diff options
| author | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-07 01:10:02 +0000 |
|---|---|---|
| committer | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-07 01:10:02 +0000 |
| commit | 8df162ae8daedfa09971f7b59420212df505a2b7 (patch) | |
| tree | b7e71c3ce4d3f4dae7735deb8c0b2d9f046ea582 /net/test | |
| parent | 29810ee54b8cd8b3fd0177c48daffc1c85a94d65 (diff) | |
| download | chromium_src-8df162ae8daedfa09971f7b59420212df505a2b7.zip chromium_src-8df162ae8daedfa09971f7b59420212df505a2b7.tar.gz chromium_src-8df162ae8daedfa09971f7b59420212df505a2b7.tar.bz2 | |
Add rudimentary support for client auth in testserver.py and unit tests
Nothing fancy for now. Just some tests that ERR_SSL_CLIENT_AUTH_CERT_NEEDED is
returned from the socket layer, and that URLRequest requests a certificate.
R=wtc
BUG=51132,51127
TEST=SSLClientSocketTest.ConnectClientAuthNoCert,HTTPRequestTest.ClientAuthTest
Review URL: http://codereview.chromium.org/3014055
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55318 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/test')
| -rw-r--r-- | net/test/test_server.cc | 7 | ||||
| -rw-r--r-- | net/test/test_server.h | 25 |
2 files changed, 31 insertions, 1 deletions
diff --git a/net/test/test_server.cc b/net/test/test_server.cc index 683cde2..7a2df0b 100644 --- a/net/test/test_server.cc +++ b/net/test/test_server.cc @@ -60,7 +60,8 @@ const int TestServerLauncher::kBadHTTPSPort = 9666; const wchar_t TestServerLauncher::kCertIssuerName[] = L"Test CA"; TestServerLauncher::TestServerLauncher() - : process_handle_(base::kNullProcessHandle) { + : process_handle_(base::kNullProcessHandle), + ssl_client_auth_(false) { InitCertPath(); } @@ -178,6 +179,8 @@ bool TestServerLauncher::Start(Protocol protocol, command_line.append(file_root_url); command_line.append(L"\""); } + if (ssl_client_auth_) + command_line.append(L" --ssl-client-auth"); if (!LaunchTestServerAsJob(command_line, true, @@ -196,6 +199,8 @@ bool TestServerLauncher::Start(Protocol protocol, command_line.push_back("-f"); if (!cert_path.value().empty()) command_line.push_back("--https=" + cert_path.value()); + if (ssl_client_auth_) + command_line.push_back("--ssl-client-auth"); base::file_handle_mapping_vector no_mappings; LOG(INFO) << "Trying to launch " << command_line[0] << " ..."; diff --git a/net/test/test_server.h b/net/test/test_server.h index 3b21339..989e38d 100644 --- a/net/test/test_server.h +++ b/net/test/test_server.h @@ -76,6 +76,13 @@ class TestServerLauncher { FilePath GetDocumentRootPath() { return document_root_dir_; } + // When Start is called, if protocol is HTTPS and ssl_client_auth_ is true, + // the server will request a client certificate on each connection. Must be + // called before Start to take effect. + void set_ssl_client_auth(bool ssl_client_auth) { + ssl_client_auth_ = ssl_client_auth; + } + // Issuer name of the root cert that should be trusted for the test to work. static const wchar_t kCertIssuerName[]; @@ -123,6 +130,8 @@ class TestServerLauncher { scoped_refptr<X509Certificate> cert_; #endif + bool ssl_client_auth_; + DISALLOW_COPY_AND_ASSIGN(TestServerLauncher); }; @@ -262,6 +271,22 @@ class HTTPSTestServer : public HTTPTestServer { return test_server; } + // Create a server which requests SSL client auth + static scoped_refptr<HTTPSTestServer> CreateClientAuthServer( + const std::wstring& document_root) { + scoped_refptr<HTTPSTestServer> test_server = new HTTPSTestServer(); + FilePath docroot = FilePath::FromWStringHack(document_root); + FilePath certpath = test_server->launcher_.GetOKCertPath(); + test_server->launcher_.set_ssl_client_auth(true); + if (!test_server->Start(net::TestServerLauncher::ProtoHTTP, + net::TestServerLauncher::kHostName, + net::TestServerLauncher::kOKHTTPSPort, + docroot, certpath, std::wstring())) { + return NULL; + } + return test_server; + } + // Create a server with an up to date certificate for the wrong hostname // for this host static scoped_refptr<HTTPSTestServer> CreateMismatchedServer( |