OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include "net/base/address_list.h" | 7 #include "net/base/address_list.h" |
8 #include "net/base/host_resolver.h" | 8 #include "net/base/host_resolver.h" |
9 #include "net/base/io_buffer.h" | 9 #include "net/base/io_buffer.h" |
10 #include "net/base/net_log.h" | 10 #include "net/base/net_log.h" |
(...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
160 } | 160 } |
161 | 161 |
162 // We cannot test sock->IsConnected(), as the NSS implementation disconnects | 162 // We cannot test sock->IsConnected(), as the NSS implementation disconnects |
163 // the socket when it encounters an error, whereas other implementations | 163 // the socket when it encounters an error, whereas other implementations |
164 // leave it connected. | 164 // leave it connected. |
165 | 165 |
166 EXPECT_TRUE(net::LogContainsEndEvent( | 166 EXPECT_TRUE(net::LogContainsEndEvent( |
167 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); | 167 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
168 } | 168 } |
169 | 169 |
170 // TODO(davidben): Also test providing a certificate. | 170 // Attempt to connect to a page which requests a client certificate. It should |
171 TEST_F(SSLClientSocketTest, ConnectClientAuthNoCert) { | 171 // return an error code on connect. |
| 172 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) { |
172 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, | 173 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, |
173 FilePath()); | 174 FilePath()); |
174 ASSERT_TRUE(test_server.Start()); | 175 ASSERT_TRUE(test_server.Start()); |
175 | 176 |
176 net::AddressList addr; | 177 net::AddressList addr; |
177 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 178 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
178 | 179 |
179 TestCompletionCallback callback; | 180 TestCompletionCallback callback; |
180 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); | 181 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
181 net::ClientSocket* transport = new net::TCPClientSocket(addr, &log); | 182 net::ClientSocket* transport = new net::TCPClientSocket(addr, &log); |
(...skipping 22 matching lines...) Expand all Loading... |
204 } | 205 } |
205 | 206 |
206 // We cannot test sock->IsConnected(), as the NSS implementation disconnects | 207 // We cannot test sock->IsConnected(), as the NSS implementation disconnects |
207 // the socket when it encounters an error, whereas other implementations | 208 // the socket when it encounters an error, whereas other implementations |
208 // leave it connected. | 209 // leave it connected. |
209 | 210 |
210 EXPECT_TRUE(net::LogContainsEndEvent( | 211 EXPECT_TRUE(net::LogContainsEndEvent( |
211 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); | 212 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
212 } | 213 } |
213 | 214 |
| 215 // Connect to a server requesting optional client authentication. Send it a |
| 216 // null certificate. It should allow the connection. |
| 217 // |
| 218 // TODO(davidben): Also test providing an actual certificate. |
| 219 TEST_F(SSLClientSocketTest, ConnectClientAuthSendNullCert) { |
| 220 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, |
| 221 FilePath()); |
| 222 ASSERT_TRUE(test_server.Start()); |
| 223 |
| 224 net::AddressList addr; |
| 225 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 226 |
| 227 TestCompletionCallback callback; |
| 228 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 229 net::ClientSocket* transport = new net::TCPClientSocket(addr, &log); |
| 230 int rv = transport->Connect(&callback); |
| 231 if (rv == net::ERR_IO_PENDING) |
| 232 rv = callback.WaitForResult(); |
| 233 EXPECT_EQ(net::OK, rv); |
| 234 |
| 235 net::SSLConfig ssl_config = kDefaultSSLConfig; |
| 236 ssl_config.send_client_cert = true; |
| 237 ssl_config.client_cert = NULL; |
| 238 |
| 239 scoped_ptr<net::SSLClientSocket> sock( |
| 240 socket_factory_->CreateSSLClientSocket(transport, |
| 241 test_server.host_port_pair().host(), ssl_config)); |
| 242 |
| 243 EXPECT_FALSE(sock->IsConnected()); |
| 244 |
| 245 // Our test server accepts certificate-less connections. |
| 246 // TODO(davidben): Add a test which requires them and verify the error. |
| 247 rv = sock->Connect(&callback); |
| 248 EXPECT_TRUE(net::LogContainsBeginEvent( |
| 249 log.entries(), 5, net::NetLog::TYPE_SSL_CONNECT)); |
| 250 if (rv != net::OK) { |
| 251 ASSERT_EQ(net::ERR_IO_PENDING, rv); |
| 252 EXPECT_FALSE(sock->IsConnected()); |
| 253 EXPECT_FALSE(net::LogContainsEndEvent( |
| 254 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
| 255 |
| 256 rv = callback.WaitForResult(); |
| 257 EXPECT_EQ(net::OK, rv); |
| 258 } |
| 259 |
| 260 EXPECT_TRUE(sock->IsConnected()); |
| 261 EXPECT_TRUE(net::LogContainsEndEvent( |
| 262 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
| 263 |
| 264 sock->Disconnect(); |
| 265 EXPECT_FALSE(sock->IsConnected()); |
| 266 } |
| 267 |
214 // TODO(wtc): Add unit tests for IsConnectedAndIdle: | 268 // TODO(wtc): Add unit tests for IsConnectedAndIdle: |
215 // - Server closes an SSL connection (with a close_notify alert message). | 269 // - Server closes an SSL connection (with a close_notify alert message). |
216 // - Server closes the underlying TCP connection directly. | 270 // - Server closes the underlying TCP connection directly. |
217 // - Server sends data unexpectedly. | 271 // - Server sends data unexpectedly. |
218 | 272 |
219 TEST_F(SSLClientSocketTest, Read) { | 273 TEST_F(SSLClientSocketTest, Read) { |
220 net::TestServer test_server(net::TestServer::TYPE_HTTPS, FilePath()); | 274 net::TestServer test_server(net::TestServer::TYPE_HTTPS, FilePath()); |
221 ASSERT_TRUE(test_server.Start()); | 275 ASSERT_TRUE(test_server.Start()); |
222 | 276 |
223 net::AddressList addr; | 277 net::AddressList addr; |
(...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
470 rv = callback.WaitForResult(); | 524 rv = callback.WaitForResult(); |
471 EXPECT_EQ(net::OK, rv); | 525 EXPECT_EQ(net::OK, rv); |
472 | 526 |
473 scoped_ptr<net::SSLClientSocket> sock( | 527 scoped_ptr<net::SSLClientSocket> sock( |
474 socket_factory_->CreateSSLClientSocket( | 528 socket_factory_->CreateSSLClientSocket( |
475 transport, test_server.host_port_pair().host(), kDefaultSSLConfig)); | 529 transport, test_server.host_port_pair().host(), kDefaultSSLConfig)); |
476 | 530 |
477 rv = sock->Connect(&callback); | 531 rv = sock->Connect(&callback); |
478 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); | 532 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); |
479 } | 533 } |
OLD | NEW |