| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" | 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
| 9 | 9 |
| 10 #include "base/lazy_instance.h" | 10 #include "base/lazy_instance.h" |
| 11 #include "base/scoped_temp_dir.h" | 11 #include "base/scoped_temp_dir.h" |
| 12 #include "base/values.h" | 12 #include "base/values.h" |
| 13 #include "chrome/browser/chromeos/cros/network_library.h" | 13 #include "chrome/browser/chromeos/cros/network_library.h" |
| 14 #include "crypto/nss_util.h" | 14 #include "crypto/nss_util.h" |
| 15 #include "net/base/cert_database.h" | 15 #include "net/base/cert_database.h" |
| 16 #include "net/base/crypto_module.h" | 16 #include "net/base/crypto_module.h" |
| 17 #include "net/base/x509_certificate.h" | 17 #include "net/base/x509_certificate.h" |
| 18 #include "testing/gtest/include/gtest/gtest.h" | 18 #include "testing/gtest/include/gtest/gtest.h" |
| 19 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 19 | 20 |
| 20 namespace chromeos { | 21 namespace chromeos { |
| 21 | 22 |
| 22 class OncNetworkParserTest : public testing::Test { | 23 class OncNetworkParserTest : public testing::Test { |
| 23 public: | 24 public: |
| 24 static void SetUpTestCase() { | 25 static void SetUpTestCase() { |
| 25 ASSERT_TRUE(temp_db_dir_.Get().CreateUniqueTempDir()); | 26 ASSERT_TRUE(temp_db_dir_.Get().CreateUniqueTempDir()); |
| 26 // Ideally, we'd open a test DB for each test case, and close it | 27 // Ideally, we'd open a test DB for each test case, and close it |
| 27 // again, removing the temp dir, but unfortunately, there's a | 28 // again, removing the temp dir, but unfortunately, there's a |
| 28 // bug in NSS that prevents this from working, so we just open | 29 // bug in NSS that prevents this from working, so we just open |
| (...skipping 16 matching lines...) Expand all Loading... |
| 45 | 46 |
| 46 // Test db should be empty at start of test. | 47 // Test db should be empty at start of test. |
| 47 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | 48 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 48 } | 49 } |
| 49 | 50 |
| 50 virtual void TearDown() { | 51 virtual void TearDown() { |
| 51 EXPECT_TRUE(CleanupSlotContents(slot_->os_module_handle())); | 52 EXPECT_TRUE(CleanupSlotContents(slot_->os_module_handle())); |
| 52 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | 53 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); |
| 53 } | 54 } |
| 54 | 55 |
| 56 const base::Value* GetExpectedProperty(const Network* network, |
| 57 PropertyIndex index, |
| 58 base::Value::Type expected_type); |
| 59 void CheckStringProperty(const Network* network, |
| 60 PropertyIndex index, |
| 61 const char* expected); |
| 62 void CheckBooleanProperty(const Network* network, |
| 63 PropertyIndex index, |
| 64 bool expected); |
| 65 void CheckIntegerProperty(const Network* network, |
| 66 PropertyIndex index, |
| 67 int expected); |
| 68 |
| 55 protected: | 69 protected: |
| 56 scoped_refptr<net::CryptoModule> slot_; | 70 scoped_refptr<net::CryptoModule> slot_; |
| 57 net::CertDatabase cert_db_; | 71 net::CertDatabase cert_db_; |
| 58 | 72 |
| 59 private: | 73 private: |
| 60 net::CertificateList ListCertsInSlot(PK11SlotInfo* slot) { | 74 net::CertificateList ListCertsInSlot(PK11SlotInfo* slot) { |
| 61 net::CertificateList result; | 75 net::CertificateList result; |
| 62 CERTCertList* cert_list = PK11_ListCertsInSlot(slot); | 76 CERTCertList* cert_list = PK11_ListCertsInSlot(slot); |
| 63 for (CERTCertListNode* node = CERT_LIST_HEAD(cert_list); | 77 for (CERTCertListNode* node = CERT_LIST_HEAD(cert_list); |
| 64 !CERT_LIST_END(node, cert_list); | 78 !CERT_LIST_END(node, cert_list); |
| (...skipping 14 matching lines...) Expand all Loading... |
| 79 for (size_t i = 0; i < certs.size(); ++i) { | 93 for (size_t i = 0; i < certs.size(); ++i) { |
| 80 if (!cert_db_.DeleteCertAndKey(certs[i])) | 94 if (!cert_db_.DeleteCertAndKey(certs[i])) |
| 81 ok = false; | 95 ok = false; |
| 82 } | 96 } |
| 83 return ok; | 97 return ok; |
| 84 } | 98 } |
| 85 | 99 |
| 86 static base::LazyInstance<ScopedTempDir> temp_db_dir_; | 100 static base::LazyInstance<ScopedTempDir> temp_db_dir_; |
| 87 }; | 101 }; |
| 88 | 102 |
| 103 const base::Value* OncNetworkParserTest::GetExpectedProperty( |
| 104 const Network* network, |
| 105 PropertyIndex index, |
| 106 base::Value::Type expected_type) { |
| 107 const base::Value* value; |
| 108 if (!network->GetProperty(index, &value)) { |
| 109 ADD_FAILURE() << "Property " << index << " does not exist"; |
| 110 return NULL; |
| 111 } |
| 112 if (!value->IsType(expected_type)) { |
| 113 ADD_FAILURE() << "Property " << index << " expected type " |
| 114 << expected_type << " actual type " |
| 115 << value->GetType(); |
| 116 return NULL; |
| 117 } |
| 118 return value; |
| 119 } |
| 120 |
| 121 void OncNetworkParserTest::CheckStringProperty(const Network* network, |
| 122 PropertyIndex index, |
| 123 const char* expected) { |
| 124 const base::Value* value = |
| 125 GetExpectedProperty(network, index, base::Value::TYPE_STRING); |
| 126 if (!value) |
| 127 return; |
| 128 std::string string_value; |
| 129 value->GetAsString(&string_value); |
| 130 EXPECT_EQ(expected, string_value); |
| 131 } |
| 132 |
| 133 void OncNetworkParserTest::CheckBooleanProperty(const Network* network, |
| 134 PropertyIndex index, |
| 135 bool expected) { |
| 136 const base::Value* value = |
| 137 GetExpectedProperty(network, index, base::Value::TYPE_BOOLEAN); |
| 138 if (!value) |
| 139 return; |
| 140 bool bool_value = false; |
| 141 value->GetAsBoolean(&bool_value); |
| 142 EXPECT_EQ(expected, bool_value); |
| 143 } |
| 144 |
| 145 void OncNetworkParserTest::CheckIntegerProperty(const Network* network, |
| 146 PropertyIndex index, |
| 147 int expected) { |
| 148 const base::Value* value = |
| 149 GetExpectedProperty(network, index, base::Value::TYPE_INTEGER); |
| 150 if (!value) |
| 151 return; |
| 152 int int_value = 0; |
| 153 value->GetAsInteger(&int_value); |
| 154 EXPECT_EQ(expected, int_value); |
| 155 } |
| 156 |
| 89 // static | 157 // static |
| 90 base::LazyInstance<ScopedTempDir> OncNetworkParserTest::temp_db_dir_ = | 158 base::LazyInstance<ScopedTempDir> OncNetworkParserTest::temp_db_dir_ = |
| 91 LAZY_INSTANCE_INITIALIZER; | 159 LAZY_INSTANCE_INITIALIZER; |
| 92 | 160 |
| 93 TEST_F(OncNetworkParserTest, TestCreateNetworkWifi1) { | 161 TEST_F(OncNetworkParserTest, TestCreateNetworkWifi1) { |
| 94 std::string test_blob( | 162 std::string test_blob( |
| 95 "{" | 163 "{" |
| 96 " \"NetworkConfigurations\": [{" | 164 " \"NetworkConfigurations\": [{" |
| 97 " \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5045}\"," | 165 " \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5045}\"," |
| 98 " \"Type\": \"WiFi\"," | 166 " \"Type\": \"WiFi\"," |
| 99 " \"WiFi\": {" | 167 " \"WiFi\": {" |
| 100 " \"Security\": \"WEP\"," | 168 " \"Security\": \"WEP-PSK\"," |
| 101 " \"SSID\": \"ssid\"," | 169 " \"SSID\": \"ssid\"," |
| 102 " \"Passphrase\": \"pass\"," | 170 " \"Passphrase\": \"pass\"," |
| 103 " }" | 171 " }" |
| 104 " }]" | 172 " }]" |
| 105 "}"); | 173 "}"); |
| 106 OncNetworkParser parser(test_blob); | 174 OncNetworkParser parser(test_blob); |
| 107 | 175 |
| 108 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | 176 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); |
| 109 EXPECT_EQ(0, parser.GetCertificatesSize()); | 177 EXPECT_EQ(0, parser.GetCertificatesSize()); |
| 110 EXPECT_FALSE(parser.ParseNetwork(1)); | 178 EXPECT_FALSE(parser.ParseNetwork(1)); |
| 111 Network* network = parser.ParseNetwork(0); | 179 Network* network = parser.ParseNetwork(0); |
| 112 ASSERT_TRUE(network); | 180 ASSERT_TRUE(network); |
| 113 | 181 |
| 114 EXPECT_EQ(network->type(), chromeos::TYPE_WIFI); | 182 EXPECT_EQ(network->type(), chromeos::TYPE_WIFI); |
| 115 WifiNetwork* wifi = static_cast<WifiNetwork*>(network); | 183 WifiNetwork* wifi = static_cast<WifiNetwork*>(network); |
| 116 EXPECT_EQ(wifi->encryption(), chromeos::SECURITY_WEP); | 184 EXPECT_EQ(wifi->encryption(), chromeos::SECURITY_WEP); |
| 185 CheckStringProperty(wifi, PROPERTY_INDEX_SECURITY, flimflam::kSecurityWep); |
| 117 EXPECT_EQ(wifi->name(), "ssid"); | 186 EXPECT_EQ(wifi->name(), "ssid"); |
| 187 CheckStringProperty(wifi, PROPERTY_INDEX_SSID, "ssid"); |
| 118 EXPECT_EQ(wifi->auto_connect(), false); | 188 EXPECT_EQ(wifi->auto_connect(), false); |
| 119 EXPECT_EQ(wifi->passphrase(), "pass"); | 189 EXPECT_EQ(wifi->passphrase(), "pass"); |
| 190 CheckStringProperty(wifi, PROPERTY_INDEX_PASSPHRASE, "pass"); |
| 120 } | 191 } |
| 121 | 192 |
| 122 TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP1) { | 193 TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP1) { |
| 123 std::string test_blob( | 194 std::string test_blob( |
| 124 "{" | 195 "{" |
| 125 " \"NetworkConfigurations\": [{" | 196 " \"NetworkConfigurations\": [{" |
| 126 " \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5045}\"," | 197 " \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5045}\"," |
| 127 " \"Type\": \"WiFi\"," | 198 " \"Type\": \"WiFi\"," |
| 128 " \"WiFi\": {" | 199 " \"WiFi\": {" |
| 129 " \"Security\": \"WPA2\"," | 200 " \"Security\": \"WPA-EAP\"," |
| 130 " \"SSID\": \"ssid\"," | 201 " \"SSID\": \"ssid\"," |
| 131 " \"AutoConnect\": true," | 202 " \"AutoConnect\": true," |
| 132 " \"EAP\": {" | 203 " \"EAP\": {" |
| 133 " \"Outer\": \"PEAP\"," | 204 " \"Outer\": \"PEAP\"," |
| 134 " \"UseSystemCAs\": false," | 205 " \"UseSystemCAs\": false," |
| 135 " }" | 206 " }" |
| 136 " }" | 207 " }" |
| 137 " }]" | 208 " }]" |
| 138 "}"); | 209 "}"); |
| 139 OncNetworkParser parser(test_blob); | 210 OncNetworkParser parser(test_blob); |
| 140 | 211 |
| 141 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | 212 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); |
| 142 EXPECT_EQ(0, parser.GetCertificatesSize()); | 213 EXPECT_EQ(0, parser.GetCertificatesSize()); |
| 143 EXPECT_FALSE(parser.ParseNetwork(1)); | 214 EXPECT_FALSE(parser.ParseNetwork(1)); |
| 144 Network* network = parser.ParseNetwork(0); | 215 Network* network = parser.ParseNetwork(0); |
| 145 ASSERT_TRUE(network); | 216 ASSERT_TRUE(network); |
| 146 | 217 |
| 147 EXPECT_EQ(network->type(), chromeos::TYPE_WIFI); | 218 EXPECT_EQ(network->type(), chromeos::TYPE_WIFI); |
| 148 WifiNetwork* wifi = static_cast<WifiNetwork*>(network); | 219 WifiNetwork* wifi = static_cast<WifiNetwork*>(network); |
| 149 EXPECT_EQ(wifi->encryption(), chromeos::SECURITY_8021X); | 220 EXPECT_EQ(wifi->encryption(), chromeos::SECURITY_8021X); |
| 221 CheckStringProperty(wifi, PROPERTY_INDEX_SECURITY, flimflam::kSecurity8021x); |
| 150 EXPECT_EQ(wifi->name(), "ssid"); | 222 EXPECT_EQ(wifi->name(), "ssid"); |
| 151 EXPECT_EQ(wifi->auto_connect(), true); | 223 EXPECT_EQ(wifi->auto_connect(), true); |
| 152 EXPECT_EQ(wifi->eap_method(), EAP_METHOD_PEAP); | 224 EXPECT_EQ(wifi->eap_method(), EAP_METHOD_PEAP); |
| 225 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_METHOD, |
| 226 flimflam::kEapMethodPEAP); |
| 153 EXPECT_EQ(wifi->eap_use_system_cas(), false); | 227 EXPECT_EQ(wifi->eap_use_system_cas(), false); |
| 154 } | 228 } |
| 155 | 229 |
| 156 TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP2) { | 230 TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP2) { |
| 157 std::string test_blob( | 231 std::string test_blob( |
| 158 "{" | 232 "{" |
| 159 " \"NetworkConfigurations\": [{" | 233 " \"NetworkConfigurations\": [{" |
| 160 " \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5045}\"," | 234 " \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5045}\"," |
| 161 " \"Type\": \"WiFi\"," | 235 " \"Type\": \"WiFi\"," |
| 162 " \"WiFi\": {" | 236 " \"WiFi\": {" |
| 163 " \"Security\": \"WPA2\"," | 237 " \"Security\": \"WPA-EAP\"," |
| 164 " \"SSID\": \"ssid\"," | 238 " \"SSID\": \"ssid\"," |
| 165 " \"AutoConnect\": false," | 239 " \"AutoConnect\": false," |
| 166 " \"EAP\": {" | 240 " \"EAP\": {" |
| 167 " \"Outer\": \"LEAP\"," | 241 " \"Outer\": \"LEAP\"," |
| 168 " \"Identity\": \"user\"," | 242 " \"Identity\": \"user\"," |
| 169 " \"Password\": \"pass\"," | 243 " \"Password\": \"pass\"," |
| 170 " \"AnonymousIdentity\": \"anon\"," | 244 " \"AnonymousIdentity\": \"anon\"," |
| 171 " }" | 245 " }" |
| 172 " }" | 246 " }" |
| 173 " }]" | 247 " }]" |
| 174 "}"); | 248 "}"); |
| 175 OncNetworkParser parser(test_blob); | 249 OncNetworkParser parser(test_blob); |
| 176 | 250 |
| 177 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | 251 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); |
| 178 EXPECT_EQ(0, parser.GetCertificatesSize()); | 252 EXPECT_EQ(0, parser.GetCertificatesSize()); |
| 179 EXPECT_FALSE(parser.ParseNetwork(1)); | 253 EXPECT_FALSE(parser.ParseNetwork(1)); |
| 180 Network* network = parser.ParseNetwork(0); | 254 Network* network = parser.ParseNetwork(0); |
| 181 ASSERT_TRUE(network); | 255 ASSERT_TRUE(network); |
| 182 | 256 |
| 183 EXPECT_EQ(network->type(), chromeos::TYPE_WIFI); | 257 EXPECT_EQ(network->type(), chromeos::TYPE_WIFI); |
| 184 WifiNetwork* wifi = static_cast<WifiNetwork*>(network); | 258 WifiNetwork* wifi = static_cast<WifiNetwork*>(network); |
| 185 EXPECT_EQ(wifi->encryption(), chromeos::SECURITY_8021X); | 259 EXPECT_EQ(wifi->encryption(), chromeos::SECURITY_8021X); |
| 186 EXPECT_EQ(wifi->name(), "ssid"); | 260 EXPECT_EQ(wifi->name(), "ssid"); |
| 187 EXPECT_EQ(wifi->auto_connect(), false); | 261 EXPECT_EQ(wifi->auto_connect(), false); |
| 188 EXPECT_EQ(wifi->eap_method(), EAP_METHOD_LEAP); | 262 EXPECT_EQ(wifi->eap_method(), EAP_METHOD_LEAP); |
| 189 EXPECT_EQ(wifi->eap_use_system_cas(), true); | 263 EXPECT_EQ(wifi->eap_use_system_cas(), true); |
| 190 EXPECT_EQ(wifi->eap_identity(), "user"); | 264 EXPECT_EQ(wifi->eap_identity(), "user"); |
| 265 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_IDENTITY, "user"); |
| 191 EXPECT_EQ(wifi->eap_passphrase(), "pass"); | 266 EXPECT_EQ(wifi->eap_passphrase(), "pass"); |
| 267 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_PASSWORD, "pass"); |
| 192 EXPECT_EQ(wifi->eap_anonymous_identity(), "anon"); | 268 EXPECT_EQ(wifi->eap_anonymous_identity(), "anon"); |
| 269 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_ANONYMOUS_IDENTITY, "anon"); |
| 270 } |
| 271 |
| 272 TEST_F(OncNetworkParserTest, TestCreateNetworkOpenVPN) { |
| 273 std::string test_blob( |
| 274 "{" |
| 275 " \"NetworkConfigurations\": [" |
| 276 " {" |
| 277 " \"GUID\": \"{408290ea-9299-4757-ab04-8957d55f0f13}\"," |
| 278 " \"Type\": \"VPN\"," |
| 279 " \"Name\": \"MyVPN\"," |
| 280 " \"VPN\": {" |
| 281 " \"Host\": \"vpn.acme.org\"," |
| 282 " \"Type\": \"OpenVPN\"," |
| 283 " \"OpenVPN\": {" |
| 284 " \"AuthRetry\": \"interact\"," |
| 285 " \"CompLZO\": \"true\"," |
| 286 " \"KeyDirection\": \"1\"," |
| 287 " \"Port\": 443," |
| 288 " \"Proto\": \"udp\"," |
| 289 " \"PushPeerInfo\": true," |
| 290 " \"RemoteCertEKU\": \"TLS Web Server Authentication\"," |
| 291 " \"RemoteCertKU\": [" |
| 292 " \"eo\"" |
| 293 " ]," |
| 294 " \"RemoteCertTLS\": \"server\"," |
| 295 " \"RenegSec\": 0," |
| 296 " \"ServerPollTimeout\": 10," |
| 297 " \"StaticChallenge\": \"My static challenge\"," |
| 298 " \"TLSAuthContents\": \"" |
| 299 "-----BEGIN OpenVPN Static key V1-----\n" |
| 300 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 301 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 302 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 303 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 304 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 305 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 306 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 307 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 308 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 309 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 310 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 311 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 312 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 313 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 314 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 315 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\n" |
| 316 "END OpenVPN Static key V1-----\n\"," |
| 317 " \"TLSRemote\": \"MyOpenVPNServer\"," |
| 318 " \"SaveCredentials\": false," |
| 319 " \"ServerCARef\": \"{55ca78f6-0842-4e1b-96a3-09a9e1a26ef5}\"," |
| 320 " \"ClientCertType\": \"Pattern\"," |
| 321 " \"ClientCertPattern\": {" |
| 322 " \"IssuerRef\": \"{68a2ed90-13a1-4120-a1fe-282508320e18}\"," |
| 323 " \"EnrollmentURI\": [" |
| 324 " \"chrome-extension://abc/keygen-cert.html\"" |
| 325 " ]" |
| 326 " }," |
| 327 " }" |
| 328 " }" |
| 329 " }" |
| 330 " ]}"); |
| 331 OncNetworkParser parser(test_blob); |
| 332 |
| 333 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); |
| 334 EXPECT_EQ(0, parser.GetCertificatesSize()); |
| 335 Network* network = parser.ParseNetwork(0); |
| 336 ASSERT_TRUE(network != NULL); |
| 337 |
| 338 EXPECT_EQ(network->type(), chromeos::TYPE_VPN); |
| 339 CheckStringProperty(network, PROPERTY_INDEX_TYPE, flimflam::kTypeVPN); |
| 340 VirtualNetwork* vpn = static_cast<VirtualNetwork*>(network); |
| 341 EXPECT_EQ("MyVPN", vpn->name()); |
| 342 EXPECT_EQ(PROVIDER_TYPE_OPEN_VPN, vpn->provider_type()); |
| 343 CheckStringProperty(vpn, PROPERTY_INDEX_PROVIDER_TYPE, |
| 344 flimflam::kProviderOpenVpn); |
| 345 EXPECT_EQ("vpn.acme.org", vpn->server_hostname()); |
| 346 CheckStringProperty(vpn, PROPERTY_INDEX_HOST, "vpn.acme.org"); |
| 347 CheckStringProperty(vpn, PROPERTY_INDEX_VPN_DOMAIN, ""); |
| 348 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_AUTHRETRY, "interact"); |
| 349 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_CACERT, |
| 350 "{55ca78f6-0842-4e1b-96a3-09a9e1a26ef5}"); |
| 351 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_COMPLZO, "true"); |
| 352 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_KEYDIRECTION, "1"); |
| 353 CheckIntegerProperty(vpn, PROPERTY_INDEX_OPEN_VPN_PORT, 443); |
| 354 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_PROTO, "udp"); |
| 355 CheckBooleanProperty(vpn, PROPERTY_INDEX_OPEN_VPN_PUSHPEERINFO, true); |
| 356 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_REMOTECERTEKU, |
| 357 "TLS Web Server Authentication"); |
| 358 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_REMOTECERTKU, "eo"); |
| 359 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_REMOTECERTTLS, "server"); |
| 360 CheckIntegerProperty(vpn, PROPERTY_INDEX_OPEN_VPN_RENEGSEC, 0); |
| 361 CheckIntegerProperty(vpn, PROPERTY_INDEX_OPEN_VPN_SERVERPOLLTIMEOUT, 10); |
| 362 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_STATICCHALLENGE, |
| 363 "My static challenge"); |
| 364 |
| 365 std::string tls_auth_contents; |
| 366 const Value* tls_auth_value = |
| 367 GetExpectedProperty(vpn, PROPERTY_INDEX_OPEN_VPN_TLSAUTHCONTENTS, |
| 368 base::Value::TYPE_STRING); |
| 369 if (tls_auth_value != NULL) { |
| 370 tls_auth_value->GetAsString(&tls_auth_contents); |
| 371 EXPECT_NE(std::string::npos, |
| 372 tls_auth_contents.find("END OpenVPN Static key V1-----\n")); |
| 373 EXPECT_NE(std::string::npos, |
| 374 tls_auth_contents.find( |
| 375 "-----BEGIN OpenVPN Static key V1-----\n")); |
| 376 } |
| 377 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_TLSREMOTE, |
| 378 "MyOpenVPNServer"); |
| 379 EXPECT_FALSE(vpn->save_credentials()); |
| 380 EXPECT_EQ("{55ca78f6-0842-4e1b-96a3-09a9e1a26ef5}", vpn->ca_cert_nss()); |
| 381 } |
| 382 |
| 383 TEST_F(OncNetworkParserTest, TestCreateNetworkL2TPIPsec) { |
| 384 std::string test_blob( |
| 385 "{" |
| 386 " \"NetworkConfigurations\": [" |
| 387 " {" |
| 388 " \"GUID\": \"{926b84e4-f2c5-0972-b9bbb8f44c4316f5}\"," |
| 389 " \"Name\": \"MyL2TPVPN\"," |
| 390 " \"Type\": \"VPN\"," |
| 391 " \"VPN\": {" |
| 392 " \"Host\": \"l2tp.acme.org\"," |
| 393 " \"Type\": \"L2TP-IPsec\"," |
| 394 " \"IPsec\": {" |
| 395 " \"IKEVersion\": 1," |
| 396 " \"AuthenticationType\": \"PSK\"," |
| 397 " \"PSK\": \"passphrase\"" |
| 398 " }," |
| 399 " \"L2TP\": {" |
| 400 " \"SaveCredentials\": false" |
| 401 " }" |
| 402 " }" |
| 403 " }" |
| 404 " ]," |
| 405 " \"Certificates\": []" |
| 406 "}"); |
| 407 OncNetworkParser parser(test_blob); |
| 408 |
| 409 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); |
| 410 EXPECT_EQ(0, parser.GetCertificatesSize()); |
| 411 Network* network = parser.ParseNetwork(0); |
| 412 ASSERT_TRUE(network != NULL); |
| 413 |
| 414 EXPECT_EQ(network->type(), chromeos::TYPE_VPN); |
| 415 CheckStringProperty(network, PROPERTY_INDEX_TYPE, flimflam::kTypeVPN); |
| 416 VirtualNetwork* vpn = static_cast<VirtualNetwork*>(network); |
| 417 EXPECT_EQ("MyL2TPVPN", vpn->name()); |
| 418 EXPECT_EQ(PROVIDER_TYPE_L2TP_IPSEC_PSK, vpn->provider_type()); |
| 419 CheckStringProperty(vpn, PROPERTY_INDEX_PROVIDER_TYPE, |
| 420 flimflam::kProviderL2tpIpsec); |
| 421 EXPECT_EQ("l2tp.acme.org", vpn->server_hostname()); |
| 422 CheckStringProperty(vpn, PROPERTY_INDEX_HOST, "l2tp.acme.org"); |
| 423 CheckStringProperty(vpn, PROPERTY_INDEX_VPN_DOMAIN, ""); |
| 424 EXPECT_EQ("passphrase", vpn->psk_passphrase()); |
| 425 CheckStringProperty(vpn, PROPERTY_INDEX_L2TPIPSEC_PSK, "passphrase"); |
| 426 CheckIntegerProperty(vpn, PROPERTY_INDEX_IPSEC_IKEVERSION, 1); |
| 427 EXPECT_FALSE(vpn->save_credentials()); |
| 193 } | 428 } |
| 194 | 429 |
| 195 TEST_F(OncNetworkParserTest, TestAddServerCertificate) { | 430 TEST_F(OncNetworkParserTest, TestAddServerCertificate) { |
| 196 std::string test_blob( | 431 std::string test_blob( |
| 197 "{" | 432 "{" |
| 198 " \"Certificates\": [" | 433 " \"Certificates\": [" |
| 199 " {" | 434 " {" |
| 200 " \"GUID\": \"{f998f760-272b-6939-4c2beffe428697aa}\"," | 435 " \"GUID\": \"{f998f760-272b-6939-4c2beffe428697aa}\"," |
| 201 " \"Type\": \"Server\"," | 436 " \"Type\": \"Server\"," |
| 202 " \"X509\": \"MIICWDCCAcECAxAAATANBgkqhkiG9w0BAQQFADCBkzEVM" | 437 " \"X509\": \"MIICWDCCAcECAxAAATANBgkqhkiG9w0BAQQFADCBkzEVM" |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 298 " }" | 533 " }" |
| 299 " ]," | 534 " ]," |
| 300 "}"); | 535 "}"); |
| 301 OncNetworkParser parser(test_blob); | 536 OncNetworkParser parser(test_blob); |
| 302 | 537 |
| 303 EXPECT_EQ(1, parser.GetCertificatesSize()); | 538 EXPECT_EQ(1, parser.GetCertificatesSize()); |
| 304 EXPECT_TRUE(parser.ParseCertificate(0)); | 539 EXPECT_TRUE(parser.ParseCertificate(0)); |
| 305 } | 540 } |
| 306 | 541 |
| 307 } // namespace chromeos | 542 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8759014:
Add ONC VPN support for OpenVPN and L2TP/IPsec VPNs (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/