Chromium Code Reviews Chromium Code Reviews
Issue 82913011:
LOG(INFO) tidying in net/ (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <cert.h> | 5 #include <cert.h> |
| 6 #include <certdb.h> | 6 #include <certdb.h> |
| 7 #include <pk11pub.h> | 7 #include <pk11pub.h> |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 | 10 |
| (...skipping 574 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 585 empty_cert_list_, | 585 empty_cert_list_, |
| 586 &verify_result); | 586 &verify_result); |
| 587 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); | 587 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); |
| 588 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result.cert_status); | 588 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result.cert_status); |
| 589 } | 589 } |
| 590 | 590 |
| 591 TEST_F(CertDatabaseNSSTest, ImportServerCert_SelfSigned_Trusted) { | 591 TEST_F(CertDatabaseNSSTest, ImportServerCert_SelfSigned_Trusted) { |
| 592 // When using CERT_PKIXVerifyCert (which we do), server trust only works from | 592 // When using CERT_PKIXVerifyCert (which we do), server trust only works from |
| 593 // 3.13.4 onwards. See https://bugzilla.mozilla.org/show_bug.cgi?id=647364. | 593 // 3.13.4 onwards. See https://bugzilla.mozilla.org/show_bug.cgi?id=647364. |
| 594 if (!NSS_VersionCheck("3.13.4")) { | 594 if (!NSS_VersionCheck("3.13.4")) { |
| 595 LOG(INFO) << "test skipped on NSS < 3.13.4"; | 595 VLOG(0) << "test skipped on NSS < 3.13.4"; |
| 596 return; | 596 return; |
| 597 } | 597 } |
| 598 | 598 |
| 599 CertificateList certs; | 599 CertificateList certs; |
| 600 ASSERT_TRUE(ReadCertIntoList("punycodetest.der", &certs)); | 600 ASSERT_TRUE(ReadCertIntoList("punycodetest.der", &certs)); |
| 601 | 601 |
| 602 NSSCertDatabase::ImportCertFailureList failed; | 602 NSSCertDatabase::ImportCertFailureList failed; |
| 603 EXPECT_TRUE(cert_db_->ImportServerCert(certs, NSSCertDatabase::TRUSTED_SSL, | 603 EXPECT_TRUE(cert_db_->ImportServerCert(certs, NSSCertDatabase::TRUSTED_SSL, |
| 604 &failed)); | 604 &failed)); |
| 605 | 605 |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 659 NULL, | 659 NULL, |
| 660 empty_cert_list_, | 660 empty_cert_list_, |
| 661 &verify_result); | 661 &verify_result); |
| 662 EXPECT_EQ(OK, error); | 662 EXPECT_EQ(OK, error); |
| 663 EXPECT_EQ(0U, verify_result.cert_status); | 663 EXPECT_EQ(0U, verify_result.cert_status); |
| 664 } | 664 } |
| 665 | 665 |
| 666 TEST_F(CertDatabaseNSSTest, ImportCaAndServerCert_DistrustServer) { | 666 TEST_F(CertDatabaseNSSTest, ImportCaAndServerCert_DistrustServer) { |
| 667 // Explicit distrust only works starting in NSS 3.13. | 667 // Explicit distrust only works starting in NSS 3.13. |
| 668 if (!NSS_VersionCheck("3.13")) { | 668 if (!NSS_VersionCheck("3.13")) { |
| 669 LOG(INFO) << "test skipped on NSS < 3.13"; | 669 VLOG(0) << "test skipped on NSS < 3.13"; |
| 670 return; | 670 return; |
| 671 } | 671 } |
| 672 | 672 |
| 673 CertificateList ca_certs = CreateCertificateListFromFile( | 673 CertificateList ca_certs = CreateCertificateListFromFile( |
| 674 GetTestCertsDirectory(), "root_ca_cert.pem", | 674 GetTestCertsDirectory(), "root_ca_cert.pem", |
| 675 X509Certificate::FORMAT_AUTO); | 675 X509Certificate::FORMAT_AUTO); |
| 676 ASSERT_EQ(1U, ca_certs.size()); | 676 ASSERT_EQ(1U, ca_certs.size()); |
| 677 | 677 |
| 678 // Import CA cert and trust it. | 678 // Import CA cert and trust it. |
| 679 NSSCertDatabase::ImportCertFailureList failed; | 679 NSSCertDatabase::ImportCertFailureList failed; |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 753 "127.0.0.1", | 753 "127.0.0.1", |
| 754 flags, | 754 flags, |
| 755 NULL, | 755 NULL, |
| 756 empty_cert_list_, | 756 empty_cert_list_, |
| 757 &verify_result); | 757 &verify_result); |
| 758 EXPECT_EQ(OK, error); | 758 EXPECT_EQ(OK, error); |
| 759 EXPECT_EQ(0U, verify_result.cert_status); | 759 EXPECT_EQ(0U, verify_result.cert_status); |
| 760 | 760 |
| 761 // Explicit distrust only works starting in NSS 3.13. | 761 // Explicit distrust only works starting in NSS 3.13. |
| 762 if (!NSS_VersionCheck("3.13")) { | 762 if (!NSS_VersionCheck("3.13")) { |
| 763 LOG(INFO) << "test partially skipped on NSS < 3.13"; | 763 VLOG(0) << "test partially skipped on NSS < 3.13"; |
| 764 return; | 764 return; |
| 765 } | 765 } |
| 766 | 766 |
| 767 // Trust the root cert and distrust the intermediate. | 767 // Trust the root cert and distrust the intermediate. |
| 768 EXPECT_TRUE(cert_db_->SetCertTrust( | 768 EXPECT_TRUE(cert_db_->SetCertTrust( |
| 769 ca_certs[0].get(), CA_CERT, NSSCertDatabase::TRUSTED_SSL)); | 769 ca_certs[0].get(), CA_CERT, NSSCertDatabase::TRUSTED_SSL)); |
| 770 EXPECT_TRUE(cert_db_->SetCertTrust( | 770 EXPECT_TRUE(cert_db_->SetCertTrust( |
| 771 intermediate_certs[0].get(), CA_CERT, NSSCertDatabase::DISTRUSTED_SSL)); | 771 intermediate_certs[0].get(), CA_CERT, NSSCertDatabase::DISTRUSTED_SSL)); |
| 772 EXPECT_EQ( | 772 EXPECT_EQ( |
| 773 unsigned(CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_TRUSTED_CLIENT_CA), | 773 unsigned(CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_TRUSTED_CLIENT_CA), |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 792 NULL, | 792 NULL, |
| 793 empty_cert_list_, | 793 empty_cert_list_, |
| 794 &verify_result2); | 794 &verify_result2); |
| 795 EXPECT_EQ(ERR_CERT_REVOKED, error); | 795 EXPECT_EQ(ERR_CERT_REVOKED, error); |
| 796 EXPECT_EQ(CERT_STATUS_REVOKED, verify_result2.cert_status); | 796 EXPECT_EQ(CERT_STATUS_REVOKED, verify_result2.cert_status); |
| 797 } | 797 } |
| 798 | 798 |
| 799 TEST_F(CertDatabaseNSSTest, TrustIntermediateCa2) { | 799 TEST_F(CertDatabaseNSSTest, TrustIntermediateCa2) { |
| 800 if (NSS_VersionCheck("3.14.2") && !NSS_VersionCheck("3.15")) { | 800 if (NSS_VersionCheck("3.14.2") && !NSS_VersionCheck("3.15")) { |
| 801 // See http://bugzil.la/863947 for details. | 801 // See http://bugzil.la/863947 for details. |
| 802 LOG(INFO) << "Skipping test for NSS 3.14.2 - NSS 3.15"; | 802 VLOG(0) << "Skipping test for NSS 3.14.2 - NSS 3.15"; |
| 803 return; | 803 return; |
| 804 } | 804 } |
| 805 | 805 |
| 806 NSSCertDatabase::ImportCertFailureList failed; | 806 NSSCertDatabase::ImportCertFailureList failed; |
| 807 | 807 |
| 808 CertificateList intermediate_certs = CreateCertificateListFromFile( | 808 CertificateList intermediate_certs = CreateCertificateListFromFile( |
| 809 GetTestCertsDirectory(), "2048-rsa-intermediate.pem", | 809 GetTestCertsDirectory(), "2048-rsa-intermediate.pem", |
| 810 X509Certificate::FORMAT_AUTO); | 810 X509Certificate::FORMAT_AUTO); |
| 811 ASSERT_EQ(1U, intermediate_certs.size()); | 811 ASSERT_EQ(1U, intermediate_certs.size()); |
| 812 | 812 |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 852 NULL, | 852 NULL, |
| 853 empty_cert_list_, | 853 empty_cert_list_, |
| 854 &verify_result2); | 854 &verify_result2); |
| 855 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); | 855 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); |
| 856 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result2.cert_status); | 856 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result2.cert_status); |
| 857 } | 857 } |
| 858 | 858 |
| 859 TEST_F(CertDatabaseNSSTest, TrustIntermediateCa3) { | 859 TEST_F(CertDatabaseNSSTest, TrustIntermediateCa3) { |
| 860 if (NSS_VersionCheck("3.14.2") && !NSS_VersionCheck("3.15")) { | 860 if (NSS_VersionCheck("3.14.2") && !NSS_VersionCheck("3.15")) { |
| 861 // See http://bugzil.la/863947 for details. | 861 // See http://bugzil.la/863947 for details. |
| 862 LOG(INFO) << "Skipping test for NSS 3.14.2 - NSS 3.15"; | 862 VLOG(0) << "Skipping test for NSS 3.14.2 - NSS 3.15"; |
| 863 return; | 863 return; |
| 864 } | 864 } |
| 865 | 865 |
| 866 NSSCertDatabase::ImportCertFailureList failed; | 866 NSSCertDatabase::ImportCertFailureList failed; |
| 867 | 867 |
| 868 CertificateList ca_certs = CreateCertificateListFromFile( | 868 CertificateList ca_certs = CreateCertificateListFromFile( |
| 869 GetTestCertsDirectory(), "2048-rsa-root.pem", | 869 GetTestCertsDirectory(), "2048-rsa-root.pem", |
| 870 X509Certificate::FORMAT_AUTO); | 870 X509Certificate::FORMAT_AUTO); |
| 871 ASSERT_EQ(1U, ca_certs.size()); | 871 ASSERT_EQ(1U, ca_certs.size()); |
| 872 | 872 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 922 NULL, | 922 NULL, |
| 923 empty_cert_list_, | 923 empty_cert_list_, |
| 924 &verify_result2); | 924 &verify_result2); |
| 925 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); | 925 EXPECT_EQ(ERR_CERT_AUTHORITY_INVALID, error); |
| 926 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result2.cert_status); | 926 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, verify_result2.cert_status); |
| 927 } | 927 } |
| 928 | 928 |
| 929 TEST_F(CertDatabaseNSSTest, TrustIntermediateCa4) { | 929 TEST_F(CertDatabaseNSSTest, TrustIntermediateCa4) { |
| 930 // Explicit distrust only works starting in NSS 3.13. | 930 // Explicit distrust only works starting in NSS 3.13. |
| 931 if (!NSS_VersionCheck("3.13")) { | 931 if (!NSS_VersionCheck("3.13")) { |
| 932 LOG(INFO) << "test skipped on NSS < 3.13"; | 932 VLOG(0) << "test skipped on NSS < 3.13"; |
|
Ryan Sleevi
2013/11/25 01:08:32
and these
scottmg
2013/11/25 17:12:38
Done.
| |
| 933 return; | 933 return; |
| 934 } | 934 } |
| 935 | 935 |
| 936 NSSCertDatabase::ImportCertFailureList failed; | 936 NSSCertDatabase::ImportCertFailureList failed; |
| 937 | 937 |
| 938 CertificateList ca_certs = CreateCertificateListFromFile( | 938 CertificateList ca_certs = CreateCertificateListFromFile( |
| 939 GetTestCertsDirectory(), "2048-rsa-root.pem", | 939 GetTestCertsDirectory(), "2048-rsa-root.pem", |
| 940 X509Certificate::FORMAT_AUTO); | 940 X509Certificate::FORMAT_AUTO); |
| 941 ASSERT_EQ(1U, ca_certs.size()); | 941 ASSERT_EQ(1U, ca_certs.size()); |
| 942 | 942 |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1033 EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT, | 1033 EXPECT_EQ(NSSCertDatabase::TRUST_DEFAULT, |
| 1034 cert_db_->GetCertTrust(certs2[0].get(), SERVER_CERT)); | 1034 cert_db_->GetCertTrust(certs2[0].get(), SERVER_CERT)); |
| 1035 | 1035 |
| 1036 new_certs = ListCertsInSlot(slot_->os_module_handle()); | 1036 new_certs = ListCertsInSlot(slot_->os_module_handle()); |
| 1037 ASSERT_EQ(2U, new_certs.size()); | 1037 ASSERT_EQ(2U, new_certs.size()); |
| 1038 EXPECT_STRNE(new_certs[0]->os_cert_handle()->nickname, | 1038 EXPECT_STRNE(new_certs[0]->os_cert_handle()->nickname, |
| 1039 new_certs[1]->os_cert_handle()->nickname); | 1039 new_certs[1]->os_cert_handle()->nickname); |
| 1040 } | 1040 } |
| 1041 | 1041 |
| 1042 } // namespace net | 1042 } // namespace net |
| OLD | NEW |
