net/cert/cert_verify_proc_unittest.cc - Issue 1871043003: Fixing BoringSSL on iOS

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/cert_verify_proc_unittest.cc

Issue 1871043003: Fixing BoringSSL on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Adding simulator fix. Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/cert_verify_proc_unittest.cc

diff --git a/net/cert/cert_verify_proc_unittest.cc b/net/cert/cert_verify_proc_unittest.cc

index 07ef561581240a34723d1739447fa31716614e68..3f87f16b7c8d36d6bb987148099c7a6b9856ec6f 100644

--- a/net/cert/cert_verify_proc_unittest.cc

+++ b/net/cert/cert_verify_proc_unittest.cc

@@ -103,6 +103,9 @@ bool SupportsDetectingKnownRoots() {

// the verified certificate chain and detect known roots.

if (base::android::BuildInfo::GetInstance()->sdk_int() < 17)

return false;

+#elif defined(OS_IOS) && defined(USE_OPENSSL)

+ // iOS does not expose the APIs necessary to get the known system roots.

+ return false;

#endif

return true;

}

@@ -223,6 +226,12 @@ TEST_F(CertVerifyProcTest, PaypalNullCertParsing) {

&verify_result);

#if defined(USE_NSS_VERIFIER) || defined(OS_ANDROID)

EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, error);

+#elif defined(OS_IOS)

+ // iOS returns a ERR_CERT_INVALID error on the real device, while returning

+ // a ERR_CERT_AUTHORITY_INVALID on the simulator.

+ EXPECT_NE(OK, error);

+ EXPECT_TRUE(verify_result.cert_status &

+ (CERT_STATUS_AUTHORITY_INVALID | CERT_STATUS_INVALID));

#else

// TOOD(bulach): investigate why macosx and win aren't returning

// ERR_CERT_INVALID or ERR_CERT_COMMON_NAME_INVALID.

@@ -1103,8 +1112,8 @@ TEST_F(CertVerifyProcTest, IsIssuedByKnownRootIgnoresTestRoots) {

EXPECT_FALSE(verify_result.is_issued_by_known_root);

}

-#if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_WIN) || \

- defined(OS_MACOSX)

+#if defined(USE_NSS_VERIFIER) || defined(OS_WIN) || \

+ (defined(OS_MACOSX) && !defined(OS_IOS))

// Test that CRLSets are effective in making a certificate appear to be

// revoked.

TEST_F(CertVerifyProcTest, CRLSet) {

« net/cert/cert_verify_proc_ios.cc ('K') | « net/cert/cert_verify_proc_ios.cc ('k') | net/net.gyp » ('j') | no next file with comments »