Create stubs for system certificate validation.

net/base/multi_threaded_cert_verifier_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/multi_threaded_cert_verifier.h"
 
 #include "base/bind.h"
 #include "base/file_path.h"
 #include "base/format_macros.h"
 #include "base/stringprintf.h"
 #include "net/base/cert_test_util.h"
+#include "net/base/cert_verify_result.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_log.h"
 #include "net/base/test_completion_callback.h"
 #include "net/base/x509_certificate.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 namespace net {
 
 namespace {
 
 void FailTest(int /* result */) {
   FAIL();
 }
 
+class MockCertVerifyProc : public MultiThreadedCertVerifier::VerifyProc {
+ public:
+  MockCertVerifyProc() {}
+
+  virtual int Verify(X509Certificate* certificate,
+             const std::string& hostname,
+             int flags,
+             CRLSet* crl_set,
+             CertVerifyResult* verify_result) OVERRIDE {
+    verify_result->Reset();
+    verify_result->verified_cert = certificate;
+    verify_result->cert_status = CERT_STATUS_COMMON_NAME_INVALID;
+    return ERR_CERT_COMMON_NAME_INVALID;
+  }
+
+ protected:
+  virtual ~MockCertVerifyProc() {}
+};
+
 }  // namespace;
 
 // Tests a cache hit, which should result in synchronous completion.
 TEST(MultiThreadedCertVerifierTest, CacheHit) {
-  MultiThreadedCertVerifier verifier;
+  MultiThreadedCertVerifier verifier(new MockCertVerifyProc);
 
   FilePath certs_dir = GetTestCertsDirectory();
   scoped_refptr<X509Certificate> test_cert(
       ImportCertFromFile(certs_dir, "ok_cert.pem"));
   ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert);
 
   int error;
   CertVerifyResult verify_result;
   TestCompletionCallback callback;
   CertVerifier::RequestHandle request_handle;
@@ skipping 18 matching lines @@
   ASSERT_EQ(2u, verifier.requests());
   ASSERT_EQ(1u, verifier.cache_hits());
   ASSERT_EQ(0u, verifier.inflight_joins());
   ASSERT_EQ(1u, verifier.GetCacheSize());
 }
 
 // Tests the same server certificate with different intermediate CA
 // certificates.  These should be treated as different certificate chains even
 // though the two X509Certificate objects contain the same server certificate.
 TEST(MultiThreadedCertVerifierTest, DifferentCACerts) {
-  MultiThreadedCertVerifier verifier;
+  MultiThreadedCertVerifier verifier(new MockCertVerifyProc);
 
   FilePath certs_dir = GetTestCertsDirectory();
 
   scoped_refptr<X509Certificate> server_cert =
       ImportCertFromFile(certs_dir, "salesforce_com_test.pem");
   ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert);
 
   scoped_refptr<X509Certificate> intermediate_cert1 =
       ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem");
   ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1);
@@ skipping 39 matching lines @@
   error = callback.WaitForResult();
   ASSERT_TRUE(IsCertificateError(error));
   ASSERT_EQ(2u, verifier.requests());
   ASSERT_EQ(0u, verifier.cache_hits());
   ASSERT_EQ(0u, verifier.inflight_joins());
   ASSERT_EQ(2u, verifier.GetCacheSize());
 }
 
 // Tests an inflight join.
 TEST(MultiThreadedCertVerifierTest, InflightJoin) {
-  MultiThreadedCertVerifier verifier;
+  MultiThreadedCertVerifier verifier(new MockCertVerifyProc);
 
   FilePath certs_dir = GetTestCertsDirectory();
   scoped_refptr<X509Certificate> test_cert(
       ImportCertFromFile(certs_dir, "ok_cert.pem"));
   ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert);
 
   int error;
   CertVerifyResult verify_result;
   TestCompletionCallback callback;
   CertVerifier::RequestHandle request_handle;
@@ skipping 14 matching lines @@
   ASSERT_TRUE(IsCertificateError(error));
   error = callback2.WaitForResult();
   ASSERT_TRUE(IsCertificateError(error));
   ASSERT_EQ(2u, verifier.requests());
   ASSERT_EQ(0u, verifier.cache_hits());
   ASSERT_EQ(1u, verifier.inflight_joins());
 }
 
 // Tests that the callback of a canceled request is never made.
 TEST(MultiThreadedCertVerifierTest, CancelRequest) {
-  MultiThreadedCertVerifier verifier;
+  MultiThreadedCertVerifier verifier(new MockCertVerifyProc);
 
   FilePath certs_dir = GetTestCertsDirectory();
   scoped_refptr<X509Certificate> test_cert(
       ImportCertFromFile(certs_dir, "ok_cert.pem"));
   ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert);
 
   int error;
   CertVerifyResult verify_result;
   CertVerifier::RequestHandle request_handle;
 
@@ skipping 14 matching lines @@
         callback.callback(), &request_handle, BoundNetLog());
     ASSERT_EQ(ERR_IO_PENDING, error);
     ASSERT_TRUE(request_handle != NULL);
     error = callback.WaitForResult();
     verifier.ClearCache();
   }
 }
 
 // Tests that a canceled request is not leaked.
 TEST(MultiThreadedCertVerifierTest, CancelRequestThenQuit) {
-  MultiThreadedCertVerifier verifier;
+  MultiThreadedCertVerifier verifier(new MockCertVerifyProc);
 
   FilePath certs_dir = GetTestCertsDirectory();
   scoped_refptr<X509Certificate> test_cert(
       ImportCertFromFile(certs_dir, "ok_cert.pem"));
   ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert);
 
   int error;
   CertVerifyResult verify_result;
   TestCompletionCallback callback;
   CertVerifier::RequestHandle request_handle;
@@ skipping 83 matching lines @@
         EXPECT_FALSE(key1 < key2);
         EXPECT_TRUE(key2 < key1);
         break;
       default:
         FAIL() << "Invalid expectation. Can be only -1, 0, 1";
     }
   }
 }
 
 }  // namespace net