Make X509Certificate creation fail if X509Certificate::Initialize fails.

net/socket/ssl_client_socket_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket.h"
 
 #include <errno.h>
 #include <string.h>
 
 #include <algorithm>
@@ skipping 60 matching lines @@
 #include "testing/gtest/include/gtest/gtest.h"
 #include "testing/platform_test.h"
 #include "third_party/boringssl/src/include/openssl/bio.h"
 #include "third_party/boringssl/src/include/openssl/evp.h"
 #include "third_party/boringssl/src/include/openssl/pem.h"
 
 using net::test::IsError;
 using net::test::IsOk;
 
 using testing::_;
+using testing::AnyOf;
 using testing::Return;
 using testing::Truly;
 
 namespace net {
 
 class NetLogWithSource;
 
 namespace {
 
 // WrappedStreamSocket is a base class that wraps an existing StreamSocket,
@@ skipping 1195 matching lines @@
 
   // Rather than testing whether or not the underlying socket is connected,
   // test that the handshake has finished. This is because it may be
   // desirable to disconnect the socket before showing a user prompt, since
   // the user may take indefinitely long to respond.
   TestNetLogEntry::List entries;
   log_.GetEntries(&entries);
   EXPECT_TRUE(LogContainsEndEvent(entries, -1, NetLogEventType::SSL_CONNECT));
 }
 
-#if defined(OS_WIN)
 // Tests that certificates parsable by SSLClientSocket's internal SSL
 // implementation, but not X509Certificate are treated as fatal connection
 // errors. This is a regression test for https://crbug.com/91341.
 TEST_F(SSLClientSocketTest, ConnectBadValidity) {
   SpawnedTestServer::SSLOptions ssl_options(
       SpawnedTestServer::SSLOptions::CERT_BAD_VALIDITY);
   ASSERT_TRUE(StartTestServer(ssl_options));
+  cert_verifier_->set_default_result(ERR_CERT_DATE_INVALID);
+
   SSLConfig ssl_config;
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
 
+#if defined(OS_WIN)
   EXPECT_THAT(rv, IsError(ERR_SSL_SERVER_CERT_BAD_FORMAT));
   EXPECT_FALSE(IsCertificateError(rv));
+#elif defined(OS_ANDROID)
+  // Android date handling behavior can vary depending on the platform.
+  EXPECT_THAT(rv, AnyOf(IsError(ERR_SSL_SERVER_CERT_BAD_FORMAT),
+                        IsError(ERR_CERT_DATE_INVALID)));
+#else  // !(defined(OS_WIN) || defined(OS_ANDROID))
+  EXPECT_THAT(rv, IsError(ERR_CERT_DATE_INVALID));
+#endif
 }
-#endif  // defined(OS_WIN)
 
 // Attempt to connect to a page which requests a client certificate. It should
 // return an error code on connect.
 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) {
   SpawnedTestServer::SSLOptions ssl_options;
   ssl_options.request_client_certificate = true;
   ASSERT_TRUE(StartTestServer(ssl_options));
 
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(SSLConfig(), &rv));
@@ skipping 2548 matching lines @@
   // The read buffer should be released.
   StreamSocket::SocketMemoryStats stats;
   client->DumpMemoryStats(&stats);
   EXPECT_EQ(0u, stats.buffer_size);
   EXPECT_EQ(1u, stats.cert_count);
   EXPECT_LT(0u, stats.cert_size);
   EXPECT_EQ(stats.cert_size, stats.total_size);
 }
 
 }  // namespace net