
Adds |additional_untrusted_authorities| to CertVerifier::Config. This will currently only be used on ChromeOS to expose additional temporary certificates to NSS when policy requires it. These certificates unfortunately round-trip through the NetworkService: when the policy-provided certificates are updated, ProfileNetworkContextService calls NetworkContext::UpdateAdditionalCertificates(). This in turn will call CertVerifierService::SetConfig() with the policy-provided certificates. This CL also instantiates the CertVerifierService on the IO thread (instead of UI) in the browser process on ChromeOS. This is because CertVerifierBuiltin for ChromeOS uses user slots, which are initialized on the IO thread. This CL also parameterizes the browsertests in //chrome/browser/chromeos/policy/policy_certs_browsertest.cc to run both with and without the CertVerifierService enabled, to test the changes in this CL. Bug: 1085379, 1015134 Change-Id: Ibb623d9e53a46819ea5152e72d4f343ae52e8d60 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2243867 Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Pavol Marko <pmarko@chromium.org> Reviewed-by: Ryan Sleevi <rsleevi@chromium.org> Commit-Queue: Matthew Denton <mpdenton@chromium.org> Cr-Commit-Position: refs/heads/master@{#782259}
- Loading branch information
Showing
21 changed files
with
210 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.