Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(200)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/test/spawned_test_server/base_test_server.cc

Issue 1059303002: Don't process HSTS/HPKP headers when host is an IP address (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: add tests for HPKP/HSTS headers on IPs Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/data/ssl/scripts/generate-test-certs.sh ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/test/spawned_test_server/base_test_server.h" 5 #include "net/test/spawned_test_server/base_test_server.h"
6 6
7 #include <string> 7 #include <string>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/base64.h" 10 #include "base/base64.h"
(...skipping 11 matching lines...) Expand all
22 #include "net/dns/host_resolver.h" 22 #include "net/dns/host_resolver.h"
23 #include "net/log/net_log.h" 23 #include "net/log/net_log.h"
24 #include "url/gurl.h" 24 #include "url/gurl.h"
25 25
26 namespace net { 26 namespace net {
27 27
28 namespace { 28 namespace {
29 29
30 std::string GetHostname(BaseTestServer::Type type, 30 std::string GetHostname(BaseTestServer::Type type,
31 const BaseTestServer::SSLOptions& options) { 31 const BaseTestServer::SSLOptions& options) {
32 if (BaseTestServer::UsingSSL(type) && 32 if (BaseTestServer::UsingSSL(type)) {
33 options.server_certificate == 33 if (options.server_certificate ==
34 BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) { 34 BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME ||
35 // Return a different hostname string that resolves to the same hostname. 35 options.server_certificate ==
36 return "localhost"; 36 BaseTestServer::SSLOptions::CERT_COMMON_NAME_IS_DOMAIN) {
37 // For CERT_MISMATCHED_NAME, return a different hostname string
palmer 2015/04/03 21:04:51 Nit: It's good to delimit identifiers in comments
estark 2015/04/03 21:22:30 Done.
38 // that resolves to the same hostname. For
39 // CERT_COMMON_NAME_IS_DOMAIN, the certificate is issued for
40 // "localhost" instead of "127.0.0.1".
41 return "localhost";
42 }
37 } 43 }
38 44
39 // Use the 127.0.0.1 as default. 45 // Use the 127.0.0.1 as default.
40 return BaseTestServer::kLocalhost; 46 return BaseTestServer::kLocalhost;
41 } 47 }
42 48
43 std::string GetClientCertType(SSLClientCertType type) { 49 std::string GetClientCertType(SSLClientCertType type) {
44 switch (type) { 50 switch (type) {
45 case CLIENT_CERT_RSA_SIGN: 51 case CLIENT_CERT_RSA_SIGN:
46 return "rsa_sign"; 52 return "rsa_sign";
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after
126 alert_after_handshake(false) { 132 alert_after_handshake(false) {
127 } 133 }
128 134
129 BaseTestServer::SSLOptions::~SSLOptions() {} 135 BaseTestServer::SSLOptions::~SSLOptions() {}
130 136
131 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const { 137 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {
132 switch (server_certificate) { 138 switch (server_certificate) {
133 case CERT_OK: 139 case CERT_OK:
134 case CERT_MISMATCHED_NAME: 140 case CERT_MISMATCHED_NAME:
135 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem")); 141 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
142 case CERT_COMMON_NAME_IS_DOMAIN:
143 return base::FilePath(FILE_PATH_LITERAL("localhost_cert.pem"));
136 case CERT_EXPIRED: 144 case CERT_EXPIRED:
137 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem")); 145 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
138 case CERT_CHAIN_WRONG_ROOT: 146 case CERT_CHAIN_WRONG_ROOT:
139 // This chain uses its own dedicated test root certificate to avoid 147 // This chain uses its own dedicated test root certificate to avoid
140 // side-effects that may affect testing. 148 // side-effects that may affect testing.
141 return base::FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem")); 149 return base::FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem"));
142 case CERT_AUTO: 150 case CERT_AUTO:
143 return base::FilePath(); 151 return base::FilePath();
144 default: 152 default:
145 NOTREACHED(); 153 NOTREACHED();
(...skipping 346 matching lines...) Expand 10 before | Expand all | Expand 10 after
492 500
493 return GenerateAdditionalArguments(arguments); 501 return GenerateAdditionalArguments(arguments);
494 } 502 }
495 503
496 bool BaseTestServer::GenerateAdditionalArguments( 504 bool BaseTestServer::GenerateAdditionalArguments(
497 base::DictionaryValue* arguments) const { 505 base::DictionaryValue* arguments) const {
498 return true; 506 return true;
499 } 507 }
500 508
501 } // namespace net 509 } // namespace net
OLDNEW
« net/data/ssl/scripts/generate-test-certs.sh ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698