| Index: net/http/http_network_transaction_unittest.cc
|
| diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc
|
| index c9e96de2996da7f582f4f19fa3558ef4e3f1aeaf..92f7d9ff31f0b5ac8f7550b9dd19eb84cdb67fa8 100644
|
| --- a/net/http/http_network_transaction_unittest.cc
|
| +++ b/net/http/http_network_transaction_unittest.cc
|
| @@ -78,6 +78,7 @@
|
| #include "net/ssl/ssl_config_service.h"
|
| #include "net/ssl/ssl_config_service_defaults.h"
|
| #include "net/ssl/ssl_info.h"
|
| +#include "net/ssl/ssl_private_key.h"
|
| #include "net/test/cert_test_util.h"
|
| #include "net/websockets/websocket_handshake_stream_base.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
| @@ -11509,14 +11510,15 @@ TEST_P(HttpNetworkTransactionTest,
|
| // of SSLClientCertCache, NULL is just as meaningful as a real
|
| // certificate, so this is the same as supply a
|
| // legitimate-but-unacceptable certificate.
|
| - rv = trans->RestartWithCertificate(NULL, callback.callback());
|
| + rv = trans->RestartWithCertificate(NULL, NULL, callback.callback());
|
| ASSERT_EQ(ERR_IO_PENDING, rv);
|
|
|
| // Ensure the certificate was added to the client auth cache before
|
| // allowing the connection to continue restarting.
|
| scoped_refptr<X509Certificate> client_cert;
|
| + scoped_refptr<SSLPrivateKey> client_private_key;
|
| ASSERT_TRUE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| ASSERT_EQ(NULL, client_cert.get());
|
|
|
| // Restart the handshake. This will consume ssl_data2, which fails, and
|
| @@ -11528,7 +11530,7 @@ TEST_P(HttpNetworkTransactionTest,
|
| // Ensure that the client certificate is removed from the cache on a
|
| // handshake failure.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| }
|
|
|
| // Ensure that a client certificate is removed from the SSL client auth
|
| @@ -11626,14 +11628,15 @@ TEST_P(HttpNetworkTransactionTest,
|
| // of SSLClientCertCache, NULL is just as meaningful as a real
|
| // certificate, so this is the same as supply a
|
| // legitimate-but-unacceptable certificate.
|
| - rv = trans->RestartWithCertificate(NULL, callback.callback());
|
| + rv = trans->RestartWithCertificate(NULL, NULL, callback.callback());
|
| ASSERT_EQ(ERR_IO_PENDING, rv);
|
|
|
| // Ensure the certificate was added to the client auth cache before
|
| // allowing the connection to continue restarting.
|
| scoped_refptr<X509Certificate> client_cert;
|
| + scoped_refptr<SSLPrivateKey> client_private_key;
|
| ASSERT_TRUE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| ASSERT_EQ(NULL, client_cert.get());
|
|
|
| // Restart the handshake. This will consume ssl_data2, which fails, and
|
| @@ -11645,7 +11648,7 @@ TEST_P(HttpNetworkTransactionTest,
|
| // Ensure that the client certificate is removed from the cache on a
|
| // handshake failure.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| }
|
|
|
| // Ensure that a client certificate is removed from the SSL client auth
|
| @@ -11718,19 +11721,21 @@ TEST_P(HttpNetworkTransactionTest, ClientAuthCertCache_Proxy_Fail) {
|
| // of SSLClientCertCache, NULL is just as meaningful as a real
|
| // certificate, so this is the same as supply a
|
| // legitimate-but-unacceptable certificate.
|
| - rv = trans->RestartWithCertificate(NULL, callback.callback());
|
| + rv = trans->RestartWithCertificate(NULL, NULL, callback.callback());
|
| ASSERT_EQ(ERR_IO_PENDING, rv);
|
|
|
| // Ensure the certificate was added to the client auth cache before
|
| // allowing the connection to continue restarting.
|
| scoped_refptr<X509Certificate> client_cert;
|
| + scoped_refptr<SSLPrivateKey> client_private_key;
|
| ASSERT_TRUE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("proxy", 70), &client_cert));
|
| + HostPortPair("proxy", 70), &client_cert, &client_private_key));
|
| ASSERT_EQ(NULL, client_cert.get());
|
| // Ensure the certificate was NOT cached for the endpoint. This only
|
| // applies to HTTPS requests, but is fine to check for HTTP requests.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert,
|
| + &client_private_key));
|
|
|
| // Restart the handshake. This will consume ssl_data2, which fails, and
|
| // then consume ssl_data3, which should also fail. The result code is
|
| @@ -11741,9 +11746,10 @@ TEST_P(HttpNetworkTransactionTest, ClientAuthCertCache_Proxy_Fail) {
|
| // Now that the new handshake has failed, ensure that the client
|
| // certificate was removed from the client auth cache.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("proxy", 70), &client_cert));
|
| + HostPortPair("proxy", 70), &client_cert, &client_private_key));
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert,
|
| + &client_private_key));
|
| }
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 1304143010:
Plumbing SSLPrivateKey
Base URL: https://chromium.googlesource.com/chromium/src.git@master