Disable CertVerifyProcTest.PaypalNullCertParsing

net/cert/cert_verify_proc_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/cert_verify_proc.h"
 
 #include <vector>
 
 #include "base/callback_helpers.h"
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/sha1.h"
 #include "base/strings/string_number_conversions.h"
+#include "build/build_config.h"
 #include "crypto/sha2.h"
 #include "net/base/net_errors.h"
 #include "net/base/test_data_directory.h"
 #include "net/cert/asn1_util.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/cert/cert_verifier.h"
 #include "net/cert/cert_verify_result.h"
 #include "net/cert/crl_set.h"
 #include "net/cert/crl_set_storage.h"
 #include "net/cert/test_root_certs.h"
@@ skipping 170 matching lines @@
   int error = Verify(comodo_chain.get(),
                      "comodo.com",
                      flags,
                      crl_set.get(),
                      empty_cert_list_,
                      &verify_result);
   EXPECT_EQ(OK, error);
   EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV);
 }
 
-TEST_F(CertVerifyProcTest, PaypalNullCertParsing) {
+// TODO(crbug.com/605457): this test is disabled on iOS as it should check
+// that the certificate has encoding issue but does not currently test it.
+#if !defined(OS_IOS)

[Ryan Sleevi, 2016/04/21 11:29:21]

As explained in the previous CL (but perhaps unclearly), this should be disabled
across all the platforms that aren't rejecting it as invalid

#if defined(USE_NSS_CERTS) || defined(OS_ANDROID) || (defined(OS_IOS) &&
TARGET_IPHONE_SIMULATOR && version < 9,3,0))
#define MAYBE_... PayPal
#else
#define MAYBE_... DISABLED_
#endif

Then remove line 242-246 (which is where the bug was introduced), remove the
#ifdefs around 250/253, and that should do the 'proper' test.

[sdefresne, 2016/04/21 13:04:20]

I've removed line 242-246 and changed the conditional to "defined(USE_NSS_CERTS)
|| !defined(OS_IOS)". This is because I cannot test the version of the OS that
the device is running, only the min deployement target, with macros. So I either
have to disable it completely on iOS or have to do runtime check.

+#define MAYBE_PaypalNullCertParsing PaypalNullCertParsing
+#else
+#define MAYBE_PaypalNullCertParsing DISABLED_PaypalNullCertParsing
+#endif
+
+TEST_F(CertVerifyProcTest, MAYBE_PaypalNullCertParsing) {
   scoped_refptr<X509Certificate> paypal_null_cert(
       X509Certificate::CreateFromBytes(
           reinterpret_cast<const char*>(paypal_null_der),
           sizeof(paypal_null_der)));
 
   ASSERT_NE(static_cast<X509Certificate*>(NULL), paypal_null_cert.get());
 
   const SHA1HashValue& fingerprint =
       paypal_null_cert->fingerprint();
   for (size_t i = 0; i < 20; ++i)
@@ skipping 1485 matching lines @@
   int flags = 0;
   CertVerifyResult verify_result;
   int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_,
                      &verify_result);
   EXPECT_EQ(ERR_CERT_INVALID, error);
   EXPECT_EQ(CERT_STATUS_INVALID, verify_result.cert_status);
 }
 #endif  // defined(OS_MACOSX) && !defined(OS_IOS)
 
 }  // namespace net