diff options
author | Allan Sandfeld Jensen <allan.jensen@theqtcompany.com> | 2016-09-29 17:27:39 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2016-09-30 07:34:38 +0000 |
commit | 18ebedbcbcb280116c04c189a469c94269c0858b (patch) | |
tree | 93e33887964a854e6aae3e64197741e15e73e088 /src/core | |
parent | 3ced4ab42fc936aa89f65848b767454347377ac0 (diff) |
Add known logs to certificate transparency
This is needed to avoid certificate errors when google servers ask us
to enforce certificate transparency.
Change-Id: I0199d29502b94b05c336ef24eac5f3783d171767
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'src/core')
-rw-r--r-- | src/core/url_request_context_getter_qt.cpp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/core/url_request_context_getter_qt.cpp b/src/core/url_request_context_getter_qt.cpp index e5df27135..61f359a87 100644 --- a/src/core/url_request_context_getter_qt.cpp +++ b/src/core/url_request_context_getter_qt.cpp @@ -49,6 +49,7 @@ #include "content/public/common/content_switches.h" #include "net/base/cache_type.h" #include "net/cert/cert_verifier.h" +#include "net/cert/ct_known_logs.h" #include "net/cert/ct_log_verifier.h" #include "net/cert/ct_policy_enforcer.h" #include "net/cert/multi_log_ct_verifier.h" @@ -229,7 +230,9 @@ void URLRequestContextGetterQt::generateStorage() Q_ASSERT(proxyConfigService); m_storage->set_cert_verifier(net::CertVerifier::CreateDefault()); - m_storage->set_cert_transparency_verifier(base::WrapUnique(new net::MultiLogCTVerifier())); + std::unique_ptr<net::MultiLogCTVerifier> ct_verifier(new net::MultiLogCTVerifier()); + ct_verifier->AddLogs(net::ct::CreateLogVerifiersForKnownLogs()); + m_storage->set_cert_transparency_verifier(std::move(ct_verifier)); m_storage->set_ct_policy_enforcer(base::WrapUnique(new net::CTPolicyEnforcer)); std::unique_ptr<net::HostResolver> host_resolver(net::HostResolver::CreateDefaultResolver(NULL)); @@ -422,6 +425,10 @@ static bool doNetworkSessionParamsMatch(const net::HttpNetworkSession::Params &f return false; if (first.host_resolver != second.host_resolver) return false; + if (first.cert_transparency_verifier != second.cert_transparency_verifier) + return false; + if (first.ct_policy_enforcer != second.ct_policy_enforcer) + return false; return true; } |