| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include "net/base/address_list.h" | 7 #include "net/base/address_list.h" |
| 8 #include "net/base/host_resolver.h" | 8 #include "net/base/host_resolver.h" |
| 9 #include "net/base/io_buffer.h" | 9 #include "net/base/io_buffer.h" |
| 10 #include "net/base/net_log.h" | 10 #include "net/base/net_log.h" |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 86 } | 86 } |
| 87 | 87 |
| 88 EXPECT_TRUE(sock->IsConnected()); | 88 EXPECT_TRUE(sock->IsConnected()); |
| 89 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); | 89 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); |
| 90 | 90 |
| 91 sock->Disconnect(); | 91 sock->Disconnect(); |
| 92 EXPECT_FALSE(sock->IsConnected()); | 92 EXPECT_FALSE(sock->IsConnected()); |
| 93 } | 93 } |
| 94 | 94 |
| 95 TEST_F(SSLClientSocketTest, ConnectExpired) { | 95 TEST_F(SSLClientSocketTest, ConnectExpired) { |
| 96 net::TestServer test_server(net::TestServer::TYPE_HTTPS_EXPIRED_CERTIFICATE, | 96 net::TestServer::HTTPSOptions https_options( |
| 97 FilePath()); | 97 net::TestServer::HTTPSOptions::CERT_EXPIRED); |
| 98 net::TestServer test_server(https_options, FilePath()); |
| 98 ASSERT_TRUE(test_server.Start()); | 99 ASSERT_TRUE(test_server.Start()); |
| 99 | 100 |
| 100 net::AddressList addr; | 101 net::AddressList addr; |
| 101 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 102 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 102 | 103 |
| 103 TestCompletionCallback callback; | 104 TestCompletionCallback callback; |
| 104 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); | 105 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 105 net::ClientSocket* transport = new net::TCPClientSocket( | 106 net::ClientSocket* transport = new net::TCPClientSocket( |
| 106 addr, &log, net::NetLog::Source()); | 107 addr, &log, net::NetLog::Source()); |
| 107 int rv = transport->Connect(&callback); | 108 int rv = transport->Connect(&callback); |
| (...skipping 21 matching lines...) Expand all Loading... |
| 129 EXPECT_EQ(net::ERR_CERT_DATE_INVALID, rv); | 130 EXPECT_EQ(net::ERR_CERT_DATE_INVALID, rv); |
| 130 } | 131 } |
| 131 | 132 |
| 132 // We cannot test sock->IsConnected(), as the NSS implementation disconnects | 133 // We cannot test sock->IsConnected(), as the NSS implementation disconnects |
| 133 // the socket when it encounters an error, whereas other implementations | 134 // the socket when it encounters an error, whereas other implementations |
| 134 // leave it connected. | 135 // leave it connected. |
| 135 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); | 136 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); |
| 136 } | 137 } |
| 137 | 138 |
| 138 TEST_F(SSLClientSocketTest, ConnectMismatched) { | 139 TEST_F(SSLClientSocketTest, ConnectMismatched) { |
| 139 net::TestServer test_server(net::TestServer::TYPE_HTTPS_MISMATCHED_HOSTNAME, | 140 net::TestServer::HTTPSOptions https_options( |
| 140 FilePath()); | 141 net::TestServer::HTTPSOptions::CERT_MISMATCHED_NAME); |
| 142 net::TestServer test_server(https_options, FilePath()); |
| 141 ASSERT_TRUE(test_server.Start()); | 143 ASSERT_TRUE(test_server.Start()); |
| 142 | 144 |
| 143 net::AddressList addr; | 145 net::AddressList addr; |
| 144 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 146 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 145 | 147 |
| 146 TestCompletionCallback callback; | 148 TestCompletionCallback callback; |
| 147 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); | 149 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 148 net::ClientSocket* transport = new net::TCPClientSocket( | 150 net::ClientSocket* transport = new net::TCPClientSocket( |
| 149 addr, &log, net::NetLog::Source()); | 151 addr, &log, net::NetLog::Source()); |
| 150 int rv = transport->Connect(&callback); | 152 int rv = transport->Connect(&callback); |
| (...skipping 24 matching lines...) Expand all Loading... |
| 175 | 177 |
| 176 // We cannot test sock->IsConnected(), as the NSS implementation disconnects | 178 // We cannot test sock->IsConnected(), as the NSS implementation disconnects |
| 177 // the socket when it encounters an error, whereas other implementations | 179 // the socket when it encounters an error, whereas other implementations |
| 178 // leave it connected. | 180 // leave it connected. |
| 179 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); | 181 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); |
| 180 } | 182 } |
| 181 | 183 |
| 182 // Attempt to connect to a page which requests a client certificate. It should | 184 // Attempt to connect to a page which requests a client certificate. It should |
| 183 // return an error code on connect. | 185 // return an error code on connect. |
| 184 TEST_F(SSLClientSocketTest, FLAKY_ConnectClientAuthCertRequested) { | 186 TEST_F(SSLClientSocketTest, FLAKY_ConnectClientAuthCertRequested) { |
| 185 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, | 187 net::TestServer::HTTPSOptions https_options; |
| 186 FilePath()); | 188 https_options.request_client_certificate = true; |
| 189 net::TestServer test_server(https_options, FilePath()); |
| 187 ASSERT_TRUE(test_server.Start()); | 190 ASSERT_TRUE(test_server.Start()); |
| 188 | 191 |
| 189 net::AddressList addr; | 192 net::AddressList addr; |
| 190 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 193 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 191 | 194 |
| 192 TestCompletionCallback callback; | 195 TestCompletionCallback callback; |
| 193 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); | 196 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 194 net::ClientSocket* transport = new net::TCPClientSocket( | 197 net::ClientSocket* transport = new net::TCPClientSocket( |
| 195 addr, &log, net::NetLog::Source()); | 198 addr, &log, net::NetLog::Source()); |
| 196 int rv = transport->Connect(&callback); | 199 int rv = transport->Connect(&callback); |
| (...skipping 25 matching lines...) Expand all Loading... |
| 222 // the socket when it encounters an error, whereas other implementations | 225 // the socket when it encounters an error, whereas other implementations |
| 223 // leave it connected. | 226 // leave it connected. |
| 224 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); | 227 EXPECT_TRUE(LogContainsSSLConnectEndEvent(log.entries(), -1)); |
| 225 } | 228 } |
| 226 | 229 |
| 227 // Connect to a server requesting optional client authentication. Send it a | 230 // Connect to a server requesting optional client authentication. Send it a |
| 228 // null certificate. It should allow the connection. | 231 // null certificate. It should allow the connection. |
| 229 // | 232 // |
| 230 // TODO(davidben): Also test providing an actual certificate. | 233 // TODO(davidben): Also test providing an actual certificate. |
| 231 TEST_F(SSLClientSocketTest, ConnectClientAuthSendNullCert) { | 234 TEST_F(SSLClientSocketTest, ConnectClientAuthSendNullCert) { |
| 232 net::TestServer test_server(net::TestServer::TYPE_HTTPS_CLIENT_AUTH, | 235 net::TestServer::HTTPSOptions https_options; |
| 233 FilePath()); | 236 https_options.request_client_certificate = true; |
| 237 net::TestServer test_server(https_options, FilePath()); |
| 234 ASSERT_TRUE(test_server.Start()); | 238 ASSERT_TRUE(test_server.Start()); |
| 235 | 239 |
| 236 net::AddressList addr; | 240 net::AddressList addr; |
| 237 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 241 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
| 238 | 242 |
| 239 TestCompletionCallback callback; | 243 TestCompletionCallback callback; |
| 240 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); | 244 net::CapturingNetLog log(net::CapturingNetLog::kUnbounded); |
| 241 net::ClientSocket* transport = new net::TCPClientSocket( | 245 net::ClientSocket* transport = new net::TCPClientSocket( |
| 242 addr, &log, net::NetLog::Source()); | 246 addr, &log, net::NetLog::Source()); |
| 243 int rv = transport->Connect(&callback); | 247 int rv = transport->Connect(&callback); |
| (...skipping 304 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 548 EXPECT_EQ(net::OK, rv); | 552 EXPECT_EQ(net::OK, rv); |
| 549 | 553 |
| 550 scoped_ptr<net::SSLClientSocket> sock( | 554 scoped_ptr<net::SSLClientSocket> sock( |
| 551 socket_factory_->CreateSSLClientSocket( | 555 socket_factory_->CreateSSLClientSocket( |
| 552 transport, test_server.host_port_pair().host(), kDefaultSSLConfig, | 556 transport, test_server.host_port_pair().host(), kDefaultSSLConfig, |
| 553 NULL /* ssl_host_info */)); | 557 NULL /* ssl_host_info */)); |
| 554 | 558 |
| 555 rv = sock->Connect(&callback); | 559 rv = sock->Connect(&callback); |
| 556 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); | 560 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); |
| 557 } | 561 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3812007:
Support restriction the TLS cipher selection in test_server.py (Closed)
