Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2672083003:
Re-enable CertVerifyProcInternalTest.PublicKeyHashes. (Closed)
|
Created:
3 years, 10 months ago by eroman Modified:
3 years, 10 months ago Reviewers:
Ryan Sleevi CC:
chromium-reviews, cbentzel+watch_chromium.org, net-reviews_chromium.org Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionRe-enable CertVerifyProcInternalTest.PublicKeyHashes.
BUG=610546, 649017
Review-Url: https://codereview.chromium.org/2672083003
Cr-Commit-Position: refs/heads/master@{#448353}
Committed: https://chromium.googlesource.com/chromium/src/+/45b6e7c94dabd216c9ce503f5259fd245af14cef
Patch Set 1 #Patch Set 2 : delete kTwitterSPKIs / kTwitterSPKIsSHA256 #
Total comments: 8
Patch Set 3 : address rsleevi feedback #Patch Set 4 : simplify #Patch Set 5 : switch to base64 #
Total comments: 2
Patch Set 6 : switch to EXPECT_THAT() #
Messages
Total messages: 38 (27 generated)
The CQ bit was checked by eroman@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
eroman@chromium.org changed reviewers: + rsleevi@chromium.org
I changed the setup of this test a bit, WDYT? (going with synthetic chain instead of the expired twitter one). I would like to enable this test since I need coverage of the public key hashes for testing CertVerifyProcBuiltin.
The CQ bit was checked by eroman@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... File net/cert/cert_verify_proc_unittest.cc (right): https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:743: // verifies the public key hashes chain rather than the chain itself. This isn't necessary to match that. We're really just trying to test that it fills PublicKeyHashes with all the values. https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:755: // Construct the chain out of order. This isn't necessary for the test https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:773: HashValueVector sha256_hashes; concrete suggestion: vector<SHA1HashValue> and vector<SHA256HashValue> for these will allow you to make use of vector== https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:804: } Interesting, the original test was relying on a (non-guaranteed) API behaviour, which is that hashes are in a particular order (we don't presently guarantee that, and every time I add a new search thing I keep wondering whether it's worth paying the 1-time sort cost in CertVerifyProc and having the API guarantee sort-stability You can replace this with EXPECT_THAT(sha256_hashes, WhenSorted(UnorderedElementsAreArray(kExpectedSHA256Hashes)));
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
Description was changed from ========== Re-enable CertVerifyProcInternalTest.PublicKeyHashes. BUG=610546 ========== to ========== Re-enable CertVerifyProcInternalTest.PublicKeyHashes. BUG=610546,649017 ==========
The CQ bit was checked by eroman@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... File net/cert/cert_verify_proc_unittest.cc (right): https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:743: // verifies the public key hashes chain rather than the chain itself. On 2017/02/03 23:54:21, Ryan Sleevi wrote: > This isn't necessary to match that. We're really just trying to test that it > fills PublicKeyHashes with all the values. Done. https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:755: // Construct the chain out of order. On 2017/02/03 23:54:21, Ryan Sleevi wrote: > This isn't necessary for the test Done. https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:773: HashValueVector sha256_hashes; On 2017/02/03 23:54:21, Ryan Sleevi wrote: > concrete suggestion: vector<SHA1HashValue> and vector<SHA256HashValue> for these > will allow you to make use of vector== no longer applicable https://codereview.chromium.org/2672083003/diff/20001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:804: } On 2017/02/03 23:54:21, Ryan Sleevi wrote: > Interesting, the original test was relying on a (non-guaranteed) API behaviour, > which is that hashes are in a particular order (we don't presently guarantee > that, and every time I add a new search thing I keep wondering whether it's > worth paying the 1-time sort cost in CertVerifyProc and having the API guarantee > sort-stability > > You can replace this with > > EXPECT_THAT(sha256_hashes, > WhenSorted(UnorderedElementsAreArray(kExpectedSHA256Hashes))); Done -- removed ordering requirement in test, and made some changes to the documentation.
The CQ bit was checked by eroman@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was checked by eroman@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
lgtm https://codereview.chromium.org/2672083003/diff/80001/net/cert/cert_verify_pr... File net/cert/cert_verify_proc_unittest.cc (right): https://codereview.chromium.org/2672083003/diff/80001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:798: EXPECT_EQ(expected_public_key_hashes, public_key_hash_strings); So, to be clear: This totally works for me as is, but I do wonder whether we should be adopting more GMock EXPECT_THAT assertions, as they do offer pretty printers, and (for better or worse) we've already adopted things like EXPECT_OK & friends Even though googletest recommends it as the new way (and google3 is moving there), the last thread on chromium-dev had more ambivalence to that, so like I said, it's not a hard or fast thing. It does seem prettier with an EXPECT_THAT when reading, and you get some nicer printers, but at the same time, I'm conscious that if we push more GMock, we'll eventually end up having to deal with the gross parts too :)
The CQ bit was checked by eroman@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
https://codereview.chromium.org/2672083003/diff/80001/net/cert/cert_verify_pr... File net/cert/cert_verify_proc_unittest.cc (right): https://codereview.chromium.org/2672083003/diff/80001/net/cert/cert_verify_pr... net/cert/cert_verify_proc_unittest.cc:798: EXPECT_EQ(expected_public_key_hashes, public_key_hash_strings); On 2017/02/04 01:47:02, Ryan Sleevi wrote: > So, to be clear: This totally works for me as is, but I do wonder whether we > should be adopting more GMock EXPECT_THAT assertions, as they do offer pretty > printers, and (for better or worse) we've already adopted things like EXPECT_OK > & friends > > Even though googletest recommends it as the new way (and google3 is moving > there), the last thread on chromium-dev had more ambivalence to that, so like I > said, it's not a hard or fast thing. > > It does seem prettier with an EXPECT_THAT when reading, and you get some nicer > printers, but at the same time, I'm conscious that if we push more GMock, we'll > eventually end up having to deal with the gross parts too :) Done.
The CQ bit was unchecked by eroman@chromium.org
The CQ bit was checked by eroman@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from rsleevi@chromium.org Link to the patchset: https://codereview.chromium.org/2672083003/#ps100001 (title: "switch to EXPECT_THAT()")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: chromium_presubmit on master.tryserver.chromium.linux (JOB_TIMED_OUT, no build URL)
The CQ bit was checked by rsleevi@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: chromium_presubmit on master.tryserver.chromium.linux (JOB_TIMED_OUT, no build URL) linux_chromium_asan_rel_ng on master.tryserver.chromium.linux (JOB_TIMED_OUT, no build URL) linux_chromium_chromeos_ozone_rel_ng on master.tryserver.chromium.linux (JOB_TIMED_OUT, no build URL) linux_chromium_chromeos_rel_ng on master.tryserver.chromium.linux (JOB_TIMED_OUT, no build URL) win_chromium_rel_ng on master.tryserver.chromium.win (JOB_TIMED_OUT, no build URL) win_chromium_x64_rel_ng on master.tryserver.chromium.win (JOB_TIMED_OUT, no build URL)
The CQ bit was checked by eroman@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
CQ is committing da patch.
Bot data: {"patchset_id": 100001, "attempt_start_ts": 1486404630055340,
"parent_rev": "1b08650cd63cbd6fa11cc5a840d716a3b945306b", "commit_rev":
"45b6e7c94dabd216c9ce503f5259fd245af14cef"}
Message was sent while issue was closed.
Description was changed from ========== Re-enable CertVerifyProcInternalTest.PublicKeyHashes. BUG=610546,649017 ========== to ========== Re-enable CertVerifyProcInternalTest.PublicKeyHashes. BUG=610546,649017 Review-Url: https://codereview.chromium.org/2672083003 Cr-Commit-Position: refs/heads/master@{#448353} Committed: https://chromium.googlesource.com/chromium/src/+/45b6e7c94dabd216c9ce503f5259... ==========
Message was sent while issue was closed.
Committed patchset #6 (id:100001) as https://chromium.googlesource.com/chromium/src/+/45b6e7c94dabd216c9ce503f5259... |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
