Fail with ERR_UNSUPPORTED_AUTH_SCHEME instead of ERR_INVALID_RESPONSE

if the computer doesn't have a GSSAPI library.

Use EXPECT instead of DCHECK in unit tests.

The new unit test was originally reviewed in
http://codereview.chromium.org/6975049/

R=cbentzel@chromium.org,ahendrickson@chromium.org
BUG=84492
TEST=net_unittests --gtest_filter=HttpAuthHandlerNegotiateTest.MissingGSSAPI

Review URL: http://codereview.chromium.org/7087007

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@87368 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 36 insertions, 7 deletions

diff --git a/net/http/http_auth_gssapi_posix_unittest.cc b/net/http/http_auth_gssapi_posix_unittest.cc
index 01a62b3..c3f9f75 100644
--- a/net/http/http_auth_gssapi_posix_unittest.cc
+++ b/net/http/http_auth_gssapi_posix_unittest.cc
@@ -78,13 +78,13 @@ TEST(HttpAuthGSSAPIPOSIXTest, GSSAPIStartup) {
   // functions we want.
   scoped_ptr<GSSAPILibrary> gssapi(new GSSAPISharedLibrary(""));
   DCHECK(gssapi.get());
-  DCHECK(gssapi.get()->Init());
+  EXPECT_TRUE(gssapi.get()->Init());
 }
 
 TEST(HttpAuthGSSAPIPOSIXTest, GSSAPILoadCustomLibrary) {
   scoped_ptr<GSSAPILibrary> gssapi(
       new GSSAPISharedLibrary("/this/library/does/not/exist"));
-  DCHECK(!gssapi.get()->Init());
+  EXPECT_FALSE(gssapi.get()->Init());
 }
 
 TEST(HttpAuthGSSAPIPOSIXTest, GSSAPICycle) {
diff --git a/net/http/http_auth_handler_negotiate.cc b/net/http/http_auth_handler_negotiate.cc
index 1edb429..51a0e24 100644
--- a/net/http/http_auth_handler_negotiate.cc
+++ b/net/http/http_auth_handler_negotiate.cc
@@ -22,8 +22,8 @@ HttpAuthHandlerNegotiate::Factory::Factory()
 #if defined(OS_WIN)
       max_token_length_(0),
       first_creation_(true),
-      is_unsupported_(false),
 #endif
+      is_unsupported_(false),
       auth_library_(NULL) {
 }
 
@@ -65,6 +65,12 @@ int HttpAuthHandlerNegotiate::Factory::CreateAuthHandler(
   handler->swap(tmp_handler);
   return OK;
 #elif defined(OS_POSIX)
+  if (is_unsupported_)
+    return ERR_UNSUPPORTED_AUTH_SCHEME;
+  if (!auth_library_->Init()) {
+    is_unsupported_ = true;
+    return ERR_UNSUPPORTED_AUTH_SCHEME;
+  }
   // TODO(ahendrickson): Move towards model of parsing in the factory
   //                     method and only constructing when valid.
   scoped_ptr<HttpAuthHandler> tmp_handler(
diff --git a/net/http/http_auth_handler_negotiate.h b/net/http/http_auth_handler_negotiate.h
index 240903f..da2e19b 100644
--- a/net/http/http_auth_handler_negotiate.h
+++ b/net/http/http_auth_handler_negotiate.h
@@ -86,8 +86,8 @@ class NET_TEST HttpAuthHandlerNegotiate : public HttpAuthHandler {
 #if defined(OS_WIN)
     ULONG max_token_length_;
     bool first_creation_;
-    bool is_unsupported_;
 #endif
+    bool is_unsupported_;
     scoped_ptr<AuthLibrary> auth_library_;
   };
 
diff --git a/net/http/http_auth_handler_negotiate_unittest.cc b/net/http/http_auth_handler_negotiate_unittest.cc
index cdaa5f3..40d6a2b 100644
--- a/net/http/http_auth_handler_negotiate_unittest.cc
+++ b/net/http/http_auth_handler_negotiate_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -313,9 +313,8 @@ TEST_F(HttpAuthHandlerNegotiateTest, CnameAsync) {
 
 #if defined(OS_POSIX)
 
-// These tests are only for GSSAPI, as we can't use explicit credentials with
+// This test is only for GSSAPI, as we can't use explicit credentials with
 // that library.
-
 TEST_F(HttpAuthHandlerNegotiateTest, ServerNotInKerberosDatabase) {
   SetupErrorMocks(AuthLibrary(), GSS_S_FAILURE, 0x96C73A07);  // No server
   scoped_ptr<HttpAuthHandlerNegotiate> auth_handler;
@@ -330,6 +329,8 @@ TEST_F(HttpAuthHandlerNegotiateTest, ServerNotInKerberosDatabase) {
   EXPECT_EQ(ERR_MISSING_AUTH_CREDENTIALS, callback.WaitForResult());
 }
 
+// This test is only for GSSAPI, as we can't use explicit credentials with
+// that library.
 TEST_F(HttpAuthHandlerNegotiateTest, NoKerberosCredentials) {
   SetupErrorMocks(AuthLibrary(), GSS_S_FAILURE, 0x96C73AC3);  // No credentials
   scoped_ptr<HttpAuthHandlerNegotiate> auth_handler;
@@ -344,6 +345,28 @@ TEST_F(HttpAuthHandlerNegotiateTest, NoKerberosCredentials) {
   EXPECT_EQ(ERR_MISSING_AUTH_CREDENTIALS, callback.WaitForResult());
 }
 
+TEST_F(HttpAuthHandlerNegotiateTest, MissingGSSAPI) {
+  scoped_ptr<HostResolver> host_resolver(new MockHostResolver());
+  MockAllowURLSecurityManager url_security_manager;
+  scoped_ptr<HttpAuthHandlerNegotiate::Factory> negotiate_factory(
+      new HttpAuthHandlerNegotiate::Factory());
+  negotiate_factory->set_host_resolver(host_resolver.get());
+  negotiate_factory->set_url_security_manager(&url_security_manager);
+  negotiate_factory->set_library(
+      new GSSAPISharedLibrary("/this/library/does/not/exist"));
+
+  GURL gurl("http://www.example.com");
+  scoped_ptr<HttpAuthHandler> generic_handler;
+  int rv = negotiate_factory->CreateAuthHandlerFromString(
+      "Negotiate",
+      HttpAuth::AUTH_SERVER,
+      gurl,
+      BoundNetLog(),
+      &generic_handler);
+  EXPECT_EQ(ERR_UNSUPPORTED_AUTH_SCHEME, rv);
+  EXPECT_TRUE(generic_handler.get() == NULL);
+}
+
 #endif  // defined(OS_POSIX)
 
 }  // namespace net