Add initial version of captive portal list checking.

chrome/browser/ssl/ssl_error_handler_unittest.cc

Index: chrome/browser/ssl/ssl_error_handler_unittest.cc
diff --git a/chrome/browser/ssl/ssl_error_handler_unittest.cc b/chrome/browser/ssl/ssl_error_handler_unittest.cc
index dca4034b046ee402ceae32442d046fed9039e8f5..36137c325ea6eb41c44459212546a03d653bfd3b 100644
--- a/chrome/browser/ssl/ssl_error_handler_unittest.cc
+++ b/chrome/browser/ssl/ssl_error_handler_unittest.cc
@@ -16,6 +16,7 @@
 #include "chrome/browser/captive_portal/captive_portal_service.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/common_name_mismatch_handler.h"
+#include "chrome/browser/ssl/tls_error_assistant.pb.h"
 #include "chrome/common/features.h"
 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
 #include "chrome/test/base/testing_profile.h"
@@ -43,6 +44,8 @@ namespace {
 const char kCertDateErrorHistogram[] =
     "interstitial.ssl_error_handler.cert_date_error_delay";
 
+const net::SHA256HashValue kCertPublicKeyHashValue = {{0x01, 0x02}};
+
 }  // namespace
 
 class SSLErrorHandlerForTest : public SSLErrorHandler {
@@ -171,6 +174,8 @@ class SSLErrorHandlerNameMismatchTest : public ChromeRenderViewHostTestHarness {
     ssl_info_.cert =
         net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
     ssl_info_.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+    ssl_info_.public_key_hashes.push_back(
+        net::HashValue(kCertPublicKeyHashValue));
     error_handler_.reset(
         new SSLErrorHandlerForTest(profile(), web_contents(), ssl_info_));
     // Enable finch experiment for captive portal interstitials.
@@ -189,6 +194,8 @@ class SSLErrorHandlerNameMismatchTest : public ChromeRenderViewHostTestHarness {
 
   SSLErrorHandlerForTest* error_handler() { return error_handler_.get(); }
 
+  const net::SSLInfo& ssl_info() { return ssl_info_; }
+
  private:
   net::SSLInfo ssl_info_;
   std::unique_ptr<SSLErrorHandlerForTest> error_handler_;
@@ -549,3 +556,42 @@ TEST_F(SSLErrorHandlerDateInvalidTest, TimeQueryHangs) {
   // Shut down the server to cancel the pending request.
   ASSERT_TRUE(test_server()->ShutdownAndWaitUntilComplete());
 }
+
+TEST_F(SSLErrorHandlerNameMismatchTest, KnownCaptivePortal) {
+  base::HistogramTester histograms;
+
+  EXPECT_FALSE(error_handler()->IsTimerRunning());
+  EXPECT_EQ(1u, ssl_info().public_key_hashes.size());
+
+  chrome_browser_ssl::TLSErrorAssistantConfig config_proto;
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      ssl_info().public_key_hashes[0].ToString());
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
+  SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto);
+
+  error_handler()->StartHandlingError();
+
+  // Timer shouldn't start for a known captive portal certificate.
+  EXPECT_FALSE(error_handler()->IsTimerRunning());
+  EXPECT_FALSE(error_handler()->captive_portal_checked());
+  EXPECT_FALSE(error_handler()->ssl_interstitial_shown());
+  EXPECT_TRUE(error_handler()->captive_portal_interstitial_shown());
+
+  // A buggy SSL error handler might have incorrectly started the timer. Run to
+  // completion to ensure the timer is expired.
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_FALSE(error_handler()->IsTimerRunning());
+  EXPECT_FALSE(error_handler()->captive_portal_checked());
+  EXPECT_FALSE(error_handler()->ssl_interstitial_shown());
+  EXPECT_TRUE(error_handler()->captive_portal_interstitial_shown());
+
+  // Check that the histogram for the captive portal cert was recorded.
+  histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(),

[estark, 2017/01/20 23:31:18]

ditto optional nit about adding an ExpectTotalCount() call

[meacer, 2017/01/31 00:22:47]

Done.

+                               SSLErrorHandler::HANDLE_ALL, 1);
+  histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(),
+                               SSLErrorHandler::CAPTIVE_PORTAL_CERT_FOUND, 1);
+}