Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(168)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_unittest.cc

Issue 1286793002: Treat failure to parse certificates as SSL protocol errors. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: and now with more keys Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_client_socket_openssl.cc ('k') | net/test/spawned_test_server/base_test_server.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket.h" 5 #include "net/socket/ssl_client_socket.h"
6 6
7 #include "base/callback_helpers.h" 7 #include "base/callback_helpers.h"
8 #include "base/location.h" 8 #include "base/location.h"
9 #include "base/memory/ref_counted.h" 9 #include "base/memory/ref_counted.h"
10 #include "base/run_loop.h" 10 #include "base/run_loop.h"
(...skipping 1084 matching lines...) Expand 10 before | Expand all | Expand 10 after
1095 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, rv); 1095 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, rv);
1096 1096
1097 // Rather than testing whether or not the underlying socket is connected, 1097 // Rather than testing whether or not the underlying socket is connected,
1098 // test that the handshake has finished. This is because it may be 1098 // test that the handshake has finished. This is because it may be
1099 // desirable to disconnect the socket before showing a user prompt, since 1099 // desirable to disconnect the socket before showing a user prompt, since
1100 // the user may take indefinitely long to respond. 1100 // the user may take indefinitely long to respond.
1101 log.GetEntries(&entries); 1101 log.GetEntries(&entries);
1102 EXPECT_TRUE(LogContainsEndEvent(entries, -1, NetLog::TYPE_SSL_CONNECT)); 1102 EXPECT_TRUE(LogContainsEndEvent(entries, -1, NetLog::TYPE_SSL_CONNECT));
1103 } 1103 }
1104 1104
1105 #if defined(OS_WIN)
1106 // Tests that certificates parsable by SSLClientSocket's internal SSL
1107 // implementation, but not X509Certificate are treated as fatal non-certificate
1108 // errors. This is regression test for https://crbug.com/91341.
1109 TEST_F(SSLClientSocketTest, ConnectBadValidity) {
1110 SpawnedTestServer::SSLOptions ssl_options(
1111 SpawnedTestServer::SSLOptions::CERT_BAD_VALIDITY);
1112 ASSERT_TRUE(ConnectToTestServer(ssl_options));
1113 SSLConfig ssl_config;
1114 int rv;
1115 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
1116
1117 EXPECT_EQ(ERR_SSL_SERVER_CERT_BAD_FORMAT, rv);
1118 EXPECT_FALSE(IsCertificateError(rv));
1119
1120 SSLInfo ssl_info;
1121 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info));
1122 EXPECT_FALSE(ssl_info.cert);
1123 }
1124 #endif // defined(OS_WIN)
1125
1105 // Attempt to connect to a page which requests a client certificate. It should 1126 // Attempt to connect to a page which requests a client certificate. It should
1106 // return an error code on connect. 1127 // return an error code on connect.
1107 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) { 1128 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) {
1108 SpawnedTestServer::SSLOptions ssl_options; 1129 SpawnedTestServer::SSLOptions ssl_options;
1109 ssl_options.request_client_certificate = true; 1130 ssl_options.request_client_certificate = true;
1110 SpawnedTestServer test_server( 1131 SpawnedTestServer test_server(
1111 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); 1132 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath());
1112 ASSERT_TRUE(test_server.Start()); 1133 ASSERT_TRUE(test_server.Start());
1113 1134
1114 AddressList addr; 1135 AddressList addr;
(...skipping 2338 matching lines...) Expand 10 before | Expand all | Expand 10 after
3453 ssl_config.channel_id_enabled = true; 3474 ssl_config.channel_id_enabled = true;
3454 3475
3455 int rv; 3476 int rv;
3456 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); 3477 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
3457 3478
3458 EXPECT_EQ(ERR_UNEXPECTED, rv); 3479 EXPECT_EQ(ERR_UNEXPECTED, rv);
3459 EXPECT_FALSE(sock_->IsConnected()); 3480 EXPECT_FALSE(sock_->IsConnected());
3460 } 3481 }
3461 3482
3462 } // namespace net 3483 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket_openssl.cc ('k') | net/test/spawned_test_server/base_test_server.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698