| Index: net/cert/multi_threaded_cert_verifier_unittest.cc
|
| diff --git a/net/cert/multi_threaded_cert_verifier_unittest.cc b/net/cert/multi_threaded_cert_verifier_unittest.cc
|
| index 26d9e0205f6920f70764bb98af00091dd234f87b..63670a5ebd2ad2e8071db5e9b22a4ffe9a67b78b 100644
|
| --- a/net/cert/multi_threaded_cert_verifier_unittest.cc
|
| +++ b/net/cert/multi_threaded_cert_verifier_unittest.cc
|
| @@ -14,19 +14,13 @@
|
| #include "net/base/net_errors.h"
|
| #include "net/base/test_completion_callback.h"
|
| #include "net/base/test_data_directory.h"
|
| -#include "net/cert/cert_trust_anchor_provider.h"
|
| -#include "net/cert/cert_verifier.h"
|
| #include "net/cert/cert_verify_proc.h"
|
| #include "net/cert/cert_verify_result.h"
|
| #include "net/cert/x509_certificate.h"
|
| #include "net/log/net_log.h"
|
| #include "net/test/cert_test_util.h"
|
| -#include "testing/gmock/include/gmock/gmock.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
|
|
| -using testing::Mock;
|
| -using testing::ReturnRef;
|
| -
|
| namespace net {
|
|
|
| namespace {
|
| @@ -60,14 +54,6 @@ class MockCertVerifyProc : public CertVerifyProc {
|
| }
|
| };
|
|
|
| -class MockCertTrustAnchorProvider : public CertTrustAnchorProvider {
|
| - public:
|
| - MockCertTrustAnchorProvider() {}
|
| - virtual ~MockCertTrustAnchorProvider() {}
|
| -
|
| - MOCK_METHOD0(GetAdditionalTrustAnchors, const CertificateList&());
|
| -};
|
| -
|
| } // namespace
|
|
|
| class MultiThreadedCertVerifierTest : public ::testing::Test {
|
| @@ -79,106 +65,6 @@ class MultiThreadedCertVerifierTest : public ::testing::Test {
|
| MultiThreadedCertVerifier verifier_;
|
| };
|
|
|
| -TEST_F(MultiThreadedCertVerifierTest, CacheHit) {
|
| - base::FilePath certs_dir = GetTestCertsDirectory();
|
| - scoped_refptr<X509Certificate> test_cert(
|
| - ImportCertFromFile(certs_dir, "ok_cert.pem"));
|
| - ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert.get());
|
| -
|
| - int error;
|
| - CertVerifyResult verify_result;
|
| - TestCompletionCallback callback;
|
| - std::unique_ptr<CertVerifier::Request> request;
|
| -
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(test_cert, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - ASSERT_EQ(ERR_IO_PENDING, error);
|
| - EXPECT_TRUE(request);
|
| - error = callback.WaitForResult();
|
| - ASSERT_TRUE(IsCertificateError(error));
|
| - ASSERT_EQ(1u, verifier_.requests());
|
| - ASSERT_EQ(0u, verifier_.cache_hits());
|
| - ASSERT_EQ(0u, verifier_.inflight_joins());
|
| - ASSERT_EQ(1u, verifier_.GetCacheSize());
|
| -
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(test_cert, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - // Synchronous completion.
|
| - ASSERT_NE(ERR_IO_PENDING, error);
|
| - ASSERT_TRUE(IsCertificateError(error));
|
| - ASSERT_FALSE(request);
|
| - ASSERT_EQ(2u, verifier_.requests());
|
| - ASSERT_EQ(1u, verifier_.cache_hits());
|
| - ASSERT_EQ(0u, verifier_.inflight_joins());
|
| - ASSERT_EQ(1u, verifier_.GetCacheSize());
|
| -}
|
| -
|
| -// Tests the same server certificate with different intermediate CA
|
| -// certificates. These should be treated as different certificate chains even
|
| -// though the two X509Certificate objects contain the same server certificate.
|
| -TEST_F(MultiThreadedCertVerifierTest, DifferentCACerts) {
|
| - base::FilePath certs_dir = GetTestCertsDirectory();
|
| -
|
| - scoped_refptr<X509Certificate> server_cert =
|
| - ImportCertFromFile(certs_dir, "salesforce_com_test.pem");
|
| - ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get());
|
| -
|
| - scoped_refptr<X509Certificate> intermediate_cert1 =
|
| - ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem");
|
| - ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1.get());
|
| -
|
| - scoped_refptr<X509Certificate> intermediate_cert2 =
|
| - ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2016.pem");
|
| - ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert2.get());
|
| -
|
| - X509Certificate::OSCertHandles intermediates;
|
| - intermediates.push_back(intermediate_cert1->os_cert_handle());
|
| - scoped_refptr<X509Certificate> cert_chain1 =
|
| - X509Certificate::CreateFromHandle(server_cert->os_cert_handle(),
|
| - intermediates);
|
| -
|
| - intermediates.clear();
|
| - intermediates.push_back(intermediate_cert2->os_cert_handle());
|
| - scoped_refptr<X509Certificate> cert_chain2 =
|
| - X509Certificate::CreateFromHandle(server_cert->os_cert_handle(),
|
| - intermediates);
|
| -
|
| - int error;
|
| - CertVerifyResult verify_result;
|
| - TestCompletionCallback callback;
|
| - std::unique_ptr<CertVerifier::Request> request;
|
| -
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(cert_chain1, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - ASSERT_EQ(ERR_IO_PENDING, error);
|
| - EXPECT_TRUE(request);
|
| - error = callback.WaitForResult();
|
| - ASSERT_TRUE(IsCertificateError(error));
|
| - ASSERT_EQ(1u, verifier_.requests());
|
| - ASSERT_EQ(0u, verifier_.cache_hits());
|
| - ASSERT_EQ(0u, verifier_.inflight_joins());
|
| - ASSERT_EQ(1u, verifier_.GetCacheSize());
|
| -
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(cert_chain2, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - ASSERT_EQ(ERR_IO_PENDING, error);
|
| - EXPECT_TRUE(request);
|
| - error = callback.WaitForResult();
|
| - ASSERT_TRUE(IsCertificateError(error));
|
| - ASSERT_EQ(2u, verifier_.requests());
|
| - ASSERT_EQ(0u, verifier_.cache_hits());
|
| - ASSERT_EQ(0u, verifier_.inflight_joins());
|
| - ASSERT_EQ(2u, verifier_.GetCacheSize());
|
| -}
|
| -
|
| // Tests an inflight join.
|
| TEST_F(MultiThreadedCertVerifierTest, InflightJoin) {
|
| base::FilePath certs_dir = GetTestCertsDirectory();
|
| @@ -211,7 +97,6 @@ TEST_F(MultiThreadedCertVerifierTest, InflightJoin) {
|
| error = callback2.WaitForResult();
|
| ASSERT_TRUE(IsCertificateError(error));
|
| ASSERT_EQ(2u, verifier_.requests());
|
| - ASSERT_EQ(0u, verifier_.cache_hits());
|
| ASSERT_EQ(1u, verifier_.inflight_joins());
|
| }
|
|
|
| @@ -246,7 +131,6 @@ TEST_F(MultiThreadedCertVerifierTest, CancelRequest) {
|
| ASSERT_EQ(ERR_IO_PENDING, error);
|
| EXPECT_TRUE(request);
|
| error = callback.WaitForResult();
|
| - verifier_.ClearCache();
|
| }
|
| }
|
|
|
| @@ -281,68 +165,6 @@ TEST_F(MultiThreadedCertVerifierTest, CancelRequestThenQuit) {
|
| // Destroy |verifier| by going out of scope.
|
| }
|
|
|
| -TEST_F(MultiThreadedCertVerifierTest, CertTrustAnchorProvider) {
|
| - MockCertTrustAnchorProvider trust_provider;
|
| - verifier_.SetCertTrustAnchorProvider(&trust_provider);
|
| -
|
| - scoped_refptr<X509Certificate> test_cert(
|
| - ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
|
| - ASSERT_TRUE(test_cert.get());
|
| -
|
| - const CertificateList empty_cert_list;
|
| - CertificateList cert_list;
|
| - cert_list.push_back(test_cert);
|
| -
|
| - // Check that Verify() asks the |trust_provider| for the current list of
|
| - // additional trust anchors.
|
| - int error;
|
| - CertVerifyResult verify_result;
|
| - TestCompletionCallback callback;
|
| - std::unique_ptr<CertVerifier::Request> request;
|
| - EXPECT_CALL(trust_provider, GetAdditionalTrustAnchors())
|
| - .WillOnce(ReturnRef(empty_cert_list));
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(test_cert, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - Mock::VerifyAndClearExpectations(&trust_provider);
|
| - ASSERT_EQ(ERR_IO_PENDING, error);
|
| - EXPECT_TRUE(request);
|
| - error = callback.WaitForResult();
|
| - EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, error);
|
| - ASSERT_EQ(1u, verifier_.requests());
|
| - ASSERT_EQ(0u, verifier_.cache_hits());
|
| -
|
| - // The next Verify() uses the cached result.
|
| - EXPECT_CALL(trust_provider, GetAdditionalTrustAnchors())
|
| - .WillOnce(ReturnRef(empty_cert_list));
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(test_cert, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - Mock::VerifyAndClearExpectations(&trust_provider);
|
| - EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, error);
|
| - EXPECT_FALSE(request);
|
| - ASSERT_EQ(2u, verifier_.requests());
|
| - ASSERT_EQ(1u, verifier_.cache_hits());
|
| -
|
| - // Another Verify() for the same certificate but with a different list of
|
| - // trust anchors will not reuse the cache.
|
| - EXPECT_CALL(trust_provider, GetAdditionalTrustAnchors())
|
| - .WillOnce(ReturnRef(cert_list));
|
| - error = verifier_.Verify(
|
| - CertVerifier::RequestParams(test_cert, "www.example.com", 0,
|
| - std::string(), CertificateList()),
|
| - NULL, &verify_result, callback.callback(), &request, BoundNetLog());
|
| - Mock::VerifyAndClearExpectations(&trust_provider);
|
| - ASSERT_EQ(ERR_IO_PENDING, error);
|
| - EXPECT_TRUE(request);
|
| - error = callback.WaitForResult();
|
| - EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, error);
|
| - ASSERT_EQ(3u, verifier_.requests());
|
| - ASSERT_EQ(1u, verifier_.cache_hits());
|
| -}
|
| -
|
| // Tests de-duplication of requests.
|
| // Starts up 5 requests, of which 3 are unique.
|
| TEST_F(MultiThreadedCertVerifierTest, MultipleInflightJoin) {
|
| @@ -418,7 +240,6 @@ TEST_F(MultiThreadedCertVerifierTest, MultipleInflightJoin) {
|
|
|
| // Let the other requests automatically cancel.
|
| ASSERT_EQ(5u, verifier_.requests());
|
| - ASSERT_EQ(0u, verifier_.cache_hits());
|
| ASSERT_EQ(2u, verifier_.inflight_joins());
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 1991653002:
Move caching out of MultiThreadedCertVerifier (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@request_params