commit 010e27ec98de24f68648b8c3ac68f3408f0578c0
author hawk@chromium.org <hawk@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Thu Aug 27 17:49:41 2009
committer hawk@chromium.org <hawk@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Thu Aug 27 17:49:41 2009
tree 5d598c11cc366a4dd778f9d5aaed0ab62b082d05
parent 7cb43d53404c33f90398ba6217dc9645400e9c8e

Enable SSLClientSocketTest unit tests on Mac OS X by implementing our own certificate validation code. This gives us proper hostname matching, multiple error codes (e.g., before a certificate could be marked as expired or untrusted, but not both), revocation checking, and EV certificate checking.

BUG=19286,10910,14733
TEST=https://www.paypal.com should work without warning. https://paypal.com should get a warning about a hostname mismatch. https://test-ssev.verisign.com:1443/test-SSEV-expired-verisign.html should give a warning about an expired certificate.
Review URL: http://codereview.chromium.org/174102

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@24625 0039d316-1c4b-4281-b951-d872f2087c98

net/socket/ssl_client_socket_unittest.cc

diff --git a/net/socket/ssl_client_socket_unittest.cc b/net/socket/ssl_client_socket_unittest.cc
index d565ab6f..aa94ff8c 100644
--- a/net/socket/ssl_client_socket_unittest.cc
+++ b/net/socket/ssl_client_socket_unittest.cc
@@ -56,35 +56,7 @@
 
 //-----------------------------------------------------------------------------
 
-#if defined(OS_MACOSX)
-// Status 6/19/09:
-//
-// If these tests are enabled on OSX, we choke at the point
-// SSLHandshake() (Security framework call) is called from
-// SSLClientSocketMac::DoHandshake().  Return value is -9812 (cert
-// valid but root not trusted), but if you don't have the cert in your
-// keychain as documented on
-// http://dev.chromium.org/developers/testing, the -9812 becomes a
-// -9813 (no root cert).
-//
-// See related handshake failures exhibited by disabled tests in
-// net/url_request/url_request_unittest.cc.
-#define MAYBE_Connect DISABLED_Connect
-#define MAYBE_ConnectExpired DISABLED_ConnectExpired
-#define MAYBE_ConnectMismatched DISABLED_ConnectMismatched
-#define MAYBE_Read DISABLED_Read
-#define MAYBE_Read_SmallChunks DISABLED_Read_SmallChunks
-#define MAYBE_Read_Interrupted DISABLED_Read_Interrupted
-#else
-#define MAYBE_Connect Connect
-#define MAYBE_ConnectExpired ConnectExpired
-#define MAYBE_ConnectMismatched ConnectMismatched
-#define MAYBE_Read Read
-#define MAYBE_Read_SmallChunks Read_SmallChunks
-#define MAYBE_Read_Interrupted Read_Interrupted
-#endif
-
-TEST_F(SSLClientSocketTest, MAYBE_Connect) {
+TEST_F(SSLClientSocketTest, Connect) {
   StartOKServer();
 
   net::AddressList addr;
@@ -121,7 +93,7 @@
   EXPECT_FALSE(sock->IsConnected());
 }
 
-TEST_F(SSLClientSocketTest, MAYBE_ConnectExpired) {
+TEST_F(SSLClientSocketTest, ConnectExpired) {
   StartExpiredServer();
 
   net::AddressList addr;
@@ -157,7 +129,7 @@
   // leave it connected.
 }
 
-TEST_F(SSLClientSocketTest, MAYBE_ConnectMismatched) {
+TEST_F(SSLClientSocketTest, ConnectMismatched) {
   StartMismatchedServer();
 
   net::AddressList addr;
@@ -199,7 +171,7 @@
 //   - Server closes the underlying TCP connection directly.
 //   - Server sends data unexpectedly.
 
-TEST_F(SSLClientSocketTest, MAYBE_Read) {
+TEST_F(SSLClientSocketTest, Read) {
   StartOKServer();
 
   net::AddressList addr;
@@ -259,7 +231,7 @@
   }
 }
 
-TEST_F(SSLClientSocketTest, MAYBE_Read_SmallChunks) {
+TEST_F(SSLClientSocketTest, Read_SmallChunks) {
   StartOKServer();
 
   net::AddressList addr;
@@ -314,7 +286,7 @@
   }
 }
 
-TEST_F(SSLClientSocketTest, MAYBE_Read_Interrupted) {
+TEST_F(SSLClientSocketTest, Read_Interrupted) {
   StartOKServer();
 
   net::AddressList addr;