Skip to content

GitLab

T
tangled
Commit 6187606f authored by Elly Fong-Jones's avatar Elly Fong-Jones Committed by Commit Bot
Browse files
Options

mac: fix SSLUITest.SHA1IsDefaultDisabled on Mac 10.15 

On this OS release certs with SHA1 signatures are considered invalid
by the system stack. Reflect this in the test expectations.

Bug: 1061026
Change-Id: Ia7119cb84ac9d4176de5452c9ae4f25f4782033b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2099570
Commit-Queue: Elly Fong-Jones <ellyjones@chromium.org>
Reviewed-by: default avatarRyan Sleevi <rsleevi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#749715}
parent 9fdcb7d9
Hide whitespace changes
Inline Side-by-side
Showing with 16 additions and 2 deletions
chrome/browser/ssl/ssl_browsertest.cc
View file @ 6187606f
......@@ -207,6 +207,10 @@
#include "components/session_manager/core/session_manager.h"
#endif // defined(OS_CHROMEOS)
#if defined(OS_MACOSX)
#include "base/mac/mac_util.h"
#endif
using content::InterstitialPageDelegate;
using content::WebContents;
namespace AuthState = ssl_test_util::AuthState;
......@@ -1717,9 +1721,19 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, SHA1IsDefaultDisabled) {
ui_test_utils::NavigateToURL(browser(),
https_server_sha1_.GetURL("/ssl/google.html"));
int expected_error = net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;
#if defined(OS_MACOSX)
// On macOS 10.15 (and presumably later) SHA1 certs are considered prima
// facie invalid by the system verifier.
// TODO(https://crbug.com/977767): Reconsider this when the built-in verifier
// is used on Mac.
if (base::mac::IsAtLeastOS10_15())
expected_error |= net::CERT_STATUS_INVALID;
#endif
ssl_test_util::CheckAuthenticationBrokenState(
browser()->tab_strip_model()->GetActiveWebContents(),
net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM,
browser()->tab_strip_model()->GetActiveWebContents(), expected_error,
AuthState::SHOWING_INTERSTITIAL);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment