| Index: chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc
|
| diff --git a/chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc b/chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc
|
| index dfa4f512084ceff114b5c184e2d86b3c66ed34ff..4091981228c8be275013d1581e423c8791a2ddf6 100644
|
| --- a/chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc
|
| +++ b/chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc
|
| @@ -62,19 +62,19 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, QueryPolicy) {
|
| content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate();
|
| bool unused_value;
|
|
|
| - // Verifying that all three of the certs we will be looking at are unknown
|
| + // Verifying that all three of the certs we will be looking at are denied
|
| // before any action has been taken.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kExampleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -86,18 +86,18 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, QueryPolicy) {
|
| kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
|
|
| // Verify that only kWWWGoogleHost is allowed and that the other two certs
|
| - // being tested still have no decision associated with them.
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + // being tested still are denied.
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kExampleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -109,40 +109,18 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, QueryPolicy) {
|
| kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
|
|
| // Verify that both kWWWGoogleHost and kExampleHost have allow exceptions
|
| - // while kGoogleHost still has no associated decision.
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + // while kGoogleHost still is denied.
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| - state->QueryPolicy(kExampleHost,
|
| - google_cert.get(),
|
| - net::CERT_STATUS_DATE_INVALID,
|
| - &unused_value));
|
| -
|
| - // Simulate a user decision to deny an invalid certificate for kExampleHost.
|
| - state->DenyCert(
|
| - kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
| -
|
| - // Verify that kWWWGoogleHost is allowed and kExampleHost is denied while
|
| - // kGoogleHost still has no associated decision.
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| - state->QueryPolicy(kWWWGoogleHost,
|
| - google_cert.get(),
|
| - net::CERT_STATUS_DATE_INVALID,
|
| - &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| - state->QueryPolicy(kGoogleHost,
|
| - google_cert.get(),
|
| - net::CERT_STATUS_DATE_INVALID,
|
| - &unused_value));
|
| - EXPECT_EQ(net::CertPolicy::DENIED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kExampleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -150,7 +128,7 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, QueryPolicy) {
|
| }
|
|
|
| // HasPolicyAndRevoke unit tests the expected behavior of calling
|
| -// HasUserDecision before and after calling RevokeUserDecisions on the
|
| +// HasAllowed before and after calling RevokeUserAllowExceptions on the
|
| // SSLHostStateDelegate class.
|
| IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) {
|
| scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert();
|
| @@ -168,13 +146,13 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) {
|
| state->AllowCert(
|
| kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
|
|
| - // Verify that HasUserDecision correctly acknowledges that a user decision has
|
| - // been made about kWWWGoogleHost. Then verify that HasUserDecision correctly
|
| + // Verify that HasAllowed correctly acknowledges that a user decision has
|
| + // been made about kWWWGoogleHost. Then verify that HasAllowed correctly
|
| // identifies that the decision has been revoked.
|
| - EXPECT_TRUE(state->HasUserDecision(kWWWGoogleHost));
|
| - state->RevokeUserDecisions(kWWWGoogleHost);
|
| - EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_TRUE(state->HasAllowed(kWWWGoogleHost));
|
| + state->RevokeUserAllowExceptions(kWWWGoogleHost);
|
| + EXPECT_FALSE(state->HasAllowed(kWWWGoogleHost));
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -182,14 +160,14 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) {
|
|
|
| // Verify that the revocation of the kWWWGoogleHost decision does not affect
|
| // the Allow for kExampleHost.
|
| - EXPECT_TRUE(state->HasUserDecision(kExampleHost));
|
| + EXPECT_TRUE(state->HasAllowed(kExampleHost));
|
|
|
| // Verify the revocation of the kWWWGoogleHost decision does not affect the
|
| // non-decision for kGoogleHost. Then verify that a revocation of a URL with
|
| // no decision has no effect.
|
| - EXPECT_FALSE(state->HasUserDecision(kGoogleHost));
|
| - state->RevokeUserDecisions(kGoogleHost);
|
| - EXPECT_FALSE(state->HasUserDecision(kGoogleHost));
|
| + EXPECT_FALSE(state->HasAllowed(kGoogleHost));
|
| + state->RevokeUserAllowExceptions(kGoogleHost);
|
| + EXPECT_FALSE(state->HasAllowed(kGoogleHost));
|
| }
|
|
|
| // Clear unit tests the expected behavior of calling Clear to forget all cert
|
| @@ -209,17 +187,17 @@ IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) {
|
| kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
|
|
| // Do a full clear, then make sure that both kWWWGoogleHost, which had a
|
| - // decision made, and kExampleHost, which was untouched, are now in a
|
| - // non-decision state.
|
| + // decision made, and kExampleHost, which was untouched, are now in a denied
|
| + // state.
|
| state->Clear();
|
| - EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_FALSE(state->HasAllowed(kWWWGoogleHost));
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| - EXPECT_FALSE(state->HasUserDecision(kExampleHost));
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_FALSE(state->HasAllowed(kExampleHost));
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kExampleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -281,7 +259,7 @@ IN_PROC_BROWSER_TEST_F(IncognitoSSLHostStateDelegateTest, PRE_AfterRestart) {
|
| content::SSLHostStateDelegate* incognito_state =
|
| incognito->GetSSLHostStateDelegate();
|
|
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| incognito_state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -294,7 +272,7 @@ IN_PROC_BROWSER_TEST_F(IncognitoSSLHostStateDelegateTest, PRE_AfterRestart) {
|
| incognito_state->AllowCert(
|
| kGoogleHost, google_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID);
|
|
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_COMMON_NAME_INVALID,
|
| @@ -315,7 +293,7 @@ IN_PROC_BROWSER_TEST_F(IncognitoSSLHostStateDelegateTest, AfterRestart) {
|
| // Verify that the exception added before restart to the regular
|
| // (non-incognito) profile still exists and was not cleared after the
|
| // incognito session ended.
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -327,7 +305,7 @@ IN_PROC_BROWSER_TEST_F(IncognitoSSLHostStateDelegateTest, AfterRestart) {
|
|
|
| // Verify that the exception added before restart to the incognito profile was
|
| // cleared when the incognito session ended.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| incognito_state->QueryPolicy(kGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_COMMON_NAME_INVALID,
|
| @@ -355,7 +333,7 @@ IN_PROC_BROWSER_TEST_F(ForGetSSLHostStateDelegateTest, PRE_AfterRestart) {
|
|
|
| state->AllowCert(
|
| kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -370,9 +348,9 @@ IN_PROC_BROWSER_TEST_F(ForGetSSLHostStateDelegateTest, AfterRestart) {
|
| content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate();
|
| bool unused_value;
|
|
|
| - // The cert should now be |UNKONWN| because the profile is set to forget cert
|
| + // The cert should now be |DENIED| because the profile is set to forget cert
|
| // exceptions after session end.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -412,14 +390,14 @@ IN_PROC_BROWSER_TEST_F(ForgetInstantlySSLHostStateDelegateTest,
|
|
|
| state->AllowCert(
|
| kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| &unused_value));
|
| }
|
|
|
| -// Tests to make sure that if the remember value is set to a non-zero value0,
|
| +// Tests to make sure that if the remember value is set to a non-zero value,
|
| // any decisions will be remembered over a restart, but only for the length
|
| // specified.
|
| class RememberSSLHostStateDelegateTest : public ChromeSSLHostStateDelegateTest {
|
| @@ -441,7 +419,7 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, PRE_AfterRestart) {
|
|
|
| state->AllowCert(
|
| kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -467,7 +445,7 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, AfterRestart) {
|
|
|
| // This should only pass if the cert was allowed before the test was restart
|
| // and thus has now been rememebered across browser restarts.
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -476,8 +454,8 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, AfterRestart) {
|
| // Simulate the clock advancing by the specified delta.
|
| clock->Advance(base::TimeDelta::FromSeconds(kDeltaOneDayInSeconds + 1));
|
|
|
| - // The cert should now be |UNKONWN| because the specified delta has passed.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + // The cert should now be |DENIED| because the specified delta has passed.
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -506,7 +484,7 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, QueryPolicyExpired) {
|
|
|
| // The certificate has never been seen before, so it should be UNKONWN and
|
| // should also indicate that it hasn't expired.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -517,7 +495,7 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, QueryPolicyExpired) {
|
| // also specify that it hasn't expired.
|
| state->AllowCert(
|
| kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
| - EXPECT_EQ(net::CertPolicy::ALLOWED,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -528,9 +506,9 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, QueryPolicyExpired) {
|
| clock->Advance(base::TimeDelta::FromSeconds(kDeltaOneDayInSeconds + 1));
|
|
|
| // The decision expiration time has come, so it should indicate that the
|
| - // certificate and error are UNKOWN but also that they expired since the last
|
| + // certificate and error are DENIED but also that they expired since the last
|
| // query.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -539,7 +517,7 @@ IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, QueryPolicyExpired) {
|
|
|
| // However, with a new query, it should indicate that no new expiration has
|
| // occurred.
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kWWWGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
| @@ -576,7 +554,7 @@ IN_PROC_BROWSER_TEST_F(RemoveBrowsingHistorySSLHostStateDelegateTest,
|
| state->AllowCert(
|
| kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
|
| RemoveAndWait(profile);
|
| - EXPECT_EQ(net::CertPolicy::UNKNOWN,
|
| + EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
|
| state->QueryPolicy(kGoogleHost,
|
| google_cert.get(),
|
| net::CERT_STATUS_DATE_INVALID,
|
|
|
Chromium Code Reviews
Issue 465133004:
Remove DenyCertForHost from SSLHostStateDelegate API. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src