From c1d85ee4b3b70b2037ff840ff42f6b1e2f5cea32 Mon Sep 17 00:00:00 2001 From: Andrea Brancaleoni Date: Mon, 14 Nov 2016 10:38:02 +0100 Subject: [PATCH] chromium: fix certificate issue --- .../chromium/patches/issue2495583002_1.patch | 42 +++++++++++++++++++ srcpkgs/chromium/template | 2 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/chromium/patches/issue2495583002_1.patch diff --git a/srcpkgs/chromium/patches/issue2495583002_1.patch b/srcpkgs/chromium/patches/issue2495583002_1.patch new file mode 100644 index 00000000000..a20ce656c3a --- /dev/null +++ b/srcpkgs/chromium/patches/issue2495583002_1.patch @@ -0,0 +1,42 @@ +Index: net/quic/crypto/proof_verifier_chromium.cc +diff --git net/quic/crypto/proof_verifier_chromium.cc net/quic/crypto/proof_verifier_chromium.cc +index 546b00740fef947a95a109e7e9bc22ffdedce785..160191bf6226292d49997bec94429e3a1d0fe990 100644 +--- net/quic/crypto/proof_verifier_chromium.cc ++++ net/quic/crypto/proof_verifier_chromium.cc +@@ -426,6 +426,8 @@ int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) { + int ct_result = OK; + if (verify_details_->ct_verify_result.cert_policy_compliance != + ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS && ++ verify_details_->ct_verify_result.cert_policy_compliance != ++ ct::CertPolicyCompliance::CERT_POLICY_BUILD_NOT_TIMELY && + transport_security_state_->ShouldRequireCT( + hostname_, cert_verify_result.verified_cert.get(), + cert_verify_result.public_key_hashes)) { +Index: net/socket/ssl_client_socket_impl.cc +diff --git net/socket/ssl_client_socket_impl.cc net/socket/ssl_client_socket_impl.cc +index bb76bf8c46d6d84f7d5ad7d48eacfe751204d151..a5d2afd7d8483a4996e04f9b68e3756f55af5d1a 100644 +--- net/socket/ssl_client_socket_impl.cc ++++ net/socket/ssl_client_socket_impl.cc +@@ -1556,6 +1556,8 @@ int SSLClientSocketImpl::VerifyCT() { + + if (ct_verify_result_.cert_policy_compliance != + ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS && ++ ct_verify_result_.cert_policy_compliance != ++ ct::CertPolicyCompliance::CERT_POLICY_BUILD_NOT_TIMELY && + transport_security_state_->ShouldRequireCT( + host_and_port_.host(), server_cert_verify_result_.verified_cert.get(), + server_cert_verify_result_.public_key_hashes)) { +Index: net/spdy/spdy_session.cc +diff --git net/spdy/spdy_session.cc net/spdy/spdy_session.cc +index b79c5e62e3d17f2745c369428c8ac35d9d663349..9315380e45f7f7d9ebfa5bdfe62d11c93705cddc 100644 +--- net/spdy/spdy_session.cc ++++ net/spdy/spdy_session.cc +@@ -617,6 +617,8 @@ bool SpdySession::CanPool(TransportSecurityState* transport_security_state, + + if (ssl_info.ct_cert_policy_compliance != + ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS && ++ ssl_info.ct_cert_policy_compliance != ++ ct::CertPolicyCompliance::CERT_POLICY_BUILD_NOT_TIMELY && + transport_security_state->ShouldRequireCT( + new_hostname, ssl_info.cert.get(), ssl_info.public_key_hashes)) { + return false; diff --git a/srcpkgs/chromium/template b/srcpkgs/chromium/template index e34088adfec..3f15d60c008 100644 --- a/srcpkgs/chromium/template +++ b/srcpkgs/chromium/template @@ -2,7 +2,7 @@ pkgname=chromium # See http://www.chromium.org/developers/calendar for the latest version version=53.0.2785.143 -revision=1 +revision=2 short_desc="Google's attempt at creating a safer, faster, and more stable browser" maintainer="Juan RP " homepage="http://www.chromium.org/"