net/test/test_server.h - Issue 3812007: Support restriction the TLS cipher selection in test_server.py

Side by Side Diff: net/test/test_server.h

Issue 3812007: Support restriction the TLS cipher selection in test_server.py (Closed)

Patch Set: Rebase to trunk Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_TEST_TEST_SERVER_H_	5 #ifndef NET_TEST_TEST_SERVER_H_

6 #define NET_TEST_TEST_SERVER_H_	6 #define NET_TEST_TEST_SERVER_H_

7 #pragma once	7 #pragma once

8	8

	9 #include <string>

	10 #include <vector>

	11

9 #include "build/build_config.h"	12 #include "build/build_config.h"

10	13

11 #include <string>

12

13 #include "base/compiler_specific.h"	14 #include "base/compiler_specific.h"

14 #include "base/file_path.h"	15 #include "base/file_path.h"

15 #include "base/file_util.h"	16 #include "base/file_util.h"

16 #include "base/process_util.h"	17 #include "base/process_util.h"

17 #include "net/base/host_port_pair.h"	18 #include "net/base/host_port_pair.h"

18	19

19 #if defined(OS_WIN)	20 #if defined(OS_WIN)

20 #include "base/scoped_handle_win.h"	21 #include "base/scoped_handle_win.h"

21 #endif	22 #endif

22	23

23 #if defined(USE_NSS)	24 #if defined(USE_NSS)

24 #include "base/ref_counted.h"	25 #include "base/ref_counted.h"

25 #include "net/base/x509_certificate.h"	26 #include "net/base/x509_certificate.h"

26 #endif	27 #endif

27	28

	29 class CommandLine;

28 class GURL;	30 class GURL;

29	31

30 namespace net {	32 namespace net {

31	33

32 class AddressList;	34 class AddressList;

33	35

34 // This object bounds the lifetime of an external python-based HTTP/FTP server	36 // This object bounds the lifetime of an external python-based HTTP/FTP server

35 // that can provide various responses useful for testing.	37 // that can provide various responses useful for testing.

36 class TestServer {	38 class TestServer {

37 public:	39 public:

38 enum Type {	40 enum Type {

39 TYPE_FTP,	41 TYPE_FTP,

40 TYPE_HTTP,	42 TYPE_HTTP,

41 TYPE_HTTPS,	43 TYPE_HTTPS,

42 TYPE_HTTPS_CLIENT_AUTH,	44 };

43 TYPE_HTTPS_MISMATCHED_HOSTNAME,	45

44 TYPE_HTTPS_EXPIRED_CERTIFICATE,	46 // Container for various options to control how the HTTPS server is

	47 // initialized.

	48 struct HTTPSOptions {

	49 enum ServerCertificate {

	50 CERT_OK,

	51 CERT_MISMATCHED_NAME,

	52 CERT_EXPIRED,

	53 };

	54

	55 // Bitmask of bulk encryption algorithms that the test server supports

	56 // and that can be selectively enabled or disabled.

	57 enum BulkCipher {

	58 // Special value used to indicate that any algorithm the server supports

	59 // is acceptable. Preferred over explicitly OR-ing all ciphers.

	60 BULK_CIPHER_ANY = 0,

	61

	62 BULK_CIPHER_RC4 = (1 << 0),

	63 BULK_CIPHER_AES128 = (1 << 1),

	64 BULK_CIPHER_AES256 = (1 << 2),

	65

	66 // NOTE: 3DES support in the Python test server has external

	67 // dependencies and not be available on all machines. Clients may not

	68 // be able to connect if only 3DES is specified.

	69 BULK_CIPHER_3DES = (1 << 3),

	70 };

	71

	72 // Initialize a new HTTPSOptions using CERT_OK as the certificate.

	73 HTTPSOptions();

	74

	75 // Initialize a new HTTPSOptions that will use the specified certificate.

	76 explicit HTTPSOptions(ServerCertificate cert);

	77 ~HTTPSOptions();

	78

	79 // Returns the relative filename of the file that contains the

	80 // \|server_certificate\|.

	81 FilePath GetCertificateFile() const;

	82

	83 // The certificate to use when serving requests.

	84 ServerCertificate server_certificate;

	85

	86 // True if a CertificateRequest should be sent to the client during

	87 // handshaking.

	88 bool request_client_certificate;

	89

	90 // If \|request_client_certificate\| is true, an optional list of files,

	91 // each containing a single, PEM-encoded X.509 certificates. The subject

	92 // from each certificate will be added to the certificate_authorities

	93 // field of the CertificateRequest.

	94 std::vector<FilePath> client_authorities;

	95

	96 // A bitwise-OR of BulkCipher that should be used by the

	97 // HTTPS server, or BULK_CIPHER_ANY to indicate that all implemented

	98 // ciphers are acceptable.

	99 int bulk_ciphers;

45 };	100 };

46	101

47 TestServer(Type type, const FilePath& document_root);	102 TestServer(Type type, const FilePath& document_root);

	103

	104 // Initialize a HTTPS TestServer with a specific set of HTTPSOptions.

	105 TestServer(const HTTPSOptions& https_options,

	106 const FilePath& document_root);

	107

48 ~TestServer();	108 ~TestServer();

49	109

50 bool Start() WARN_UNUSED_RESULT;	110 bool Start() WARN_UNUSED_RESULT;

51	111

52 // Stop the server started by Start().	112 // Stop the server started by Start().

53 bool Stop();	113 bool Stop();

54	114

55 const FilePath& document_root() const { return document_root_; }	115 const FilePath& document_root() const { return document_root_; }

56 const HostPortPair& host_port_pair() const { return host_port_pair_; }	116 const HostPortPair& host_port_pair() const { return host_port_pair_; }

57 std::string GetScheme() const;	117 std::string GetScheme() const;

58 bool GetAddressList(AddressList* address_list) const WARN_UNUSED_RESULT;	118 bool GetAddressList(AddressList* address_list) const WARN_UNUSED_RESULT;

59	119

60 GURL GetURL(const std::string& path);	120 GURL GetURL(const std::string& path);

61	121

62 GURL GetURLWithUser(const std::string& path,	122 GURL GetURLWithUser(const std::string& path,

63 const std::string& user);	123 const std::string& user);

64	124

65 GURL GetURLWithUserAndPassword(const std::string& path,	125 GURL GetURLWithUserAndPassword(const std::string& path,

66 const std::string& user,	126 const std::string& user,

67 const std::string& password);	127 const std::string& password);

68	128

69 private:	129 private:

	130 void Init(const FilePath& document_root);

	131

70 // Modify PYTHONPATH to contain libraries we need.	132 // Modify PYTHONPATH to contain libraries we need.

71 bool SetPythonPath() WARN_UNUSED_RESULT;	133 bool SetPythonPath() WARN_UNUSED_RESULT;

72	134

73 // Launches the Python test server. Returns true on success.	135 // Launches the Python test server. Returns true on success.

74 bool LaunchPython(const FilePath& testserver_path) WARN_UNUSED_RESULT;	136 bool LaunchPython(const FilePath& testserver_path) WARN_UNUSED_RESULT;

75	137

76 // Waits for the server to start. Returns true on success.	138 // Waits for the server to start. Returns true on success.

77 bool WaitToStart() WARN_UNUSED_RESULT;	139 bool WaitToStart() WARN_UNUSED_RESULT;

78	140

79 // Returns path to the root certificate.	141 // Returns path to the root certificate.

80 FilePath GetRootCertificatePath();	142 FilePath GetRootCertificatePath();

81	143

82 // Returns false if our test root certificate is not trusted.	144 // Returns false if our test root certificate is not trusted.

83 bool CheckCATrusted() WARN_UNUSED_RESULT;	145 bool CheckCATrusted() WARN_UNUSED_RESULT;

84	146

85 // Load the test root cert, if it hasn't been loaded yet.	147 // Load the test root cert, if it hasn't been loaded yet.

86 bool LoadTestRootCert() WARN_UNUSED_RESULT;	148 bool LoadTestRootCert() WARN_UNUSED_RESULT;

87	149

88 // Returns path to the SSL certificate we should use, or empty path	150 // Add the command line arguments for the Python test server to

89 // if not applicable.	151 // \|command_line\|. Return true on success.

90 FilePath GetCertificatePath();	152 bool AddCommandLineArguments(CommandLine* command_line) const;

91	153

92 // Document root of the test server.	154 // Document root of the test server.

93 FilePath document_root_;	155 FilePath document_root_;

94	156

95 // Directory that contains the SSL certificates.	157 // Directory that contains the SSL certificates.

96 FilePath certificates_dir_;	158 FilePath certificates_dir_;

97	159

98 // Address the test server listens on.	160 // Address the test server listens on.

99 HostPortPair host_port_pair_;	161 HostPortPair host_port_pair_;

100	162

101 // Handle of the Python process running the test server.	163 // Handle of the Python process running the test server.

102 base::ProcessHandle process_handle_;	164 base::ProcessHandle process_handle_;

103	165

104 #if defined(OS_WIN)	166 #if defined(OS_WIN)

105 // JobObject used to clean up orphaned child processes.	167 // JobObject used to clean up orphaned child processes.

106 ScopedHandle job_handle_;	168 ScopedHandle job_handle_;

107	169

108 // The file handle the child writes to when it starts.	170 // The file handle the child writes to when it starts.

109 ScopedHandle child_fd_;	171 ScopedHandle child_fd_;

110 #endif	172 #endif

111	173

112 #if defined(OS_POSIX)	174 #if defined(OS_POSIX)

113 // The file descriptor the child writes to when it starts.	175 // The file descriptor the child writes to when it starts.

114 int child_fd_;	176 int child_fd_;

115 file_util::ScopedFD child_fd_closer_;	177 file_util::ScopedFD child_fd_closer_;

116 #endif	178 #endif

117	179

	180 // If \|type_\| is TYPE_HTTPS, the TLS settings to use for the test server.

	181 HTTPSOptions https_options_;

	182

118 #if defined(USE_NSS)	183 #if defined(USE_NSS)

119 scoped_refptr<X509Certificate> cert_;	184 scoped_refptr<X509Certificate> cert_;

120 #endif	185 #endif

121	186

122 Type type_;	187 Type type_;

123	188

124 DISALLOW_COPY_AND_ASSIGN(TestServer);	189 DISALLOW_COPY_AND_ASSIGN(TestServer);

125 };	190 };

126	191

127 } // namespace net	192 } // namespace net

128	193

129 #endif // NET_TEST_TEST_SERVER_H_	194 #endif // NET_TEST_TEST_SERVER_H_

OLD	NEW

« no previous file with comments | « net/socket/ssl_client_socket_unittest.cc ('k') | net/test/test_server.cc » ('j') | no next file with comments »