shill: vpn: Implement NSS database interface class.
Use the NSS class to lookup NSS certificates for OpenVPN.
BUG=chromium-os:28792
TEST=unit tests
Change-Id: I2e0c7924d664f375f5b01bc73506e2b91e6f8720
Reviewed-on: https://gerrit.chromium.org/gerrit/19457
Tested-by: Darin Petkov <petkov@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Commit-Ready: Darin Petkov <petkov@chromium.org>
diff --git a/nss_unittest.cc b/nss_unittest.cc
new file mode 100644
index 0000000..57163f7
--- /dev/null
+++ b/nss_unittest.cc
@@ -0,0 +1,72 @@
+// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "shill/nss.h"
+
+#include <gtest/gtest.h>
+
+#include "shill/mock_glib.h"
+
+using std::vector;
+using testing::_;
+using testing::Return;
+using testing::SetArgumentPointee;
+
+namespace shill {
+
+class NSSTest : public testing::Test {
+ public:
+ NSSTest() : nss_(NSS::GetInstance()) {
+ nss_->glib_ = &glib_;
+ test_id_.push_back(0x1a);
+ test_id_.push_back(0x2b);
+ }
+
+ protected:
+ vector<char> test_id_;
+ MockGLib glib_;
+ NSS *nss_;
+};
+
+namespace {
+MATCHER_P(GetCertfileArgv, type, "") {
+ if (!arg || !arg[0] || !arg[1] || !arg[2] || !arg[3] || arg[4]) {
+ return false;
+ }
+ if (strcmp(type, arg[2])) {
+ return false;
+ }
+ if (strcmp(arg[3], "/tmp/nss-cert.1a2b")) {
+ return false;
+ }
+ return true;
+}
+} // namespace
+
+TEST_F(NSSTest, GetCertfile) {
+ EXPECT_CALL(glib_,
+ SpawnSync(_, GetCertfileArgv("pem"), _, _, _, _, _, _, _, _))
+ .WillOnce(Return(false))
+ .WillOnce(DoAll(SetArgumentPointee<8>(1), Return(true)))
+ .WillOnce(DoAll(SetArgumentPointee<8>(0), Return(true)));
+ EXPECT_TRUE(nss_->GetCertfile("foo", test_id_, "pem").empty());
+ EXPECT_TRUE(nss_->GetCertfile("foo", test_id_, "pem").empty());
+ EXPECT_FALSE(nss_->GetCertfile("foo", test_id_, "pem").empty());
+}
+
+TEST_F(NSSTest, GetPEMCertfile) {
+ EXPECT_CALL(glib_,
+ SpawnSync(_, GetCertfileArgv("pem"), _, _, _, _, _, _, _, _))
+ .WillOnce(DoAll(SetArgumentPointee<8>(0), Return(true)));
+ EXPECT_FALSE(nss_->GetPEMCertfile("foo", test_id_).empty());
+}
+
+TEST_F(NSSTest, GetDERCertfile) {
+ EXPECT_CALL(glib_,
+ SpawnSync(_, GetCertfileArgv("der"), _, _, _, _, _, _, _, _))
+ .WillOnce(DoAll(SetArgumentPointee<8>(0), Return(true)));
+ EXPECT_FALSE(nss_->GetDERCertfile("foo", test_id_).empty());
+}
+
+} // namespace shill