Remove the check for the obsolete CERT_TRUST_IS_NOT_TIME_NESTED

error status. CertGetCertificateChain no longer detects the error. R=agl BUG=70210 TEST=none Review URL: http://codereview.chromium.org/6331009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@72159 0039d316-1c4b-4281-b951-d872f2087c98

Remove the check for the obsolete CERT_TRUST_IS_NOT_TIME_NESTED
error status. CertGetCertificateChain no longer detects the error. R=agl BUG=70210 TEST=none Review URL: http://codereview.chromium.org/6331009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@72159 0039d316-1c4b-4281-b951-d872f2087c98
3a2eb7c7 · wtc@google.com · c7f72dcd · 3a2eb7c7
Commit 3a2eb7c7 authored Jan 21, 2011 by wtc@google.com
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 3 deletions

net/base/x509_certificate_win.cc net/base/x509_certificate_win.cc +2 -3

No files found.
--- a/net/base/x509_certificate_win.cc
+++ b/net/base/x509_certificate_win.cc
@@ -94,10 +94,9 @@ int MapSecurityError(SECURITY_STATUS err) {
 int MapCertChainErrorStatusToCertStatus(DWORD error_status) {
  int cert_status = 0;

-  // CERT_TRUST_IS_NOT_TIME_NESTED means a subject certificate's time validity
-  // does not nest correctly within its issuer's time validity.
+  // We don't include CERT_TRUST_IS_NOT_TIME_NESTED because it's obsolete and
+  // we wouldn't consider it an error anyway
  const DWORD kDateInvalidErrors = CERT_TRUST_IS_NOT_TIME_VALID |
-                                   CERT_TRUST_IS_NOT_TIME_NESTED |
                                   CERT_TRUST_CTL_IS_NOT_TIME_VALID;
  if (error_status & kDateInvalidErrors)
    cert_status |= CERT_STATUS_DATE_INVALID;