| Index: net/http/http_network_transaction_unittest.cc
|
| diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc
|
| index 56f3bb3d171cb944c83b8ff0fd5882f6f9b2b850..73b69fce3ccb9f702f214b10c3456eca102e8101 100644
|
| --- a/net/http/http_network_transaction_unittest.cc
|
| +++ b/net/http/http_network_transaction_unittest.cc
|
| @@ -78,6 +78,7 @@
|
| #include "net/ssl/ssl_config_service.h"
|
| #include "net/ssl/ssl_config_service_defaults.h"
|
| #include "net/ssl/ssl_info.h"
|
| +#include "net/ssl/ssl_private_key.h"
|
| #include "net/test/cert_test_util.h"
|
| #include "net/websockets/websocket_handshake_stream_base.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
| @@ -12143,14 +12144,15 @@ TEST_P(HttpNetworkTransactionTest,
|
| // of SSLClientCertCache, NULL is just as meaningful as a real
|
| // certificate, so this is the same as supply a
|
| // legitimate-but-unacceptable certificate.
|
| - rv = trans->RestartWithCertificate(NULL, callback.callback());
|
| + rv = trans->RestartWithCertificate(NULL, NULL, callback.callback());
|
| ASSERT_EQ(ERR_IO_PENDING, rv);
|
|
|
| // Ensure the certificate was added to the client auth cache before
|
| // allowing the connection to continue restarting.
|
| scoped_refptr<X509Certificate> client_cert;
|
| + scoped_refptr<SSLPrivateKey> client_private_key;
|
| ASSERT_TRUE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| ASSERT_EQ(NULL, client_cert.get());
|
|
|
| // Restart the handshake. This will consume ssl_data2, which fails, and
|
| @@ -12162,7 +12164,7 @@ TEST_P(HttpNetworkTransactionTest,
|
| // Ensure that the client certificate is removed from the cache on a
|
| // handshake failure.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| }
|
|
|
| // Ensure that a client certificate is removed from the SSL client auth
|
| @@ -12260,14 +12262,15 @@ TEST_P(HttpNetworkTransactionTest,
|
| // of SSLClientCertCache, NULL is just as meaningful as a real
|
| // certificate, so this is the same as supply a
|
| // legitimate-but-unacceptable certificate.
|
| - rv = trans->RestartWithCertificate(NULL, callback.callback());
|
| + rv = trans->RestartWithCertificate(NULL, NULL, callback.callback());
|
| ASSERT_EQ(ERR_IO_PENDING, rv);
|
|
|
| // Ensure the certificate was added to the client auth cache before
|
| // allowing the connection to continue restarting.
|
| scoped_refptr<X509Certificate> client_cert;
|
| + scoped_refptr<SSLPrivateKey> client_private_key;
|
| ASSERT_TRUE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| ASSERT_EQ(NULL, client_cert.get());
|
|
|
| // Restart the handshake. This will consume ssl_data2, which fails, and
|
| @@ -12279,7 +12282,7 @@ TEST_P(HttpNetworkTransactionTest,
|
| // Ensure that the client certificate is removed from the cache on a
|
| // handshake failure.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert, &client_private_key));
|
| }
|
|
|
| // Ensure that a client certificate is removed from the SSL client auth
|
| @@ -12352,19 +12355,21 @@ TEST_P(HttpNetworkTransactionTest, ClientAuthCertCache_Proxy_Fail) {
|
| // of SSLClientCertCache, NULL is just as meaningful as a real
|
| // certificate, so this is the same as supply a
|
| // legitimate-but-unacceptable certificate.
|
| - rv = trans->RestartWithCertificate(NULL, callback.callback());
|
| + rv = trans->RestartWithCertificate(NULL, NULL, callback.callback());
|
| ASSERT_EQ(ERR_IO_PENDING, rv);
|
|
|
| // Ensure the certificate was added to the client auth cache before
|
| // allowing the connection to continue restarting.
|
| scoped_refptr<X509Certificate> client_cert;
|
| + scoped_refptr<SSLPrivateKey> client_private_key;
|
| ASSERT_TRUE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("proxy", 70), &client_cert));
|
| + HostPortPair("proxy", 70), &client_cert, &client_private_key));
|
| ASSERT_EQ(NULL, client_cert.get());
|
| // Ensure the certificate was NOT cached for the endpoint. This only
|
| // applies to HTTPS requests, but is fine to check for HTTP requests.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert,
|
| + &client_private_key));
|
|
|
| // Restart the handshake. This will consume ssl_data2, which fails, and
|
| // then consume ssl_data3, which should also fail. The result code is
|
| @@ -12375,9 +12380,10 @@ TEST_P(HttpNetworkTransactionTest, ClientAuthCertCache_Proxy_Fail) {
|
| // Now that the new handshake has failed, ensure that the client
|
| // certificate was removed from the client auth cache.
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("proxy", 70), &client_cert));
|
| + HostPortPair("proxy", 70), &client_cert, &client_private_key));
|
| ASSERT_FALSE(session->ssl_client_auth_cache()->Lookup(
|
| - HostPortPair("www.example.com", 443), &client_cert));
|
| + HostPortPair("www.example.com", 443), &client_cert,
|
| + &client_private_key));
|
| }
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 1422573008:
Plumbing SSLPrivateKey (//net) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master