| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include "net/base/address_list.h" | 7 #include "net/base/address_list.h" |
| 8 #include "net/base/host_resolver.h" | 8 #include "net/base/host_resolver.h" |
| 9 #include "net/base/io_buffer.h" | 9 #include "net/base/io_buffer.h" |
| 10 #include "net/base/net_log.h" | 10 #include "net/base/net_log.h" |
| (...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 160 } | 160 } |
| 161 | 161 |
| 162 // We cannot test sock->IsConnected(), as the NSS implementation disconnects | 162 // We cannot test sock->IsConnected(), as the NSS implementation disconnects |
| 163 // the socket when it encounters an error, whereas other implementations | 163 // the socket when it encounters an error, whereas other implementations |
| 164 // leave it connected. | 164 // leave it connected. |
| 165 | 165 |
| 166 EXPECT_TRUE(net::LogContainsEndEvent( | 166 EXPECT_TRUE(net::LogContainsEndEvent( |
| 167 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); | 167 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
| 168 } | 168 } |
| 169 | 169 |
| 170 // TODO(davidben): Also test providing a certificate. | 170 // Attempt to connect to a page which requests a client certificate. It should |
| 171 TEST_F(SSLClientSocketTest, ConnectClientAuthNoCert) { | 171 // return an error code on connect. |
| 172 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) { |
| 172 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, | 173 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, |
| 173 FilePath()); | 174 FilePath()); |
| 174 ASSERT_TRUE(test_server.Start()); | 175 ASSERT_TRUE(test_server.Start()); |
| 175 | 176 |
| 176 net::AddressList addr; | 177 net::AddressList addr; |
| 177 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 178 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 178 | 179 |
| 179 TestCompletionCallback callback; | 180 TestCompletionCallback callback; |
| 180 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); | 181 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 181 net::ClientSocket* transport = new net::TCPClientSocket(addr, &log); | 182 net::ClientSocket* transport = new net::TCPClientSocket(addr, &log); |
| (...skipping 22 matching lines...) Expand all Loading... |
| 204 } | 205 } |
| 205 | 206 |
| 206 // We cannot test sock->IsConnected(), as the NSS implementation disconnects | 207 // We cannot test sock->IsConnected(), as the NSS implementation disconnects |
| 207 // the socket when it encounters an error, whereas other implementations | 208 // the socket when it encounters an error, whereas other implementations |
| 208 // leave it connected. | 209 // leave it connected. |
| 209 | 210 |
| 210 EXPECT_TRUE(net::LogContainsEndEvent( | 211 EXPECT_TRUE(net::LogContainsEndEvent( |
| 211 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); | 212 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
| 212 } | 213 } |
| 213 | 214 |
| 215 // Connect to a server requesting optional client authentication. Send it a |
| 216 // null certificate. It should allow the connection. |
| 217 // |
| 218 // TODO(davidben): Also test providing an actual certificate. |
| 219 TEST_F(SSLClientSocketTest, ConnectClientAuthSendNullCert) { |
| 220 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, |
| 221 FilePath()); |
| 222 ASSERT_TRUE(test_server.Start()); |
| 223 |
| 224 net::AddressList addr; |
| 225 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 226 |
| 227 TestCompletionCallback callback; |
| 228 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 229 net::ClientSocket* transport = new net::TCPClientSocket(addr, &log); |
| 230 int rv = transport->Connect(&callback); |
| 231 if (rv == net::ERR_IO_PENDING) |
| 232 rv = callback.WaitForResult(); |
| 233 EXPECT_EQ(net::OK, rv); |
| 234 |
| 235 net::SSLConfig ssl_config = kDefaultSSLConfig; |
| 236 ssl_config.send_client_cert = true; |
| 237 ssl_config.client_cert = NULL; |
| 238 |
| 239 scoped_ptr<net::SSLClientSocket> sock( |
| 240 socket_factory_->CreateSSLClientSocket(transport, |
| 241 test_server.host_port_pair().host(), ssl_config)); |
| 242 |
| 243 EXPECT_FALSE(sock->IsConnected()); |
| 244 |
| 245 // Our test server accepts certificate-less connections. |
| 246 // TODO(davidben): Add a test which requires them and verify the error. |
| 247 rv = sock->Connect(&callback); |
| 248 EXPECT_TRUE(net::LogContainsBeginEvent( |
| 249 log.entries(), 5, net::NetLog::TYPE_SSL_CONNECT)); |
| 250 if (rv != net::OK) { |
| 251 ASSERT_EQ(net::ERR_IO_PENDING, rv); |
| 252 EXPECT_FALSE(sock->IsConnected()); |
| 253 EXPECT_FALSE(net::LogContainsEndEvent( |
| 254 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
| 255 |
| 256 rv = callback.WaitForResult(); |
| 257 EXPECT_EQ(net::OK, rv); |
| 258 } |
| 259 |
| 260 EXPECT_TRUE(sock->IsConnected()); |
| 261 EXPECT_TRUE(net::LogContainsEndEvent( |
| 262 log.entries(), -1, net::NetLog::TYPE_SSL_CONNECT)); |
| 263 |
| 264 sock->Disconnect(); |
| 265 EXPECT_FALSE(sock->IsConnected()); |
| 266 } |
| 267 |
| 214 // TODO(wtc): Add unit tests for IsConnectedAndIdle: | 268 // TODO(wtc): Add unit tests for IsConnectedAndIdle: |
| 215 // - Server closes an SSL connection (with a close_notify alert message). | 269 // - Server closes an SSL connection (with a close_notify alert message). |
| 216 // - Server closes the underlying TCP connection directly. | 270 // - Server closes the underlying TCP connection directly. |
| 217 // - Server sends data unexpectedly. | 271 // - Server sends data unexpectedly. |
| 218 | 272 |
| 219 TEST_F(SSLClientSocketTest, Read) { | 273 TEST_F(SSLClientSocketTest, Read) { |
| 220 net::TestServer test_server(net::TestServer::TYPE_HTTPS, FilePath()); | 274 net::TestServer test_server(net::TestServer::TYPE_HTTPS, FilePath()); |
| 221 ASSERT_TRUE(test_server.Start()); | 275 ASSERT_TRUE(test_server.Start()); |
| 222 | 276 |
| 223 net::AddressList addr; | 277 net::AddressList addr; |
| (...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 470 rv = callback.WaitForResult(); | 524 rv = callback.WaitForResult(); |
| 471 EXPECT_EQ(net::OK, rv); | 525 EXPECT_EQ(net::OK, rv); |
| 472 | 526 |
| 473 scoped_ptr<net::SSLClientSocket> sock( | 527 scoped_ptr<net::SSLClientSocket> sock( |
| 474 socket_factory_->CreateSSLClientSocket( | 528 socket_factory_->CreateSSLClientSocket( |
| 475 transport, test_server.host_port_pair().host(), kDefaultSSLConfig)); | 529 transport, test_server.host_port_pair().host(), kDefaultSSLConfig)); |
| 476 | 530 |
| 477 rv = sock->Connect(&callback); | 531 rv = sock->Connect(&callback); |
| 478 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); | 532 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); |
| 479 } | 533 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3141026:
Reintegrate certificate selection in HttpNetworkTransaction DoLoop (Closed)
