Implement a MockCertVerifier that can be used to avoid
calling OS API routines for certificate verification. This
allows tests that depend on SSL to cycle noticably faster,
particularly when under memory instrumentation.
R=wtc
BUG=none
TEST=existing unittests
Review URL: http://codereview.chromium.org/9956047
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@131509 0039d316-1c4b-4281-b951-d872f2087c98
diff --git a/net/socket/ssl_server_socket_unittest.cc b/net/socket/ssl_server_socket_unittest.cc
index b456b74..97841ff 100644
--- a/net/socket/ssl_server_socket_unittest.cc
+++ b/net/socket/ssl_server_socket_unittest.cc
@@ -29,11 +29,11 @@
#include "net/base/address_list.h"
#include "net/base/cert_status_flags.h"
#include "net/base/cert_test_util.h"
-#include "net/base/cert_verifier.h"
#include "net/base/completion_callback.h"
#include "net/base/host_port_pair.h"
#include "net/base/io_buffer.h"
#include "net/base/ip_endpoint.h"
+#include "net/base/mock_cert_verifier.h"
#include "net/base/net_errors.h"
#include "net/base/net_log.h"
#include "net/base/ssl_config_service.h"
@@ -57,8 +57,7 @@
ALLOW_THIS_IN_INITIALIZER_LIST(weak_factory_(this)) {
}
- virtual int Read(IOBuffer* buf, int buf_len,
- const CompletionCallback& callback) {
+ int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback) {
if (data_.empty()) {
read_callback_ = callback;
read_buf_ = buf;
@@ -68,8 +67,7 @@
return PropogateData(buf, buf_len);
}
- virtual int Write(IOBuffer* buf, int buf_len,
- const CompletionCallback& callback) {
+ int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback) {
data_.push(new net::DrainableIOBuffer(buf, buf_len));
MessageLoop::current()->PostTask(
FROM_HERE, base::Bind(&FakeDataChannel::DoReadCallback,
@@ -251,7 +249,8 @@
public:
SSLServerSocketTest()
: socket_factory_(net::ClientSocketFactory::GetDefaultFactory()),
- cert_verifier_(net::CertVerifier::CreateDefault()) {
+ cert_verifier_(new MockCertVerifier()) {
+ cert_verifier_->set_default_result(net::CERT_STATUS_AUTHORITY_INVALID);
}
protected:
@@ -308,7 +307,7 @@
scoped_ptr<net::SSLClientSocket> client_socket_;
scoped_ptr<net::SSLServerSocket> server_socket_;
net::ClientSocketFactory* socket_factory_;
- scoped_ptr<net::CertVerifier> cert_verifier_;
+ scoped_ptr<net::MockCertVerifier> cert_verifier_;
};
// SSLServerSocket is only implemented using NSS.
@@ -459,14 +458,14 @@
int rv = server_socket_->ExportKeyingMaterial(kKeyingLabel,
false, kKeyingContext,
server_out, sizeof(server_out));
- ASSERT_EQ(rv, net::OK);
+ ASSERT_EQ(net::OK, rv);
unsigned char client_out[kKeyingMaterialSize];
rv = client_socket_->ExportKeyingMaterial(kKeyingLabel,
false, kKeyingContext,
client_out, sizeof(client_out));
- ASSERT_EQ(rv, net::OK);
- EXPECT_TRUE(memcmp(server_out, client_out, sizeof(server_out)) == 0);
+ ASSERT_EQ(net::OK, rv);
+ EXPECT_EQ(0, memcmp(server_out, client_out, sizeof(server_out)));
const char* kKeyingLabelBad = "EXPERIMENTAL-server-socket-test-bad";
unsigned char client_bad[kKeyingMaterialSize];
@@ -474,7 +473,7 @@
false, kKeyingContext,
client_bad, sizeof(client_bad));
ASSERT_EQ(rv, net::OK);
- EXPECT_TRUE(memcmp(server_out, client_bad, sizeof(server_out)) != 0);
+ EXPECT_NE(0, memcmp(server_out, client_bad, sizeof(server_out)));
}
#endif
