Fix SSL browser test for TLS client auth.

chrome/browser/ssl/ssl_browser_tests.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
+#include "base/bind.h"
+#include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/path_service.h"
 #include "base/prefs/pref_service.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/time/time.h"
 #include "chrome/app/chrome_command_ids.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/content_settings/host_content_settings_map.h"
@@ skipping 17 matching lines @@
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/render_widget_host_view.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/common/security_style.h"
 #include "content/public/common/ssl_status.h"
 #include "content/public/test/browser_test_utils.h"
 #include "content/public/test/download_test_observer.h"
 #include "content/public/test/test_renderer_host.h"
-#include "crypto/nss_util.h"
-#include "net/base/crypto_module.h"
 #include "net/base/net_errors.h"
 #include "net/base/test_data_directory.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/test/spawned_test_server/spawned_test_server.h"
 
 #if defined(USE_NSS)
+#include "chrome/browser/net/nss_context.h"
+#include "net/base/crypto_module.h"
 #include "net/cert/nss_cert_database.h"
 #endif  // defined(USE_NSS)
 
 using base::ASCIIToUTF16;
 using content::InterstitialPage;
 using content::NavigationController;
 using content::NavigationEntry;
 using content::SSLStatus;
 using content::WebContents;
 using web_modal::WebContentsModalDialogManager;
@@ skipping 650 matching lines @@
   // Proceed anyway.
   ProceedThroughInterstitial(tab);
 
   // Test page run a WebSocket wss connection test. The result will be shown
   // as page title.
   const base::string16 result = watcher.WaitAndGetTitle();
   EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass"));
 }
 
 #if defined(USE_NSS)
+class SSLUITestWithClientCert : public SSLUITest {
+  public:
+   SSLUITestWithClientCert() : cert_db_(NULL) {}
+
+   virtual void SetUpOnMainThread() OVERRIDE {
+     SSLUITest::SetUpOnMainThread();
+
+     base::RunLoop loop;
+     GetNSSCertDatabaseForProfile(
+         browser()->profile(),
+         base::Bind(&SSLUITestWithClientCert::DidGetCertDatabase,
+                    base::Unretained(this),
+                    &loop));
+     loop.Run();
+   }
+
+  protected:
+   void DidGetCertDatabase(base::RunLoop* loop, net::NSSCertDatabase* cert_db) {
+     cert_db_ = cert_db;
+     loop->Quit();
+   }
+
+   net::NSSCertDatabase* cert_db_;
+};
+
 // SSL client certificate tests are only enabled when using NSS for private key
 // storage, as only NSS can avoid modifying global machine state when testing.
 // See http://crbug.com/51132
 
 // Visit a HTTPS page which requires client cert authentication. The client
 // cert will be selected automatically, then a test which uses WebSocket runs.
-// Disabled:  http://crbug.com/159985

[pneubeck (no reviews), 2014/07/21 06:43:56]

here it refers to the bug I listed first.
Disabling of this test referred to that bug, and now I'm re-enabling the test.
I think it's reasonable to refer to the same bug and close it eventually if the
test is indeed fixed.

-IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestWSSClientCert) {
-  // Open a temporary NSS DB for testing.
-  crypto::ScopedTestNSSDB test_nssdb;
-  ASSERT_TRUE(test_nssdb.is_open());
-
-  // Import client cert for test. These interfaces require NSS.
-  net::NSSCertDatabase* cert_db = net::NSSCertDatabase::GetInstance();
-  scoped_refptr<net::CryptoModule> crypt_module = cert_db->GetPublicModule();
+IN_PROC_BROWSER_TEST_F(SSLUITestWithClientCert, TestWSSClientCert) {
+  // Import a client cert for test.
+  scoped_refptr<net::CryptoModule> crypt_module = cert_db_->GetPublicModule();
   std::string pkcs12_data;
   base::FilePath cert_path = net::GetTestCertsDirectory().Append(
       FILE_PATH_LITERAL("websocket_client_cert.p12"));
   EXPECT_TRUE(base::ReadFileToString(cert_path, &pkcs12_data));
   EXPECT_EQ(net::OK,
-            cert_db->ImportFromPKCS12(
+            cert_db_->ImportFromPKCS12(
                 crypt_module.get(), pkcs12_data, base::string16(), true, NULL));
 
   // Start WebSocket test server with TLS and client cert authentication.
   net::SpawnedTestServer::SSLOptions options(
       net::SpawnedTestServer::SSLOptions::CERT_OK);
   options.request_client_certificate = true;
   base::FilePath ca_path = net::GetTestCertsDirectory().Append(
       FILE_PATH_LITERAL("websocket_cacert.pem"));
   options.client_authorities.push_back(ca_path);
   net::SpawnedTestServer wss_server(net::SpawnedTestServer::TYPE_WSS,
@@ skipping 1074 matching lines @@
 
 // Visit a page over https that contains a frame with a redirect.
 
 // XMLHttpRequest insecure content in synchronous mode.
 
 // XMLHttpRequest insecure content in asynchronous mode.
 
 // XMLHttpRequest over bad ssl in synchronous mode.
 
 // XMLHttpRequest over OK ssl in synchronous mode.