summaryrefslogtreecommitdiffstats
path: root/net/test
diff options
context:
space:
mode:
Diffstat (limited to 'net/test')
-rw-r--r--net/test/test_server.cc4
-rw-r--r--net/test/test_server.h5
2 files changed, 9 insertions, 0 deletions
diff --git a/net/test/test_server.cc b/net/test/test_server.cc
index f38abfa..3d95fb4 100644
--- a/net/test/test_server.cc
+++ b/net/test/test_server.cc
@@ -59,6 +59,10 @@ FilePath TestServer::HTTPSOptions::GetCertificateFile() const {
return FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
case CERT_EXPIRED:
return FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
+ case CERT_CHAIN_WRONG_ROOT:
+ // This chain uses its own dedicated test root certificate to avoid
+ // side-effects that may affect testing.
+ return FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem"));
default:
NOTREACHED();
}
diff --git a/net/test/test_server.h b/net/test/test_server.h
index 6e5eb60..f49a16b 100644
--- a/net/test/test_server.h
+++ b/net/test/test_server.h
@@ -56,6 +56,11 @@ class TestServer {
CERT_OK,
CERT_MISMATCHED_NAME,
CERT_EXPIRED,
+ // Cross-signed certificate to test PKIX path building. Contains an
+ // intermediate cross-signed by an unknown root, while the client (via
+ // TestRootStore) is expected to have a self-signed version of the
+ // intermediate.
+ CERT_CHAIN_WRONG_ROOT,
};
// Bitmask of bulk encryption algorithms that the test server supports
generated by cgit v1.1 at 2025-02-09 09:27:11 +0000