Add missing call to TestRootCerts::Clear() after usage.

net/cert/cert_verify_proc_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/cert_verify_proc.h"
 
 #include <vector>
 
 #include "base/callback_helpers.h"
 #include "base/files/file_path.h"
@@ skipping 995 matching lines @@
 
   // Verification should pass.
   int flags = 0;
   CertVerifyResult verify_result;
   int error = Verify(
       cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, &verify_result);
   EXPECT_EQ(OK, error);
   EXPECT_EQ(0U, verify_result.cert_status);
   // But should not be marked as a known root.
   EXPECT_FALSE(verify_result.is_issued_by_known_root);
+
+  root_certs->Clear();

[wtc, 2014/03/25 16:00:19]

Please add a comment to note why it is necessary to clear the test root certs
store. At first I thought you just wanted to test the Clear() method.

[haavardm, 2014/03/25 17:18:03]

This call is done like this many places (basically everytime
TestRootCerts::GetInstance() is used without ScopedTestRoot). So in that case I
should make a comment for all of these.

[wtc, 2014/03/25 22:24:13]

I see. If you think adding a comment for all of these would be excessive, then
we don't need to do that. I didn't remember how TestRootCerts works, so I was
confused by this.

+  EXPECT_TRUE(root_certs->IsEmpty());
 }
 
 #if defined(OS_MACOSX) && !defined(OS_IOS)
 // Tests that, on OS X, issues with a cross-certified Baltimore CyberTrust
 // Root can be successfully worked around once Apple completes removing the
 // older GTE CyberTrust Root from its trusted root store.
 //
 // The issue is caused by servers supplying the cross-certified intermediate
 // (necessary for certain mobile platforms), which OS X does not recognize
 // as already existing within its trust store.
@@ skipping 100 matching lines @@
                                         intermediate_chain_2);
   error = Verify(baltimore_chain_with_root.get(),
                  "cacert.omniroot.com",
                  flags,
                  NULL,
                  empty_cert_list_,
                  &verify_result);
   EXPECT_EQ(OK, error);
   EXPECT_EQ(0U, verify_result.cert_status);
 
+  TestRootCerts::GetInstance()->Clear();
+  EXPECT_TRUE(TestRootCerts::GetInstance()->IsEmpty());
 }
 #endif
 
 #if defined(USE_NSS) || defined(OS_IOS) || defined(OS_WIN) || defined(OS_MACOSX)
 static const uint8 kCRLSetLeafSPKIBlocked[] = {
   0x8e, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a,
   0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70,
   0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22,
   0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22,
   0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c,
@@ skipping 447 matching lines @@
     EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID);
   }
 }
 
 WRAPPED_INSTANTIATE_TEST_CASE_P(
     VerifyName,
     CertVerifyProcNameTest,
     testing::ValuesIn(kVerifyNameData));
 
 }  // namespace net