chrome/browser/chromeos/login/test/https_forwarder.cc - Issue 2513543003: Don't hardcode copy of root cert in chromeos/login/test/https_forwarder.cc.

Unified Diff: chrome/browser/chromeos/login/test/https_forwarder.cc

Issue 2513543003: Don't hardcode copy of root cert in chromeos/login/test/https_forwarder.cc. (Closed)

Patch Set: Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Index: chrome/browser/chromeos/login/test/https_forwarder.cc

diff --git a/chrome/browser/chromeos/login/test/https_forwarder.cc b/chrome/browser/chromeos/login/test/https_forwarder.cc

index 30044b0bd225dd1a8aebed4d45817e4dae8d591a..b8d234d998107dcc9f7745c22fde36536c3c9d6b 100644

--- a/chrome/browser/chromeos/login/test/https_forwarder.cc

+++ b/chrome/browser/chromeos/login/test/https_forwarder.cc

@@ -14,32 +14,16 @@

#include "base/values.h"

#include "net/cert/test_root_certs.h"

#include "net/cert/x509_certificate.h"

+#include "net/test/cert_test_util.h"

#include "net/test/python_utils.h"

#include "net/test/spawned_test_server/base_test_server.h"

#include "net/test/spawned_test_server/local_test_server.h"

+#include "net/test/test_data_directory.h"

#include "url/third_party/mozilla/url_parse.h"

#include "url/url_canon.h"

namespace chromeos {

-namespace {

-// The root certificate used by net/tools/testserver/minica.py.

-const char kMinicaRootCert[] =

- "-----BEGIN CERTIFICATE-----\n"

- "MIIB0TCCATqgAwIBAgIBATANBgkqhkiG9w0BAQUFADAVMRMwEQYDVQQDEwpUZXN0aW5nIENBMB"

- "4XDTEwMDEwMTA2MDAwMFoXDTMyMTIwMTA2MDAwMFowFTETMBEGA1UEAxMKVGVzdGluZyBDQTCB"

- "nTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEApxmY8pML/nPQMah/Ez0vN47u7tUqd+RND8n/bw"

- "f/Msvz2pmd5O1lgyr8sIB/mHh1BlOdJYoM48LHeWdlMJmpA0qbEVqHbDmoxOTtSs0MZAlZRvs5"

- "7utHoHBNuwGKz0jDocS4lfxAn7SjQKmGsa/EVRmrnspHwwGFx3HGSqXs8H0CAQOjMzAxMBIGA1"

- "UdEwEB/wQIMAYBAf8CAQAwGwYDVR0gAQEABBEwDzANBgsrBgEEAdZ5AgHODzANBgkqhkiG9w0B"

- "AQUFAAOBgQA/STb40A6D+93jMfLGQzXc997IsaJZdoPt7tYa8PqGJBL62EiTj+erd/H5pDZx/2"

- "/bcpOG4m9J56ygwOohbllw2TM+oeEd8syzV6X+1SIPnGI56JRrm3UXcHYx1Rq5loM9WKAiz/Wm"

- "IWmskljsEQ7+542pq0pkHjs8nuXovSkUYA==\n"

- "-----END CERTIFICATE-----";

-} // namespace

// A net::LocalTestServer that handles the actual forwarding to another server.

// Requires that the root certificate used by minica.py be marked as trusted

// before it is used.

@@ -127,16 +111,11 @@ bool HTTPSForwarder::Initialize(const std::string& ssl_host,

// Mark the root certificate used by minica.py as trusted. This will be used

achuithb 2016/11/28 09:09:49 Please update this comment.

mattm 2016/11/28 22:35:49 Done.

// by the Python part of the HTTPSForwarder to generate a certificate for

// |ssl_host_|.

- net::TestRootCerts* root_certs = net::TestRootCerts::GetInstance();

- if (!root_certs)

- return false;

- net::CertificateList certs =

- net::X509Certificate::CreateCertificateListFromBytes(

- kMinicaRootCert, strlen(kMinicaRootCert),

- net::X509Certificate::FORMAT_AUTO);

- if (certs.size() != 1)

+ scoped_refptr<net::X509Certificate> root_cert = net::ImportCertFromFile(

+ net::GetTestCertsDirectory(), "ocsp-test-root.pem");

+ if (!root_cert)

return false;

- root_certs->Add(certs.front().get());

+ test_root_.reset(new net::ScopedTestRoot(root_cert.get()));

ssl_host_ = ssl_host;

forwarding_server_.reset(new ForwardingServer(ssl_host, forward_target));

« chrome/browser/chromeos/login/test/https_forwarder.h ('K') | « chrome/browser/chromeos/login/test/https_forwarder.h ('k') | no next file » | no next file with comments »