summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorrsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-04-30 01:15:58 +0000
committerrsleevi@chromium.org <rsleevi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2013-04-30 01:15:58 +0000
commit089bd32fc839aa0c0ed303cf1bceb0e427c110e3 (patch)
tree83c3b30bf6d51fef2463cbb65206be4bec84d3b2 /net
parent93f2a1249b570769e8656eaf697ace16707b2ee4 (diff)
downloadchromium_src-089bd32fc839aa0c0ed303cf1bceb0e427c110e3.zip
chromium_src-089bd32fc839aa0c0ed303cf1bceb0e427c110e3.tar.gz
chromium_src-089bd32fc839aa0c0ed303cf1bceb0e427c110e3.tar.bz2
Clarify that ClientCertStoreImpl::SelectClientCerts is testing-only
Rename SelectClientCerts to SelectClientCertsForTesting, indicating that its a testing only function (matching the comments). Also switch the unittests to use a fixture, to avoid FRIEND_TEST_ALL_PREFIXES growth BUG=none R=wtc Review URL: https://chromiumcodereview.appspot.com/14254003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@197211 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
-rw-r--r--net/ssl/client_cert_store_impl.h17
-rw-r--r--net/ssl/client_cert_store_impl_mac.cc19
-rw-r--r--net/ssl/client_cert_store_impl_nss.cc7
-rw-r--r--net/ssl/client_cert_store_impl_unittest.cc53
-rw-r--r--net/ssl/client_cert_store_impl_win.cc7
5 files changed, 59 insertions, 44 deletions
diff --git a/net/ssl/client_cert_store_impl.h b/net/ssl/client_cert_store_impl.h
index 81b68df..e02cd1c 100644
--- a/net/ssl/client_cert_store_impl.h
+++ b/net/ssl/client_cert_store_impl.h
@@ -16,7 +16,6 @@ namespace net {
class NET_EXPORT ClientCertStoreImpl : public ClientCertStore {
public:
ClientCertStoreImpl() {}
-
virtual ~ClientCertStoreImpl() {}
// ClientCertStore:
@@ -24,13 +23,7 @@ class NET_EXPORT ClientCertStoreImpl : public ClientCertStore {
CertificateList* selected_certs) OVERRIDE;
private:
- FRIEND_TEST_ALL_PREFIXES(ClientCertStoreImplTest, EmptyQuery);
- FRIEND_TEST_ALL_PREFIXES(ClientCertStoreImplTest, AllIssuersAllowed);
- FRIEND_TEST_ALL_PREFIXES(ClientCertStoreImplTest, CertAuthorityFiltering);
-#if defined(OS_MACOSX) && !defined(OS_IOS)
- FRIEND_TEST_ALL_PREFIXES(ClientCertStoreImplTest, FilterOutThePreferredCert);
- FRIEND_TEST_ALL_PREFIXES(ClientCertStoreImplTest, PreferredCertGoesFirst);
-#endif
+ friend class ClientCertStoreImplTest;
// A hook for testing. Filters |input_certs| using the logic being used to
// filter the system store when GetClientCerts() is called. Depending on the
@@ -40,16 +33,16 @@ class NET_EXPORT ClientCertStoreImpl : public ClientCertStore {
// - Implemented by creating a list of certificates that otherwise would be
// extracted from the system store and filtering it using the common logic
// (less adequate, currently on NSS and Mac).
- bool SelectClientCerts(const CertificateList& input_certs,
- const SSLCertRequestInfo& cert_request_info,
- CertificateList* selected_certs);
+ bool SelectClientCertsForTesting(const CertificateList& input_certs,
+ const SSLCertRequestInfo& cert_request_info,
+ CertificateList* selected_certs);
#if defined(OS_MACOSX) && !defined(OS_IOS)
// Testing hook specific to Mac, where the internal logic recognizes preferred
// certificates for particular domains. If the preferred certificate is
// present in the output list (i.e. it doesn't get filtered out), it should
// always come first.
- bool SelectClientCertsGivenPreferred(
+ bool SelectClientCertsGivenPreferredForTesting(
const scoped_refptr<X509Certificate>& preferred_cert,
const CertificateList& regular_certs,
const SSLCertRequestInfo& request,
diff --git a/net/ssl/client_cert_store_impl_mac.cc b/net/ssl/client_cert_store_impl_mac.cc
index e6cfeeb..ecc707e 100644
--- a/net/ssl/client_cert_store_impl_mac.cc
+++ b/net/ssl/client_cert_store_impl_mac.cc
@@ -247,19 +247,20 @@ bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
selected_certs);
}
-bool ClientCertStoreImpl::SelectClientCerts(const CertificateList& input_certs,
- const SSLCertRequestInfo& request,
- CertificateList* selected_certs) {
+bool ClientCertStoreImpl::SelectClientCertsForTesting(
+ const CertificateList& input_certs,
+ const SSLCertRequestInfo& request,
+ CertificateList* selected_certs) {
return GetClientCertsImpl(NULL, input_certs, request, false,
selected_certs);
}
-#if defined(OS_MACOSX) && !defined(OS_IOS)
-bool ClientCertStoreImpl::SelectClientCertsGivenPreferred(
- const scoped_refptr<X509Certificate>& preferred_cert,
- const CertificateList& regular_certs,
- const SSLCertRequestInfo& request,
- CertificateList* selected_certs) {
+#if !defined(OS_IOS)
+bool ClientCertStoreImpl::SelectClientCertsGivenPreferredForTesting(
+ const scoped_refptr<X509Certificate>& preferred_cert,
+ const CertificateList& regular_certs,
+ const SSLCertRequestInfo& request,
+ CertificateList* selected_certs) {
return GetClientCertsImpl(preferred_cert, regular_certs, request, false,
selected_certs);
}
diff --git a/net/ssl/client_cert_store_impl_nss.cc b/net/ssl/client_cert_store_impl_nss.cc
index 62a66ce..ffab268 100644
--- a/net/ssl/client_cert_store_impl_nss.cc
+++ b/net/ssl/client_cert_store_impl_nss.cc
@@ -91,9 +91,10 @@ bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
return rv;
}
-bool ClientCertStoreImpl::SelectClientCerts(const CertificateList& input_certs,
- const SSLCertRequestInfo& request,
- CertificateList* selected_certs) {
+bool ClientCertStoreImpl::SelectClientCertsForTesting(
+ const CertificateList& input_certs,
+ const SSLCertRequestInfo& request,
+ CertificateList* selected_certs) {
CERTCertList* cert_list = CERT_NewCertList();
if (!cert_list)
return false;
diff --git a/net/ssl/client_cert_store_impl_unittest.cc b/net/ssl/client_cert_store_impl_unittest.cc
index 893eb38..5e66f3d 100644
--- a/net/ssl/client_cert_store_impl_unittest.cc
+++ b/net/ssl/client_cert_store_impl_unittest.cc
@@ -32,20 +32,43 @@ unsigned char kAuthority2DN[] = {
} // namespace
-TEST(ClientCertStoreImplTest, EmptyQuery) {
+class ClientCertStoreImplTest : public ::testing::Test {
+ protected:
+ bool SelectClientCerts(const CertificateList& input_certs,
+ const SSLCertRequestInfo& cert_request_info,
+ CertificateList* selected_certs) {
+ return store_.SelectClientCertsForTesting(
+ input_certs, cert_request_info, selected_certs);
+ }
+
+#if defined(OS_MACOSX) && !defined(OS_IOS)
+ bool SelectClientCertsGivenPreferred(
+ const scoped_refptr<X509Certificate>& preferred_cert,
+ const CertificateList& regular_certs,
+ const SSLCertRequestInfo& request,
+ CertificateList* selected_certs) {
+ return store_.SelectClientCertsGivenPreferredForTesting(
+ preferred_cert, regular_certs, request, selected_certs);
+ }
+#endif
+
+ private:
+ ClientCertStoreImpl store_;
+};
+
+TEST_F(ClientCertStoreImplTest, EmptyQuery) {
std::vector<scoped_refptr<X509Certificate> > certs;
scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
- ClientCertStoreImpl store;
std::vector<scoped_refptr<X509Certificate> > selected_certs;
- bool rv = store.SelectClientCerts(certs, *request, &selected_certs);
+ bool rv = SelectClientCerts(certs, *request, &selected_certs);
EXPECT_TRUE(rv);
EXPECT_EQ(0u, selected_certs.size());
}
// Verify that CertRequestInfo with empty |cert_authorities| matches all
// issuers, rather than no issuers.
-TEST(ClientCertStoreImplTest, AllIssuersAllowed) {
+TEST_F(ClientCertStoreImplTest, AllIssuersAllowed) {
scoped_refptr<X509Certificate> cert(
ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem"));
ASSERT_TRUE(cert);
@@ -54,9 +77,8 @@ TEST(ClientCertStoreImplTest, AllIssuersAllowed) {
certs.push_back(cert);
scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
- ClientCertStoreImpl store;
std::vector<scoped_refptr<X509Certificate> > selected_certs;
- bool rv = store.SelectClientCerts(certs, *request, &selected_certs);
+ bool rv = SelectClientCerts(certs, *request, &selected_certs);
EXPECT_TRUE(rv);
ASSERT_EQ(1u, selected_certs.size());
EXPECT_TRUE(selected_certs[0]->Equals(cert));
@@ -64,7 +86,7 @@ TEST(ClientCertStoreImplTest, AllIssuersAllowed) {
// Verify that certificates are correctly filtered against CertRequestInfo with
// |cert_authorities| containing only |authority_1_DN|.
-TEST(ClientCertStoreImplTest, CertAuthorityFiltering) {
+TEST_F(ClientCertStoreImplTest, CertAuthorityFiltering) {
scoped_refptr<X509Certificate> cert_1(
ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem"));
ASSERT_TRUE(cert_1);
@@ -89,9 +111,8 @@ TEST(ClientCertStoreImplTest, CertAuthorityFiltering) {
scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
request->cert_authorities = authority_1;
- ClientCertStoreImpl store;
std::vector<scoped_refptr<X509Certificate> > selected_certs;
- bool rv = store.SelectClientCerts(certs, *request, &selected_certs);
+ bool rv = SelectClientCerts(certs, *request, &selected_certs);
EXPECT_TRUE(rv);
ASSERT_EQ(1u, selected_certs.size());
EXPECT_TRUE(selected_certs[0]->Equals(cert_1));
@@ -100,7 +121,7 @@ TEST(ClientCertStoreImplTest, CertAuthorityFiltering) {
#if defined(OS_MACOSX) && !defined(OS_IOS)
// Verify that the preferred cert gets filtered out when it doesn't match the
// server criteria.
-TEST(ClientCertStoreImplTest, FilterOutThePreferredCert) {
+TEST_F(ClientCertStoreImplTest, FilterOutThePreferredCert) {
scoped_refptr<X509Certificate> cert_1(
ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem"));
ASSERT_TRUE(cert_1);
@@ -114,17 +135,16 @@ TEST(ClientCertStoreImplTest, FilterOutThePreferredCert) {
scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
request->cert_authorities = authority_2;
- ClientCertStoreImpl store;
std::vector<scoped_refptr<X509Certificate> > selected_certs;
- bool rv = store.SelectClientCertsGivenPreferred(cert_1, certs, *request,
- &selected_certs);
+ bool rv =
+ SelectClientCertsGivenPreferred(cert_1, certs, *request, &selected_certs);
EXPECT_TRUE(rv);
EXPECT_EQ(0u, selected_certs.size());
}
// Verify that the preferred cert takes the first position in the output list,
// when it does not get filtered out.
-TEST(ClientCertStoreImplTest, PreferredCertGoesFirst) {
+TEST_F(ClientCertStoreImplTest, PreferredCertGoesFirst) {
scoped_refptr<X509Certificate> cert_1(
ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem"));
ASSERT_TRUE(cert_1);
@@ -136,10 +156,9 @@ TEST(ClientCertStoreImplTest, PreferredCertGoesFirst) {
certs.push_back(cert_2);
scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
- ClientCertStoreImpl store;
std::vector<scoped_refptr<X509Certificate> > selected_certs;
- bool rv = store.SelectClientCertsGivenPreferred(cert_1, certs, *request,
- &selected_certs);
+ bool rv =
+ SelectClientCertsGivenPreferred(cert_1, certs, *request, &selected_certs);
EXPECT_TRUE(rv);
ASSERT_EQ(2u, selected_certs.size());
EXPECT_TRUE(selected_certs[0]->Equals(cert_1));
diff --git a/net/ssl/client_cert_store_impl_win.cc b/net/ssl/client_cert_store_impl_win.cc
index d6df838..63ea6e4a 100644
--- a/net/ssl/client_cert_store_impl_win.cc
+++ b/net/ssl/client_cert_store_impl_win.cc
@@ -160,9 +160,10 @@ bool ClientCertStoreImpl::GetClientCerts(const SSLCertRequestInfo& request,
return rv;
}
-bool ClientCertStoreImpl::SelectClientCerts(const CertificateList& input_certs,
- const SSLCertRequestInfo& request,
- CertificateList* selected_certs) {
+bool ClientCertStoreImpl::SelectClientCertsForTesting(
+ const CertificateList& input_certs,
+ const SSLCertRequestInfo& request,
+ CertificateList* selected_certs) {
typedef crypto::ScopedCAPIHandle<
HCERTSTORE,
crypto::CAPIDestroyerWithFlags<HCERTSTORE,
generated by cgit v1.1 at 2025-01-31 06:10:10 +0000