Allow browser tests to use a MockCertVerifier

chrome/browser/profiles/profile_io_data.cc

Index: chrome/browser/profiles/profile_io_data.cc
diff --git a/chrome/browser/profiles/profile_io_data.cc b/chrome/browser/profiles/profile_io_data.cc
index 73f9efbd44439248fb9a8e8ee81d64a5f897133a..f7c050edd5eaab63b3a7eb069f4bf7b3303eb61b 100644
--- a/chrome/browser/profiles/profile_io_data.cc
+++ b/chrome/browser/profiles/profile_io_data.cc
@@ -64,6 +64,7 @@
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/resource_context.h"
 #include "net/base/keygen_handler.h"
+#include "net/cert/cert_verifier.h"
 #include "net/cookies/canonical_cookie.h"
 #include "net/http/http_transaction_factory.h"
 #include "net/http/http_util.h"
@@ -156,6 +157,14 @@ using content::ResourceContext;
 
 namespace {
 
+net::CertVerifier* g_cert_verifier_for_testing = nullptr;
+
+net::CertVerifier* GetCertVerifierForTesting() {
+  if (g_cert_verifier_for_testing)
+    return g_cert_verifier_for_testing;
+  return nullptr;
+}

[Ryan Sleevi, 2015/08/04 18:24:34]

This function isn't necessary, is it? I mean, it's really just doing "return
g_cert_verifier_for_testing", since the only way line 163 fails if it it's
already nullptr. I'd just update line 1111 to point to this variable directly.

[estark, 2015/08/04 19:32:19]

Done.

+
 #if defined(DEBUG_DEVTOOLS)
 bool IsSupportedDevToolsURL(const GURL& url, base::FilePath* path) {
   std::string bundled_path_prefix(chrome::kChromeUIDevToolsBundledPath);
@@ -747,6 +756,12 @@ void ProfileIOData::InstallProtocolHandlers(
   protocol_handlers->clear();
 }
 
+// static
+void ProfileIOData::SetCertVerifierForTesting(
+    net::CertVerifier* cert_verifier) {
+  g_cert_verifier_for_testing = cert_verifier;
+}
+
 content::ResourceContext* ProfileIOData::GetResourceContext() const {
   return resource_context_.get();
 }
@@ -1093,6 +1108,7 @@ void ProfileIOData::Init(
   supervised_user_url_filter_ = profile_params_->supervised_user_url_filter;
 #endif
 
+  net::CertVerifier* cert_verifier = GetCertVerifierForTesting();
 #if defined(OS_CHROMEOS)
   username_hash_ = profile_params_->username_hash;
   use_system_key_slot_ = profile_params_->use_system_key_slot;
@@ -1105,16 +1121,24 @@ void ProfileIOData::Init(
   // for cert trust purposes anyway.
   scoped_refptr<net::CertVerifyProc> verify_proc(
       new chromeos::CertVerifyProcChromeOS(public_slot.Pass()));
-  if (policy_cert_verifier_) {
-    DCHECK_EQ(policy_cert_verifier_, cert_verifier_.get());
-    policy_cert_verifier_->InitializeOnIOThread(verify_proc);
-  } else {
-    cert_verifier_.reset(new net::MultiThreadedCertVerifier(verify_proc.get()));
+  if (!cert_verifier) {

[Ryan Sleevi, 2015/08/04 18:24:34]

Rather than both sides of the #ifdef checking for cert_verifier (line 1124 you
do !cert_verifier, but line 1136 you do cert_verifier - thus making it hard to
match if/else pairs), why not lift the conditional up

line 1111
if (g_cert_verifier_for_testing) {
  main_request_context_->set_cert_verifier(g_cert_verifier_for_testing);
} else {
#if defined(OS_CHROMEOS)
  ...
#else
  ...
#endif
}

[estark, 2015/08/04 19:32:19]

Done.

+    if (policy_cert_verifier_) {
+      DCHECK_EQ(policy_cert_verifier_, cert_verifier_.get());
+      policy_cert_verifier_->InitializeOnIOThread(verify_proc);
+    } else {
+      cert_verifier_.reset(
+          new net::MultiThreadedCertVerifier(verify_proc.get()));
+    }
+    cert_verifier = cert_verifier_.get();
   }
-  main_request_context_->set_cert_verifier(cert_verifier_.get());
+  main_request_context_->set_cert_verifier(cert_verifier);
 #else
-  main_request_context_->set_cert_verifier(
-      io_thread_globals->cert_verifier.get());
+  if (cert_verifier) {
+    main_request_context_->set_cert_verifier(cert_verifier);
+  } else {
+    main_request_context_->set_cert_verifier(
+        io_thread_globals->cert_verifier.get());
+  }
 #endif
 
   // Install the New Tab Page Interceptor.