| Index: remoting/protocol/v1_authenticator_unittest.cc
|
| diff --git a/remoting/protocol/v1_authenticator_unittest.cc b/remoting/protocol/v1_authenticator_unittest.cc
|
| index 0ba9e512d3763482049c1353ef5587dd234a6c9f..f96d5e0453d263881435f981634a8e2365a60823 100644
|
| --- a/remoting/protocol/v1_authenticator_unittest.cc
|
| +++ b/remoting/protocol/v1_authenticator_unittest.cc
|
| @@ -2,24 +2,47 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| +#include "remoting/protocol/v1_authenticator.h"
|
| +
|
| +#include "base/bind.h"
|
| #include "base/file_path.h"
|
| #include "base/file_util.h"
|
| +#include "base/message_loop.h"
|
| #include "base/path_service.h"
|
| #include "crypto/rsa_private_key.h"
|
| -#include "remoting/protocol/v1_authenticator.h"
|
| +#include "net/base/net_errors.h"
|
| +#include "remoting/protocol/authenticator.h"
|
| +#include "remoting/protocol/channel_authenticator.h"
|
| +#include "remoting/protocol/connection_tester.h"
|
| +#include "remoting/protocol/fake_session.h"
|
| +#include "remoting/protocol/v1_client_channel_authenticator.h"
|
| +#include "remoting/protocol/v1_host_channel_authenticator.h"
|
| #include "testing/gmock/include/gmock/gmock.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
| #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"
|
|
|
| +using testing::_;
|
| +using testing::DeleteArg;
|
| +using testing::SaveArg;
|
| +
|
| namespace remoting {
|
| namespace protocol {
|
|
|
| namespace {
|
| -const char kHostJid[] = "host1@gmail.com/123";
|
| +
|
| +const int kMessageSize = 100;
|
| +const int kMessages = 1;
|
| +
|
| const char kClientJid[] = "host2@gmail.com/321";
|
|
|
| const char kTestSharedSecret[] = "1234-1234-5678";
|
| const char kTestSharedSecretBad[] = "0000-0000-0001";
|
| +
|
| +class MockChannelDoneCallback {
|
| + public:
|
| + MOCK_METHOD2(OnDone, void(net::Error error, net::StreamSocket* socket));
|
| +};
|
| +
|
| } // namespace
|
|
|
| class V1AuthenticatorTest : public testing::Test {
|
| @@ -30,8 +53,7 @@ class V1AuthenticatorTest : public testing::Test {
|
| }
|
|
|
| protected:
|
| - void InitAuthenticators(const std::string& client_secret,
|
| - const std::string& host_secret) {
|
| + virtual void SetUp() OVERRIDE {
|
| FilePath certs_dir;
|
| PathService::Get(base::DIR_SOURCE_ROOT, &certs_dir);
|
| certs_dir = certs_dir.AppendASCII("net");
|
| @@ -40,8 +62,7 @@ class V1AuthenticatorTest : public testing::Test {
|
| certs_dir = certs_dir.AppendASCII("certificates");
|
|
|
| FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der");
|
| - std::string cert_der;
|
| - ASSERT_TRUE(file_util::ReadFileToString(cert_path, &cert_der));
|
| + ASSERT_TRUE(file_util::ReadFileToString(cert_path, &host_cert_));
|
|
|
| FilePath key_path = certs_dir.AppendASCII("unittest.key.bin");
|
| std::string key_string;
|
| @@ -52,9 +73,12 @@ class V1AuthenticatorTest : public testing::Test {
|
| key_string.length()));
|
| private_key_.reset(
|
| crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector));
|
| + }
|
|
|
| + void InitAuthenticators(const std::string& client_secret,
|
| + const std::string& host_secret) {
|
| host_.reset(new V1HostAuthenticator(
|
| - cert_der, private_key_.get(), host_secret, kClientJid));
|
| + host_cert_, private_key_.get(), host_secret, kClientJid));
|
| client_.reset(new V1ClientAuthenticator(kClientJid, client_secret));
|
| }
|
|
|
| @@ -91,9 +115,54 @@ class V1AuthenticatorTest : public testing::Test {
|
| host_->state() != Authenticator::REJECTED);
|
| }
|
|
|
| + void RunChannelAuth(bool expected_fail) {
|
| + client_fake_socket_.reset(new FakeSocket());
|
| + host_fake_socket_.reset(new FakeSocket());
|
| + client_fake_socket_->SetPeer(host_fake_socket_.get());
|
| + host_fake_socket_->SetPeer(client_fake_socket_.get());
|
| +
|
| + client_auth_->SecureAndAuthenticate(
|
| + client_fake_socket_.release(),
|
| + base::Bind(&MockChannelDoneCallback::OnDone,
|
| + base::Unretained(&client_callback_)));
|
| +
|
| + host_auth_->SecureAndAuthenticate(
|
| + host_fake_socket_.release(),
|
| + base::Bind(&MockChannelDoneCallback::OnDone,
|
| + base::Unretained(&host_callback_)));
|
| +
|
| + net::StreamSocket* client_socket = NULL;
|
| + net::StreamSocket* host_socket = NULL;
|
| +
|
| + EXPECT_CALL(client_callback_, OnDone(net::OK, _))
|
| + .WillOnce(SaveArg<1>(&client_socket));
|
| + if (expected_fail) {
|
| + EXPECT_CALL(host_callback_, OnDone(net::ERR_FAILED, NULL));
|
| + } else {
|
| + EXPECT_CALL(host_callback_, OnDone(net::OK, _))
|
| + .WillOnce(SaveArg<1>(&host_socket));
|
| + }
|
| +
|
| + message_loop_.RunAllPending();
|
| +
|
| + client_socket_.reset(client_socket);
|
| + host_socket_.reset(host_socket);
|
| + }
|
| +
|
| + MessageLoop message_loop_;
|
| +
|
| scoped_ptr<crypto::RSAPrivateKey> private_key_;
|
| + std::string host_cert_;
|
| scoped_ptr<V1HostAuthenticator> host_;
|
| scoped_ptr<V1ClientAuthenticator> client_;
|
| + scoped_ptr<FakeSocket> client_fake_socket_;
|
| + scoped_ptr<FakeSocket> host_fake_socket_;
|
| + scoped_ptr<ChannelAuthenticator> client_auth_;
|
| + scoped_ptr<ChannelAuthenticator> host_auth_;
|
| + MockChannelDoneCallback client_callback_;
|
| + MockChannelDoneCallback host_callback_;
|
| + scoped_ptr<net::StreamSocket> client_socket_;
|
| + scoped_ptr<net::StreamSocket> host_socket_;
|
|
|
| DISALLOW_COPY_AND_ASSIGN(V1AuthenticatorTest);
|
| };
|
| @@ -106,8 +175,23 @@ TEST_F(V1AuthenticatorTest, SuccessfulAuth) {
|
| }
|
| ASSERT_EQ(Authenticator::ACCEPTED, host_->state());
|
| ASSERT_EQ(Authenticator::ACCEPTED, client_->state());
|
| +
|
| + client_auth_.reset(client_->CreateChannelAuthenticator());
|
| + host_auth_.reset(host_->CreateChannelAuthenticator());
|
| + RunChannelAuth(false);
|
| +
|
| + EXPECT_TRUE(client_socket_.get() != NULL);
|
| + EXPECT_TRUE(host_socket_.get() != NULL);
|
| +
|
| + StreamConnectionTester tester(host_socket_.get(), client_socket_.get(),
|
| + kMessageSize, kMessages);
|
| +
|
| + tester.Start();
|
| + message_loop_.Run();
|
| + tester.CheckResults();
|
| }
|
|
|
| +// Verify that connection is rejected when secrets don't match.
|
| TEST_F(V1AuthenticatorTest, InvalidSecret) {
|
| {
|
| SCOPED_TRACE("RunAuthExchange");
|
| @@ -117,5 +201,17 @@ TEST_F(V1AuthenticatorTest, InvalidSecret) {
|
| ASSERT_EQ(Authenticator::REJECTED, host_->state());
|
| }
|
|
|
| +// Verify that channels cannot be using invalid shared secret.
|
| +TEST_F(V1AuthenticatorTest, InvalidChannelSecret) {
|
| + client_auth_.reset(new V1ClientChannelAuthenticator(
|
| + host_cert_, kTestSharedSecretBad));
|
| + host_auth_.reset(new V1HostChannelAuthenticator(
|
| + host_cert_, private_key_.get(),kTestSharedSecret));
|
| +
|
| + RunChannelAuth(true);
|
| +
|
| + EXPECT_TRUE(host_socket_.get() == NULL);
|
| +}
|
| +
|
| } // namespace protocol
|
| } // namespace remoting
|
|
|
Chromium Code Reviews
Issue 8743023:
Separate Authenticator and Session unittests. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src