Chromium Code Reviews Chromium Code Reviews
Issue 2225483002:
[ios] Removed CertVerifierBlockAdapter. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: ios/web/net/crw_cert_verification_controller_unittest.mm |
| diff --git a/ios/web/net/crw_cert_verification_controller_unittest.mm b/ios/web/net/crw_cert_verification_controller_unittest.mm |
| index 017f2717775911baa00bc81d032212ec3668527e..237160ec37f5f16d479752a6f956243a553c943a 100644 |
| --- a/ios/web/net/crw_cert_verification_controller_unittest.mm |
| +++ b/ios/web/net/crw_cert_verification_controller_unittest.mm |
| @@ -15,8 +15,6 @@ |
| #include "net/cert/x509_certificate.h" |
| #include "net/test/cert_test_util.h" |
| #include "net/test/test_data_directory.h" |
| -#include "net/url_request/url_request_context.h" |
| -#include "net/url_request/url_request_context_getter.h" |
| namespace web { |
| @@ -33,14 +31,8 @@ class CRWCertVerificationControllerTest : public web::WebTest { |
| void SetUp() override { |
| web::WebTest::SetUp(); |
| - web::BrowserState* browser_state = GetBrowserState(); |
| - net::URLRequestContextGetter* getter = browser_state->GetRequestContext(); |
| - web::WebThread::PostTask(web::WebThread::IO, FROM_HERE, base::BindBlock(^{ |
| - getter->GetURLRequestContext()->set_cert_verifier(&cert_verifier_); |
| - })); |
| - |
| controller_.reset([[CRWCertVerificationController alloc] |
| - initWithBrowserState:browser_state]); |
| + initWithBrowserState:GetBrowserState()]); |
| cert_ = |
| net::ImportCertFromFile(net::GetTestCertsDirectory(), kCertFileName); |
| ASSERT_TRUE(cert_); |
| @@ -51,11 +43,6 @@ class CRWCertVerificationControllerTest : public web::WebTest { |
| invalid_trust_ = web::CreateServerTrustFromChain(chain, kHostName); |
| } |
| - void TearDown() override { |
| - [controller_ shutDown]; |
| - web::WebTest::TearDown(); |
| - } |
| - |
| // Returns NSArray of SecCertificateRef objects for the given |cert|. |
| NSArray* GetChain(const scoped_refptr<net::X509Certificate>& cert) const { |
| NSMutableArray* result = [NSMutableArray |
| @@ -110,7 +97,6 @@ class CRWCertVerificationControllerTest : public web::WebTest { |
| scoped_refptr<net::X509Certificate> cert_; |
| base::ScopedCFTypeRef<SecTrustRef> valid_trust_; |
| base::ScopedCFTypeRef<SecTrustRef> invalid_trust_; |
| - net::MockCertVerifier cert_verifier_; |
| base::scoped_nsobject<CRWCertVerificationController> controller_; |
| }; |
| @@ -119,8 +105,6 @@ TEST_F(CRWCertVerificationControllerTest, PolicyForValidTrust) { |
| net::CertVerifyResult verify_result; |
| verify_result.cert_status = net::CERT_STATUS_NO_REVOCATION_MECHANISM; |
| verify_result.verified_cert = cert_; |
|
Ryan Sleevi
2016/08/08 17:47:37
Unused?
Eugene But (OOO till 7-30)
2016/08/08 20:22:23
Done.
|
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - verify_result, net::OK); |
| web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| net::CertStatus status; |
| DecidePolicy(valid_trust_, kHostName, &policy, &status); |
| @@ -133,15 +117,12 @@ TEST_F(CRWCertVerificationControllerTest, PolicyForInvalidTrust) { |
| net::CertVerifyResult result; |
| result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID; |
| result.verified_cert = cert_; |
|
Ryan Sleevi
2016/08/08 17:47:37
Unused?
Eugene But (OOO till 7-30)
2016/08/08 20:22:23
Done.
|
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - result, |
| - net::ERR_CERT_COMMON_NAME_INVALID); |
| - |
| web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| net::CertStatus status; |
| DecidePolicy(invalid_trust_, kHostName, &policy, &status); |
| EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_UNDECIDED_BY_USER, policy); |
| - EXPECT_EQ(net::CERT_STATUS_COMMON_NAME_INVALID, status); |
| + EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); |
| + EXPECT_TRUE(net::CERT_STATUS_INVALID & status); |
| } |
| // Tests cert policy with an invalid trust accepted by user. |
| @@ -149,8 +130,6 @@ TEST_F(CRWCertVerificationControllerTest, PolicyForInvalidTrustAcceptedByUser) { |
| net::CertVerifyResult result; |
| result.cert_status = net::CERT_STATUS_DATE_INVALID; |
| result.verified_cert = cert_; |
|
Ryan Sleevi
2016/08/08 17:47:37
Unused?
Eugene But (OOO till 7-30)
2016/08/08 20:22:23
Done.
|
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - result, net::ERR_CERT_DATE_INVALID); |
| [controller_ allowCert:cert_.get() |
| forHost:kHostName |
| @@ -159,23 +138,8 @@ TEST_F(CRWCertVerificationControllerTest, PolicyForInvalidTrustAcceptedByUser) { |
| net::CertStatus status; |
| DecidePolicy(invalid_trust_, kHostName, &policy, &status); |
| EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_ACCEPTED_BY_USER, policy); |
| - EXPECT_EQ(net::CERT_STATUS_DATE_INVALID, status); |
| -} |
| - |
| -// Tests cert policy with an invalid trust when CertVerifier considers cert as |
| -// valid. |
| -TEST_F(CRWCertVerificationControllerTest, |
| - PolicyForInvalidTrustWithNoErrorFromCertVerifier) { |
| - net::CertVerifyResult result; |
| - result.verified_cert = cert_; |
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - result, net::OK); |
| - |
| - web::CertAcceptPolicy policy = CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR; |
| - net::CertStatus status; |
| - DecidePolicy(invalid_trust_, kHostName, &policy, &status); |
| - EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_UNDECIDED_BY_USER, policy); |
| - EXPECT_EQ(net::CERT_STATUS_INVALID, status); |
| + EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); |
| + EXPECT_TRUE(net::CERT_STATUS_INVALID & status); |
| } |
| // Tests that allowCert:forHost:status: strips all intermidiate certs. |
|
Ryan Sleevi
2016/08/08 17:47:37
typo: intermediate
Eugene But (OOO till 7-30)
2016/08/08 20:22:23
Done.
|
| @@ -186,8 +150,6 @@ TEST_F(CRWCertVerificationControllerTest, AllowCertIgnoresIntermidiateCerts) { |
| net::CertVerifyResult result; |
| result.cert_status = net::CERT_STATUS_DATE_INVALID; |
| result.verified_cert = cert_; |
|
Ryan Sleevi
2016/08/08 17:47:37
Unused?
Eugene But (OOO till 7-30)
2016/08/08 20:22:23
Done.
|
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - result, net::ERR_CERT_DATE_INVALID); |
| [controller_ allowCert:cert.get() |
| forHost:kHostName |
| @@ -196,7 +158,8 @@ TEST_F(CRWCertVerificationControllerTest, AllowCertIgnoresIntermidiateCerts) { |
| net::CertStatus status; |
| DecidePolicy(invalid_trust_, kHostName, &policy, &status); |
| EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_ACCEPTED_BY_USER, policy); |
| - EXPECT_EQ(net::CERT_STATUS_DATE_INVALID, status); |
| + EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); |
| + EXPECT_TRUE(net::CERT_STATUS_INVALID & status); |
| } |
| // Tests cert policy with null trust. |
| @@ -215,7 +178,8 @@ TEST_F(CRWCertVerificationControllerTest, PolicyForNullHost) { |
| net::CertStatus status; |
| DecidePolicy(invalid_trust_, nil, &policy, &status); |
| EXPECT_EQ(CERT_ACCEPT_POLICY_RECOVERABLE_ERROR_UNDECIDED_BY_USER, policy); |
| - EXPECT_EQ(net::CERT_STATUS_INVALID, status); |
| + EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); |
| + EXPECT_TRUE(net::CERT_STATUS_INVALID & status); |
| } |
| // Tests SSL status with valid trust. |
| @@ -229,36 +193,18 @@ TEST_F(CRWCertVerificationControllerTest, SSLStatusForValidTrust) { |
| } |
| // Tests SSL status with invalid host. |
| -TEST_F(CRWCertVerificationControllerTest, SSLStatusForInvalidHost) { |
| +TEST_F(CRWCertVerificationControllerTest, SSLStatusForInvalidTrust) { |
| net::CertVerifyResult result; |
| result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID; |
| result.verified_cert = cert_; |
|
Ryan Sleevi
2016/08/08 17:47:37
Unused?
Eugene But (OOO till 7-30)
2016/08/08 20:22:23
Done.
|
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - result, |
| - net::ERR_CERT_COMMON_NAME_INVALID); |
| - |
| - SecurityStyle style = SECURITY_STYLE_UNKNOWN; |
| - net::CertStatus status = net::CERT_STATUS_ALL_ERRORS; |
| - |
| - QueryStatus(invalid_trust_, kHostName, &style, &status); |
| - EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, style); |
| - EXPECT_EQ(status, net::CERT_STATUS_COMMON_NAME_INVALID); |
| -} |
| - |
| -// Tests SSL status with expired cert. |
| -TEST_F(CRWCertVerificationControllerTest, SSLStatusForExpiredTrust) { |
| - net::CertVerifyResult result; |
| - result.cert_status = net::CERT_STATUS_DATE_INVALID; |
| - result.verified_cert = cert_; |
| - cert_verifier_.AddResultForCertAndHost(cert_.get(), kHostName.UTF8String, |
| - result, net::ERR_CERT_DATE_INVALID); |
| SecurityStyle style = SECURITY_STYLE_UNKNOWN; |
| net::CertStatus status = net::CERT_STATUS_ALL_ERRORS; |
| QueryStatus(invalid_trust_, kHostName, &style, &status); |
| EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, style); |
| - EXPECT_EQ(net::CERT_STATUS_DATE_INVALID, status); |
| + EXPECT_TRUE(net::CERT_STATUS_AUTHORITY_INVALID & status); |
| + EXPECT_TRUE(net::CERT_STATUS_INVALID & status); |
| } |
| } // namespace web |
