Make the SSLServerSocket unittests less crashy

net/socket/ssl_server_socket_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // This test suite uses SSLClientSocket to test the implementation of
 // SSLServerSocket. In order to establish connections between the sockets
 // we need two additional classes:
 // 1. FakeSocket
 //    Connects SSL socket to FakeDataChannel. This class is just a stub.
 //
@@ skipping 317 matching lines @@
   EXPECT_LE(read, written);
   EXPECT_EQ(0, memcmp(kTestData, read_buf->data(), read));
 }
 
 class SSLServerSocketTest : public PlatformTest {
  public:
   SSLServerSocketTest()
       : socket_factory_(ClientSocketFactory::GetDefaultFactory()),
         cert_verifier_(new MockCertVerifier()),
         client_cert_verifier_(new MockClientCertVerifier()),
-        transport_security_state_(new TransportSecurityState) {
+        transport_security_state_(new TransportSecurityState) {}
+
+  void SetUp() override {
+    PlatformTest::SetUp();
+
     cert_verifier_->set_default_result(ERR_CERT_AUTHORITY_INVALID);
     client_cert_verifier_->set_default_result(ERR_CERT_AUTHORITY_INVALID);
 
     server_cert_ =
         ImportCertFromFile(GetTestCertsDirectory(), "unittest.selfsigned.der");
+    ASSERT_TRUE(server_cert_);
     server_private_key_ = ReadTestKey("unittest.key.bin");
+    ASSERT_TRUE(server_private_key_);
 
     client_ssl_config_.false_start_enabled = false;
     client_ssl_config_.channel_id_enabled = false;
 
     // Certificate provided by the host doesn't need authority.
     SSLConfig::CertAndStatus cert_and_status;
     cert_and_status.cert_status = CERT_STATUS_AUTHORITY_INVALID;
     std::string server_cert_der;
-    CHECK(X509Certificate::GetDEREncoded(server_cert_->os_cert_handle(),
-                                         &server_cert_der));
+    ASSERT_TRUE(X509Certificate::GetDEREncoded(server_cert_->os_cert_handle(),
+                                               &server_cert_der));
     cert_and_status.der_cert = server_cert_der;
     client_ssl_config_.allowed_bad_certs.push_back(cert_and_status);
   }
 
  protected:
   void CreateContext() {
     client_socket_.reset();
     server_socket_.reset();
     channel_1_.reset();
     channel_2_.reset();
@@ skipping 10 matching lines @@
     scoped_ptr<ClientSocketHandle> client_connection(new ClientSocketHandle);
     client_connection->SetSocket(scoped_ptr<StreamSocket>(
         new FakeSocket(channel_1_.get(), channel_2_.get())));
     scoped_ptr<StreamSocket> server_socket(
         new FakeSocket(channel_2_.get(), channel_1_.get()));
 
     HostPortPair host_and_pair("unittest", 0);
     SSLClientSocketContext context;
     context.cert_verifier = cert_verifier_.get();
     context.transport_security_state = transport_security_state_.get();
+
     client_socket_ = socket_factory_->CreateSSLClientSocket(
         std::move(client_connection), host_and_pair, client_ssl_config_,
         context);
+    ASSERT_TRUE(client_socket_);
 
     server_socket_ =
         server_context_->CreateSSLServerSocket(std::move(server_socket));
+    ASSERT_TRUE(server_socket_);
   }
 
 #if defined(USE_OPENSSL)
   void ConfigureClientCertsForClient(const char* cert_file_name,
                                      const char* private_key_file_name) {
     client_ssl_config_.send_client_cert = true;
     client_ssl_config_.client_cert =
         ImportCertFromFile(GetTestCertsDirectory(), cert_file_name);
     ASSERT_TRUE(client_ssl_config_.client_cert);
+
     scoped_ptr<crypto::RSAPrivateKey> key = ReadTestKey(private_key_file_name);
     ASSERT_TRUE(key);
+
     client_ssl_config_.client_private_key = WrapOpenSSLPrivateKey(
         crypto::ScopedEVP_PKEY(EVP_PKEY_up_ref(key->key())));
   }
 
   void ConfigureClientCertsForServer() {
     server_ssl_config_.client_cert_type =
         SSLServerConfig::ClientCertType::REQUIRE_CLIENT_CERT;
 
     ScopedX509NameStack cert_names(
         SSL_load_client_CA_file(GetTestCertsDirectory()
                                     .AppendASCII(kClientCertCAFileName)
                                     .MaybeAsASCII()
                                     .c_str()));
     ASSERT_TRUE(cert_names);
+
     for (size_t i = 0; i < sk_X509_NAME_num(cert_names.get()); ++i) {
       uint8_t* str = nullptr;
       int length = i2d_X509_NAME(sk_X509_NAME_value(cert_names.get(), i), &str);
+      ASSERT_LT(0, length);
+
       server_ssl_config_.cert_authorities_.push_back(std::string(
           reinterpret_cast<const char*>(str), static_cast<size_t>(length)));
       OPENSSL_free(str);
     }
 
     scoped_refptr<X509Certificate> expected_client_cert(
         ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName));
+    ASSERT_TRUE(expected_client_cert);
+
     client_cert_verifier_->AddResultForCert(expected_client_cert.get(), OK);
 
     server_ssl_config_.client_cert_verifier = client_cert_verifier_.get();
   }
 
   scoped_ptr<crypto::RSAPrivateKey> ReadTestKey(const base::StringPiece& name) {
     base::FilePath certs_dir(GetTestCertsDirectory());
     base::FilePath key_path = certs_dir.AppendASCII(name);
     std::string key_string;
     if (!base::ReadFileToString(key_path, &key_string))
@@ skipping 20 matching lines @@
   scoped_ptr<TransportSecurityState> transport_security_state_;
   scoped_ptr<SSLServerContext> server_context_;
   scoped_ptr<crypto::RSAPrivateKey> server_private_key_;
   scoped_refptr<X509Certificate> server_cert_;
 };
 
 // This test only executes creation of client and server sockets. This is to
 // test that creation of sockets doesn't crash and have minimal code to run
 // under valgrind in order to help debugging memory problems.
 TEST_F(SSLServerSocketTest, Initialize) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 }
 
 // This test executes Connect() on SSLClientSocket and Handshake() on
 // SSLServerSocket to make sure handshaking between the two sockets is
 // completed successfully.
 TEST_F(SSLServerSocketTest, Handshake) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   client_ret = connect_callback.GetResult(client_ret);
   server_ret = handshake_callback.GetResult(server_ret);
 
@@ skipping 16 matching lines @@
   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, cipher_suite);
   EXPECT_STREQ("ECDHE_RSA", key_exchange);
   EXPECT_TRUE(is_aead);
 }
 
 // NSS ports don't support client certificates and have a global session cache.
 #if defined(USE_OPENSSL)
 
 // This test makes sure the session cache is working.
 TEST_F(SSLServerSocketTest, HandshakeCached) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   client_ret = connect_callback.GetResult(client_ret);
   server_ret = handshake_callback.GetResult(server_ret);
 
   ASSERT_EQ(OK, client_ret);
   ASSERT_EQ(OK, server_ret);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info;
   ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info));
   EXPECT_EQ(ssl_info.handshake_type, SSLInfo::HANDSHAKE_FULL);
   SSLInfo ssl_server_info;
   ASSERT_TRUE(server_socket_->GetSSLInfo(&ssl_server_info));
   EXPECT_EQ(ssl_server_info.handshake_type, SSLInfo::HANDSHAKE_FULL);
 
   // Make sure the second connection is cached.
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
   TestCompletionCallback handshake_callback2;
   int server_ret2 = server_socket_->Handshake(handshake_callback2.callback());
 
   TestCompletionCallback connect_callback2;
   int client_ret2 = client_socket_->Connect(connect_callback2.callback());
 
   client_ret2 = connect_callback2.GetResult(client_ret2);
   server_ret2 = handshake_callback2.GetResult(server_ret2);
 
   ASSERT_EQ(OK, client_ret2);
   ASSERT_EQ(OK, server_ret2);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info2;
   ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info2));
   EXPECT_EQ(ssl_info2.handshake_type, SSLInfo::HANDSHAKE_RESUME);
   SSLInfo ssl_server_info2;
   ASSERT_TRUE(server_socket_->GetSSLInfo(&ssl_server_info2));
   EXPECT_EQ(ssl_server_info2.handshake_type, SSLInfo::HANDSHAKE_RESUME);
 }
 
 // This test makes sure the session cache separates out by server context.
 TEST_F(SSLServerSocketTest, HandshakeCachedContextSwitch) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   client_ret = connect_callback.GetResult(client_ret);
   server_ret = handshake_callback.GetResult(server_ret);
 
   ASSERT_EQ(OK, client_ret);
   ASSERT_EQ(OK, server_ret);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info;
   ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info));
   EXPECT_EQ(ssl_info.handshake_type, SSLInfo::HANDSHAKE_FULL);
   SSLInfo ssl_server_info;
   ASSERT_TRUE(server_socket_->GetSSLInfo(&ssl_server_info));
   EXPECT_EQ(ssl_server_info.handshake_type, SSLInfo::HANDSHAKE_FULL);
 
   // Make sure the second connection is NOT cached when using a new context.
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback2;
   int server_ret2 = server_socket_->Handshake(handshake_callback2.callback());
 
   TestCompletionCallback connect_callback2;
   int client_ret2 = client_socket_->Connect(connect_callback2.callback());
 
   client_ret2 = connect_callback2.GetResult(client_ret2);
   server_ret2 = handshake_callback2.GetResult(server_ret2);
 
   ASSERT_EQ(OK, client_ret2);
   ASSERT_EQ(OK, server_ret2);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info2;
   ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info2));
   EXPECT_EQ(ssl_info2.handshake_type, SSLInfo::HANDSHAKE_FULL);
   SSLInfo ssl_server_info2;
   ASSERT_TRUE(server_socket_->GetSSLInfo(&ssl_server_info2));
   EXPECT_EQ(ssl_server_info2.handshake_type, SSLInfo::HANDSHAKE_FULL);
 }
 
 // This test executes Connect() on SSLClientSocket and Handshake() on
 // SSLServerSocket to make sure handshaking between the two sockets is
 // completed successfully, using client certificate.
 TEST_F(SSLServerSocketTest, HandshakeWithClientCert) {
   scoped_refptr<X509Certificate> client_cert =
       ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
-  ConfigureClientCertsForClient(kClientCertFileName, kClientPrivateKeyFileName);
-  ConfigureClientCertsForServer();
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForClient(
+      kClientCertFileName, kClientPrivateKeyFileName));
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   client_ret = connect_callback.GetResult(client_ret);
   server_ret = handshake_callback.GetResult(server_ret);
 
   ASSERT_EQ(OK, client_ret);
   ASSERT_EQ(OK, server_ret);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info;
   client_socket_->GetSSLInfo(&ssl_info);
   EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, ssl_info.cert_status);
   server_socket_->GetSSLInfo(&ssl_info);
-  EXPECT_TRUE(ssl_info.cert.get());
+  ASSERT_TRUE(ssl_info.cert.get());
   EXPECT_TRUE(client_cert->Equals(ssl_info.cert.get()));
 }
 
 // This test executes Connect() on SSLClientSocket and Handshake() twice on
 // SSLServerSocket to make sure handshaking between the two sockets is
 // completed successfully, using client certificate. The second connection is
 // expected to succeed through the session cache.
 TEST_F(SSLServerSocketTest, HandshakeWithClientCertCached) {
   scoped_refptr<X509Certificate> client_cert =
       ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
-  ConfigureClientCertsForClient(kClientCertFileName, kClientPrivateKeyFileName);
-  ConfigureClientCertsForServer();
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForClient(
+      kClientCertFileName, kClientPrivateKeyFileName));
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   client_ret = connect_callback.GetResult(client_ret);
   server_ret = handshake_callback.GetResult(server_ret);
 
   ASSERT_EQ(OK, client_ret);
   ASSERT_EQ(OK, server_ret);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info;
   ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info));
   EXPECT_EQ(ssl_info.handshake_type, SSLInfo::HANDSHAKE_FULL);
   SSLInfo ssl_server_info;
   ASSERT_TRUE(server_socket_->GetSSLInfo(&ssl_server_info));
   ASSERT_TRUE(ssl_server_info.cert.get());
   EXPECT_TRUE(client_cert->Equals(ssl_server_info.cert.get()));
   EXPECT_EQ(ssl_server_info.handshake_type, SSLInfo::HANDSHAKE_FULL);
   server_socket_->Disconnect();
   client_socket_->Disconnect();
 
   // Create the connection again.
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
   TestCompletionCallback handshake_callback2;
   int server_ret2 = server_socket_->Handshake(handshake_callback2.callback());
 
   TestCompletionCallback connect_callback2;
   int client_ret2 = client_socket_->Connect(connect_callback2.callback());
 
   client_ret2 = connect_callback2.GetResult(client_ret2);
   server_ret2 = handshake_callback2.GetResult(server_ret2);
 
   ASSERT_EQ(OK, client_ret2);
   ASSERT_EQ(OK, server_ret2);
 
   // Make sure the cert status is expected.
   SSLInfo ssl_info2;
   ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info2));
   EXPECT_EQ(ssl_info2.handshake_type, SSLInfo::HANDSHAKE_RESUME);
   SSLInfo ssl_server_info2;
   ASSERT_TRUE(server_socket_->GetSSLInfo(&ssl_server_info2));
   ASSERT_TRUE(ssl_server_info2.cert.get());
   EXPECT_TRUE(client_cert->Equals(ssl_server_info2.cert.get()));
   EXPECT_EQ(ssl_server_info2.handshake_type, SSLInfo::HANDSHAKE_RESUME);
 }
 
 TEST_F(SSLServerSocketTest, HandshakeWithClientCertRequiredNotSupplied) {
-  ConfigureClientCertsForServer();
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
   // Use the default setting for the client socket, which is to not send
   // a client certificate. This will cause the client to receive an
   // ERR_SSL_CLIENT_AUTH_CERT_NEEDED error, and allow for inspecting the
   // requested cert_authorities from the CertificateRequest sent by the
   // server.
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   EXPECT_EQ(ERR_SSL_CLIENT_AUTH_CERT_NEEDED,
             connect_callback.GetResult(
                 client_socket_->Connect(connect_callback.callback())));
 
   scoped_refptr<SSLCertRequestInfo> request_info = new SSLCertRequestInfo();
   client_socket_->GetSSLCertRequestInfo(request_info.get());
 
   // Check that the authority name that arrived in the CertificateRequest
   // handshake message is as expected.
   scoped_refptr<X509Certificate> client_cert =
       ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
+  ASSERT_TRUE(client_cert);
   EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info->cert_authorities));
 
   client_socket_->Disconnect();
 
   EXPECT_EQ(ERR_FAILED, handshake_callback.GetResult(server_ret));
 }
 
 TEST_F(SSLServerSocketTest, HandshakeWithClientCertRequiredNotSuppliedCached) {
-  ConfigureClientCertsForServer();
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
   // Use the default setting for the client socket, which is to not send
   // a client certificate. This will cause the client to receive an
   // ERR_SSL_CLIENT_AUTH_CERT_NEEDED error, and allow for inspecting the
   // requested cert_authorities from the CertificateRequest sent by the
   // server.
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   EXPECT_EQ(ERR_SSL_CLIENT_AUTH_CERT_NEEDED,
             connect_callback.GetResult(
                 client_socket_->Connect(connect_callback.callback())));
 
   scoped_refptr<SSLCertRequestInfo> request_info = new SSLCertRequestInfo();
   client_socket_->GetSSLCertRequestInfo(request_info.get());
 
   // Check that the authority name that arrived in the CertificateRequest
   // handshake message is as expected.
   scoped_refptr<X509Certificate> client_cert =
       ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
+  ASSERT_TRUE(client_cert);
   EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info->cert_authorities));
 
   client_socket_->Disconnect();
 
   EXPECT_EQ(ERR_FAILED, handshake_callback.GetResult(server_ret));
   server_socket_->Disconnect();
 
   // Below, check that the cache didn't store the result of a failed handshake.
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
   TestCompletionCallback handshake_callback2;
   int server_ret2 = server_socket_->Handshake(handshake_callback2.callback());
 
   TestCompletionCallback connect_callback2;
   EXPECT_EQ(ERR_SSL_CLIENT_AUTH_CERT_NEEDED,
             connect_callback2.GetResult(
                 client_socket_->Connect(connect_callback2.callback())));
 
   scoped_refptr<SSLCertRequestInfo> request_info2 = new SSLCertRequestInfo();
   client_socket_->GetSSLCertRequestInfo(request_info2.get());
 
   // Check that the authority name that arrived in the CertificateRequest
   // handshake message is as expected.
   EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info2->cert_authorities));
 
   client_socket_->Disconnect();
 
   EXPECT_EQ(ERR_FAILED, handshake_callback2.GetResult(server_ret2));
 }
 
 TEST_F(SSLServerSocketTest, HandshakeWithWrongClientCertSupplied) {
   scoped_refptr<X509Certificate> client_cert =
       ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
-  ConfigureClientCertsForClient(kWrongClientCertFileName,
-                                kWrongClientPrivateKeyFileName);
-  ConfigureClientCertsForServer();
-  CreateContext();
-  CreateSockets();
+  ASSERT_TRUE(client_cert);
+
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForClient(
+      kWrongClientCertFileName, kWrongClientPrivateKeyFileName));
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   EXPECT_EQ(ERR_BAD_SSL_CLIENT_AUTH_CERT,
             connect_callback.GetResult(client_ret));
   EXPECT_EQ(ERR_BAD_SSL_CLIENT_AUTH_CERT,
             handshake_callback.GetResult(server_ret));
 }
 
 TEST_F(SSLServerSocketTest, HandshakeWithWrongClientCertSuppliedCached) {
   scoped_refptr<X509Certificate> client_cert =
       ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
-  ConfigureClientCertsForClient(kWrongClientCertFileName,
-                                kWrongClientPrivateKeyFileName);
-  ConfigureClientCertsForServer();
-  CreateContext();
-  CreateSockets();
+  ASSERT_TRUE(client_cert);
+
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForClient(
+      kWrongClientCertFileName, kWrongClientPrivateKeyFileName));
+  ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   EXPECT_EQ(ERR_BAD_SSL_CLIENT_AUTH_CERT,
             connect_callback.GetResult(client_ret));
   EXPECT_EQ(ERR_BAD_SSL_CLIENT_AUTH_CERT,
             handshake_callback.GetResult(server_ret));
 
   client_socket_->Disconnect();
   server_socket_->Disconnect();
 
   // Below, check that the cache didn't store the result of a failed handshake.
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
   TestCompletionCallback handshake_callback2;
   int server_ret2 = server_socket_->Handshake(handshake_callback2.callback());
 
   TestCompletionCallback connect_callback2;
   int client_ret2 = client_socket_->Connect(connect_callback2.callback());
 
   EXPECT_EQ(ERR_BAD_SSL_CLIENT_AUTH_CERT,
             connect_callback2.GetResult(client_ret2));
   EXPECT_EQ(ERR_BAD_SSL_CLIENT_AUTH_CERT,
             handshake_callback2.GetResult(server_ret2));
 }
 #endif  // defined(USE_OPENSSL)
 
 TEST_F(SSLServerSocketTest, DataTransfer) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   // Establish connection.
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
   ASSERT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
   ASSERT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
 
@@ skipping 62 matching lines @@
   EXPECT_EQ(write_buf->size(), read_buf->BytesConsumed());
   read_buf->SetOffset(0);
   EXPECT_EQ(0, memcmp(write_buf->data(), read_buf->data(), write_buf->size()));
 }
 
 // A regression test for bug 127822 (http://crbug.com/127822).
 // If the server closes the connection after the handshake is finished,
 // the client's Write() call should not cause an infinite loop.
 // NOTE: this is a test for SSLClientSocket rather than SSLServerSocket.
 TEST_F(SSLServerSocketTest, ClientWriteAfterServerClose) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   // Establish connection.
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
   ASSERT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
   ASSERT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
 
@@ skipping 29 matching lines @@
   base::ThreadTaskRunnerHandle::Get()->PostDelayedTask(
       FROM_HERE, base::MessageLoop::QuitWhenIdleClosure(),
       base::TimeDelta::FromMilliseconds(10));
   base::MessageLoop::current()->Run();
 }
 
 // This test executes ExportKeyingMaterial() on the client and server sockets,
 // after connecting them, and verifies that the results match.
 // This test will fail if False Start is enabled (see crbug.com/90208).
 TEST_F(SSLServerSocketTest, ExportKeyingMaterial) {
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
   ASSERT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
   ASSERT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
 
   if (client_ret == ERR_IO_PENDING) {
@@ skipping 39 matching lines @@
       0xc02f,  // ECDHE_RSA_WITH_AES_128_GCM_SHA256
       0xcc13,  // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
       0xcc14,  // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
   };
   client_ssl_config_.disabled_cipher_suites.assign(
       kEcdheCiphers, kEcdheCiphers + arraysize(kEcdheCiphers));
 
   // Require ECDHE on the server.
   server_ssl_config_.require_ecdhe = true;
 
-  CreateContext();
-  CreateSockets();
+  ASSERT_NO_FATAL_FAILURE(CreateContext());
+  ASSERT_NO_FATAL_FAILURE(CreateSockets());
 
   TestCompletionCallback connect_callback;
   int client_ret = client_socket_->Connect(connect_callback.callback());
 
   TestCompletionCallback handshake_callback;
   int server_ret = server_socket_->Handshake(handshake_callback.callback());
 
   client_ret = connect_callback.GetResult(client_ret);
   server_ret = handshake_callback.GetResult(server_ret);
 
   ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, client_ret);
   ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, server_ret);
 }
 
 }  // namespace net