Index: net/url_request/url_request_unittest.cc |
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc |
index cd41ebba004bd5a806f7ee4d2799f6c29f36fc2d..ff6610fb59b82705d391af929e8b7b13c039562d 100644 |
--- a/net/url_request/url_request_unittest.cc |
+++ b/net/url_request/url_request_unittest.cc |
@@ -9247,15 +9247,17 @@ class HTTPSOCSPTest : public HTTPSRequestTest { |
#endif |
} |
- void DoConnection(const SpawnedTestServer::SSLOptions& ssl_options, |
- CertStatus* out_cert_status) { |
- // We always overwrite out_cert_status. |
- *out_cert_status = 0; |
+ ::testing::AssertionResult DoConnection( |
svaldez
2016/06/23 14:03:16
Is this change necessary?
|
+ const SpawnedTestServer::SSLOptions& ssl_options, |
+ SSLInfo* out_ssl_info) { |
+ // Always overwrite |out_ssl_info|. |
+ out_ssl_info->Reset(); |
+ |
SpawnedTestServer test_server( |
SpawnedTestServer::TYPE_HTTPS, |
ssl_options, |
base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
- ASSERT_TRUE(test_server.Start()); |
+ EXPECT_TRUE(test_server.Start()); |
TestDelegate d; |
d.set_allow_certificate_errors(true); |
@@ -9264,9 +9266,23 @@ class HTTPSOCSPTest : public HTTPSRequestTest { |
r->Start(); |
base::RunLoop().Run(); |
- |
EXPECT_EQ(1, d.response_started_count()); |
- *out_cert_status = r->ssl_info().cert_status; |
+ |
+ *out_ssl_info = r->ssl_info(); |
+ return ::testing::AssertionSuccess(); |
+ } |
+ |
+ ::testing::AssertionResult DoConnection( |
svaldez
2016/06/23 14:03:16
Same.
|
+ const SpawnedTestServer::SSLOptions& ssl_options, |
+ CertStatus* out_cert_status) { |
+ // Always overwrite |out_cert_status|. |
+ *out_cert_status = 0; |
+ |
+ SSLInfo ssl_info; |
+ EXPECT_TRUE(DoConnection(ssl_options, &ssl_info)); |
+ |
+ *out_cert_status = ssl_info.cert_status; |
+ return ::testing::AssertionSuccess(); |
} |
~HTTPSOCSPTest() override { |
@@ -9485,6 +9501,81 @@ TEST_F(HTTPSOCSPTest, MAYBE_RevokedStapled) { |
EXPECT_TRUE(cert_status & CERT_STATUS_REV_CHECKING_ENABLED); |
} |
+static const struct OCSPVerifyTestData { |
+ SpawnedTestServer::SSLOptions::OCSPStatus ocsp_status; |
+ SpawnedTestServer::SSLOptions::OCSPDate ocsp_date; |
+ OCSPVerifyResult::ResponseStatus response_status; |
+ bool is_date_valid; |
+ bool has_cert_status; |
+ OCSPCertStatus::Status cert_status; |
+} kOCSPVerifyData[] = { |
+ { |
+ SpawnedTestServer::SSLOptions::OCSP_OK, |
+ SpawnedTestServer::SSLOptions::OCSP_VALID, OCSPVerifyResult::PROVIDED, |
+ true, true, OCSPCertStatus::Status::GOOD, |
+ }, |
+ { |
+ SpawnedTestServer::SSLOptions::OCSP_OK, |
+ SpawnedTestServer::SSLOptions::OCSP_OLD, |
+ OCSPVerifyResult::NO_MATCHING_RESPONSE, false, false, |
+ OCSPCertStatus::Status::GOOD, |
+ }, |
+ { |
+ SpawnedTestServer::SSLOptions::OCSP_OK, |
+ SpawnedTestServer::SSLOptions::OCSP_YOUNG, |
+ OCSPVerifyResult::NO_MATCHING_RESPONSE, false, false, |
+ OCSPCertStatus::Status::GOOD, |
+ }, |
+ { |
+ SpawnedTestServer::SSLOptions::OCSP_OK, |
+ SpawnedTestServer::SSLOptions::OCSP_LONG, |
+ OCSPVerifyResult::NO_MATCHING_RESPONSE, false, false, |
+ OCSPCertStatus::Status::GOOD, |
+ }, |
+}; |
+ |
+class HTTPSOCSPVerifyTest |
+ : public HTTPSOCSPTest, |
+ public testing::WithParamInterface<OCSPVerifyTestData> { |
+ public: |
+ HTTPSOCSPVerifyTest() = default; |
+ virtual ~HTTPSOCSPVerifyTest() {} |
+}; |
+ |
+TEST_P(HTTPSOCSPVerifyTest, SingleResponse) { |
+ SpawnedTestServer::SSLOptions ssl_options( |
+ SpawnedTestServer::SSLOptions::CERT_AUTO); |
+ OCSPVerifyTestData test = GetParam(); |
+ ssl_options.ocsp_status = test.ocsp_status; |
+ ssl_options.ocsp_date = test.ocsp_date; |
+ ssl_options.staple_ocsp_response = true; |
+ |
+ SSLInfo ssl_info; |
+ ASSERT_TRUE(DoConnection(ssl_options, &ssl_info)); |
+ |
+ EXPECT_EQ(0u, ssl_info.cert_status & CERT_STATUS_ALL_ERRORS); |
+ EXPECT_EQ(test.response_status, ssl_info.ocsp.response_status); |
+ |
+ ASSERT_EQ(1u, ssl_info.ocsp.stapled_responses.size()); |
+ EXPECT_TRUE(ssl_info.ocsp.stapled_responses[0].did_parse); |
+ EXPECT_EQ(test.is_date_valid, |
+ ssl_info.ocsp.stapled_responses[0].is_date_valid); |
+ EXPECT_TRUE(ssl_info.ocsp.stapled_responses[0].is_correct_certificate); |
+ EXPECT_EQ(OCSPCertStatus::Status::GOOD, |
+ ssl_info.ocsp.stapled_responses[0].status); |
+ |
+ if (test.has_cert_status) { |
+ ASSERT_TRUE(ssl_info.ocsp.cert_status); |
+ EXPECT_EQ(test.cert_status, *ssl_info.ocsp.cert_status); |
+ } else { |
+ EXPECT_FALSE(ssl_info.ocsp.cert_status); |
+ } |
+}; |
+ |
+INSTANTIATE_TEST_CASE_P(OCSPVerify, |
+ HTTPSOCSPVerifyTest, |
+ testing::ValuesIn(kOCSPVerifyData)); |
+ |
class HTTPSHardFailTest : public HTTPSOCSPTest { |
protected: |
void SetupContext() override { |