OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
(...skipping 755 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
766 | 766 |
767 *result = callback_.GetResult(sock_->Connect(callback_.callback())); | 767 *result = callback_.GetResult(sock_->Connect(callback_.callback())); |
768 return true; | 768 return true; |
769 } | 769 } |
770 | 770 |
771 ClientSocketFactory* socket_factory_; | 771 ClientSocketFactory* socket_factory_; |
772 scoped_ptr<MockCertVerifier> cert_verifier_; | 772 scoped_ptr<MockCertVerifier> cert_verifier_; |
773 scoped_ptr<TransportSecurityState> transport_security_state_; | 773 scoped_ptr<TransportSecurityState> transport_security_state_; |
774 SSLClientSocketContext context_; | 774 SSLClientSocketContext context_; |
775 scoped_ptr<SSLClientSocket> sock_; | 775 scoped_ptr<SSLClientSocket> sock_; |
776 CapturingNetLog log_; | 776 TestNetLog log_; |
777 | 777 |
778 private: | 778 private: |
779 scoped_ptr<StreamSocket> transport_; | 779 scoped_ptr<StreamSocket> transport_; |
780 scoped_ptr<SpawnedTestServer> test_server_; | 780 scoped_ptr<SpawnedTestServer> test_server_; |
781 TestCompletionCallback callback_; | 781 TestCompletionCallback callback_; |
782 AddressList addr_; | 782 AddressList addr_; |
783 }; | 783 }; |
784 | 784 |
785 // Verifies the correctness of GetSSLCertRequestInfo. | 785 // Verifies the correctness of GetSSLCertRequestInfo. |
786 class SSLClientSocketCertRequestInfoTest : public SSLClientSocketTest { | 786 class SSLClientSocketCertRequestInfoTest : public SSLClientSocketTest { |
787 protected: | 787 protected: |
788 // Creates a test server with the given SSLOptions, connects to it and returns | 788 // Creates a test server with the given SSLOptions, connects to it and returns |
789 // the SSLCertRequestInfo reported by the socket. | 789 // the SSLCertRequestInfo reported by the socket. |
790 scoped_refptr<SSLCertRequestInfo> GetCertRequest( | 790 scoped_refptr<SSLCertRequestInfo> GetCertRequest( |
791 SpawnedTestServer::SSLOptions ssl_options) { | 791 SpawnedTestServer::SSLOptions ssl_options) { |
792 SpawnedTestServer test_server( | 792 SpawnedTestServer test_server( |
793 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | 793 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); |
794 if (!test_server.Start()) | 794 if (!test_server.Start()) |
795 return NULL; | 795 return NULL; |
796 | 796 |
797 AddressList addr; | 797 AddressList addr; |
798 if (!test_server.GetAddressList(&addr)) | 798 if (!test_server.GetAddressList(&addr)) |
799 return NULL; | 799 return NULL; |
800 | 800 |
801 TestCompletionCallback callback; | 801 TestCompletionCallback callback; |
802 CapturingNetLog log; | 802 TestNetLog log; |
803 scoped_ptr<StreamSocket> transport( | 803 scoped_ptr<StreamSocket> transport( |
804 new TCPClientSocket(addr, &log, NetLog::Source())); | 804 new TCPClientSocket(addr, &log, NetLog::Source())); |
805 int rv = transport->Connect(callback.callback()); | 805 int rv = transport->Connect(callback.callback()); |
806 if (rv == ERR_IO_PENDING) | 806 if (rv == ERR_IO_PENDING) |
807 rv = callback.WaitForResult(); | 807 rv = callback.WaitForResult(); |
808 EXPECT_EQ(OK, rv); | 808 EXPECT_EQ(OK, rv); |
809 | 809 |
810 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 810 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
811 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 811 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
812 EXPECT_FALSE(sock->IsConnected()); | 812 EXPECT_FALSE(sock->IsConnected()); |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
963 //----------------------------------------------------------------------------- | 963 //----------------------------------------------------------------------------- |
964 | 964 |
965 // LogContainsSSLConnectEndEvent returns true if the given index in the given | 965 // LogContainsSSLConnectEndEvent returns true if the given index in the given |
966 // log is an SSL connect end event. The NSS sockets will cork in an attempt to | 966 // log is an SSL connect end event. The NSS sockets will cork in an attempt to |
967 // merge the first application data record with the Finished message when false | 967 // merge the first application data record with the Finished message when false |
968 // starting. However, in order to avoid the server timing out the handshake, | 968 // starting. However, in order to avoid the server timing out the handshake, |
969 // they'll give up waiting for application data and send the Finished after a | 969 // they'll give up waiting for application data and send the Finished after a |
970 // timeout. This means that an SSL connect end event may appear as a socket | 970 // timeout. This means that an SSL connect end event may appear as a socket |
971 // write. | 971 // write. |
972 static bool LogContainsSSLConnectEndEvent( | 972 static bool LogContainsSSLConnectEndEvent( |
973 const CapturingNetLog::CapturedEntryList& log, | 973 const TestNetLog::CapturedEntryList& log, |
974 int i) { | 974 int i) { |
975 return LogContainsEndEvent(log, i, NetLog::TYPE_SSL_CONNECT) || | 975 return LogContainsEndEvent(log, i, NetLog::TYPE_SSL_CONNECT) || |
976 LogContainsEvent( | 976 LogContainsEvent( |
977 log, i, NetLog::TYPE_SOCKET_BYTES_SENT, NetLog::PHASE_NONE); | 977 log, i, NetLog::TYPE_SOCKET_BYTES_SENT, NetLog::PHASE_NONE); |
978 } | 978 } |
979 | 979 |
980 bool SupportsAESGCM() { | 980 bool SupportsAESGCM() { |
981 #if defined(USE_OPENSSL) | 981 #if defined(USE_OPENSSL) |
982 return true; | 982 return true; |
983 #else | 983 #else |
984 crypto::EnsureNSSInit(); | 984 crypto::EnsureNSSInit(); |
985 return PK11_TokenExists(CKM_AES_GCM) && | 985 return PK11_TokenExists(CKM_AES_GCM) && |
986 PK11_TokenExists(CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256); | 986 PK11_TokenExists(CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256); |
987 #endif | 987 #endif |
988 } | 988 } |
989 | 989 |
990 } // namespace | 990 } // namespace |
991 | 991 |
992 TEST_F(SSLClientSocketTest, Connect) { | 992 TEST_F(SSLClientSocketTest, Connect) { |
993 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | 993 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, |
994 SpawnedTestServer::kLocalhost, | 994 SpawnedTestServer::kLocalhost, |
995 base::FilePath()); | 995 base::FilePath()); |
996 ASSERT_TRUE(test_server.Start()); | 996 ASSERT_TRUE(test_server.Start()); |
997 | 997 |
998 AddressList addr; | 998 AddressList addr; |
999 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 999 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1000 | 1000 |
1001 TestCompletionCallback callback; | 1001 TestCompletionCallback callback; |
1002 CapturingNetLog log; | 1002 TestNetLog log; |
1003 scoped_ptr<StreamSocket> transport( | 1003 scoped_ptr<StreamSocket> transport( |
1004 new TCPClientSocket(addr, &log, NetLog::Source())); | 1004 new TCPClientSocket(addr, &log, NetLog::Source())); |
1005 int rv = transport->Connect(callback.callback()); | 1005 int rv = transport->Connect(callback.callback()); |
1006 if (rv == ERR_IO_PENDING) | 1006 if (rv == ERR_IO_PENDING) |
1007 rv = callback.WaitForResult(); | 1007 rv = callback.WaitForResult(); |
1008 EXPECT_EQ(OK, rv); | 1008 EXPECT_EQ(OK, rv); |
1009 | 1009 |
1010 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 1010 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
1011 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 1011 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
1012 | 1012 |
1013 EXPECT_FALSE(sock->IsConnected()); | 1013 EXPECT_FALSE(sock->IsConnected()); |
1014 | 1014 |
1015 rv = sock->Connect(callback.callback()); | 1015 rv = sock->Connect(callback.callback()); |
1016 | 1016 |
1017 CapturingNetLog::CapturedEntryList entries; | 1017 TestNetLog::CapturedEntryList entries; |
1018 log.GetEntries(&entries); | 1018 log.GetEntries(&entries); |
1019 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 1019 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
1020 if (rv == ERR_IO_PENDING) | 1020 if (rv == ERR_IO_PENDING) |
1021 rv = callback.WaitForResult(); | 1021 rv = callback.WaitForResult(); |
1022 EXPECT_EQ(OK, rv); | 1022 EXPECT_EQ(OK, rv); |
1023 EXPECT_TRUE(sock->IsConnected()); | 1023 EXPECT_TRUE(sock->IsConnected()); |
1024 log.GetEntries(&entries); | 1024 log.GetEntries(&entries); |
1025 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); | 1025 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); |
1026 | 1026 |
1027 sock->Disconnect(); | 1027 sock->Disconnect(); |
1028 EXPECT_FALSE(sock->IsConnected()); | 1028 EXPECT_FALSE(sock->IsConnected()); |
1029 } | 1029 } |
1030 | 1030 |
1031 TEST_F(SSLClientSocketTest, ConnectExpired) { | 1031 TEST_F(SSLClientSocketTest, ConnectExpired) { |
1032 SpawnedTestServer::SSLOptions ssl_options( | 1032 SpawnedTestServer::SSLOptions ssl_options( |
1033 SpawnedTestServer::SSLOptions::CERT_EXPIRED); | 1033 SpawnedTestServer::SSLOptions::CERT_EXPIRED); |
1034 SpawnedTestServer test_server( | 1034 SpawnedTestServer test_server( |
1035 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | 1035 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); |
1036 ASSERT_TRUE(test_server.Start()); | 1036 ASSERT_TRUE(test_server.Start()); |
1037 | 1037 |
1038 cert_verifier_->set_default_result(ERR_CERT_DATE_INVALID); | 1038 cert_verifier_->set_default_result(ERR_CERT_DATE_INVALID); |
1039 | 1039 |
1040 AddressList addr; | 1040 AddressList addr; |
1041 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 1041 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1042 | 1042 |
1043 TestCompletionCallback callback; | 1043 TestCompletionCallback callback; |
1044 CapturingNetLog log; | 1044 TestNetLog log; |
1045 scoped_ptr<StreamSocket> transport( | 1045 scoped_ptr<StreamSocket> transport( |
1046 new TCPClientSocket(addr, &log, NetLog::Source())); | 1046 new TCPClientSocket(addr, &log, NetLog::Source())); |
1047 int rv = transport->Connect(callback.callback()); | 1047 int rv = transport->Connect(callback.callback()); |
1048 if (rv == ERR_IO_PENDING) | 1048 if (rv == ERR_IO_PENDING) |
1049 rv = callback.WaitForResult(); | 1049 rv = callback.WaitForResult(); |
1050 EXPECT_EQ(OK, rv); | 1050 EXPECT_EQ(OK, rv); |
1051 | 1051 |
1052 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 1052 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
1053 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 1053 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
1054 | 1054 |
1055 EXPECT_FALSE(sock->IsConnected()); | 1055 EXPECT_FALSE(sock->IsConnected()); |
1056 | 1056 |
1057 rv = sock->Connect(callback.callback()); | 1057 rv = sock->Connect(callback.callback()); |
1058 | 1058 |
1059 CapturingNetLog::CapturedEntryList entries; | 1059 TestNetLog::CapturedEntryList entries; |
1060 log.GetEntries(&entries); | 1060 log.GetEntries(&entries); |
1061 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 1061 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
1062 if (rv == ERR_IO_PENDING) | 1062 if (rv == ERR_IO_PENDING) |
1063 rv = callback.WaitForResult(); | 1063 rv = callback.WaitForResult(); |
1064 | 1064 |
1065 EXPECT_EQ(ERR_CERT_DATE_INVALID, rv); | 1065 EXPECT_EQ(ERR_CERT_DATE_INVALID, rv); |
1066 | 1066 |
1067 // Rather than testing whether or not the underlying socket is connected, | 1067 // Rather than testing whether or not the underlying socket is connected, |
1068 // test that the handshake has finished. This is because it may be | 1068 // test that the handshake has finished. This is because it may be |
1069 // desirable to disconnect the socket before showing a user prompt, since | 1069 // desirable to disconnect the socket before showing a user prompt, since |
1070 // the user may take indefinitely long to respond. | 1070 // the user may take indefinitely long to respond. |
1071 log.GetEntries(&entries); | 1071 log.GetEntries(&entries); |
1072 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); | 1072 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); |
1073 } | 1073 } |
1074 | 1074 |
1075 TEST_F(SSLClientSocketTest, ConnectMismatched) { | 1075 TEST_F(SSLClientSocketTest, ConnectMismatched) { |
1076 SpawnedTestServer::SSLOptions ssl_options( | 1076 SpawnedTestServer::SSLOptions ssl_options( |
1077 SpawnedTestServer::SSLOptions::CERT_MISMATCHED_NAME); | 1077 SpawnedTestServer::SSLOptions::CERT_MISMATCHED_NAME); |
1078 SpawnedTestServer test_server( | 1078 SpawnedTestServer test_server( |
1079 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | 1079 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); |
1080 ASSERT_TRUE(test_server.Start()); | 1080 ASSERT_TRUE(test_server.Start()); |
1081 | 1081 |
1082 cert_verifier_->set_default_result(ERR_CERT_COMMON_NAME_INVALID); | 1082 cert_verifier_->set_default_result(ERR_CERT_COMMON_NAME_INVALID); |
1083 | 1083 |
1084 AddressList addr; | 1084 AddressList addr; |
1085 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 1085 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1086 | 1086 |
1087 TestCompletionCallback callback; | 1087 TestCompletionCallback callback; |
1088 CapturingNetLog log; | 1088 TestNetLog log; |
1089 scoped_ptr<StreamSocket> transport( | 1089 scoped_ptr<StreamSocket> transport( |
1090 new TCPClientSocket(addr, &log, NetLog::Source())); | 1090 new TCPClientSocket(addr, &log, NetLog::Source())); |
1091 int rv = transport->Connect(callback.callback()); | 1091 int rv = transport->Connect(callback.callback()); |
1092 if (rv == ERR_IO_PENDING) | 1092 if (rv == ERR_IO_PENDING) |
1093 rv = callback.WaitForResult(); | 1093 rv = callback.WaitForResult(); |
1094 EXPECT_EQ(OK, rv); | 1094 EXPECT_EQ(OK, rv); |
1095 | 1095 |
1096 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 1096 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
1097 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 1097 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
1098 | 1098 |
1099 EXPECT_FALSE(sock->IsConnected()); | 1099 EXPECT_FALSE(sock->IsConnected()); |
1100 | 1100 |
1101 rv = sock->Connect(callback.callback()); | 1101 rv = sock->Connect(callback.callback()); |
1102 | 1102 |
1103 CapturingNetLog::CapturedEntryList entries; | 1103 TestNetLog::CapturedEntryList entries; |
1104 log.GetEntries(&entries); | 1104 log.GetEntries(&entries); |
1105 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 1105 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
1106 if (rv == ERR_IO_PENDING) | 1106 if (rv == ERR_IO_PENDING) |
1107 rv = callback.WaitForResult(); | 1107 rv = callback.WaitForResult(); |
1108 | 1108 |
1109 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, rv); | 1109 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, rv); |
1110 | 1110 |
1111 // Rather than testing whether or not the underlying socket is connected, | 1111 // Rather than testing whether or not the underlying socket is connected, |
1112 // test that the handshake has finished. This is because it may be | 1112 // test that the handshake has finished. This is because it may be |
1113 // desirable to disconnect the socket before showing a user prompt, since | 1113 // desirable to disconnect the socket before showing a user prompt, since |
1114 // the user may take indefinitely long to respond. | 1114 // the user may take indefinitely long to respond. |
1115 log.GetEntries(&entries); | 1115 log.GetEntries(&entries); |
1116 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); | 1116 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); |
1117 } | 1117 } |
1118 | 1118 |
1119 // Attempt to connect to a page which requests a client certificate. It should | 1119 // Attempt to connect to a page which requests a client certificate. It should |
1120 // return an error code on connect. | 1120 // return an error code on connect. |
1121 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) { | 1121 TEST_F(SSLClientSocketTest, ConnectClientAuthCertRequested) { |
1122 SpawnedTestServer::SSLOptions ssl_options; | 1122 SpawnedTestServer::SSLOptions ssl_options; |
1123 ssl_options.request_client_certificate = true; | 1123 ssl_options.request_client_certificate = true; |
1124 SpawnedTestServer test_server( | 1124 SpawnedTestServer test_server( |
1125 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | 1125 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); |
1126 ASSERT_TRUE(test_server.Start()); | 1126 ASSERT_TRUE(test_server.Start()); |
1127 | 1127 |
1128 AddressList addr; | 1128 AddressList addr; |
1129 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 1129 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1130 | 1130 |
1131 TestCompletionCallback callback; | 1131 TestCompletionCallback callback; |
1132 CapturingNetLog log; | 1132 TestNetLog log; |
1133 scoped_ptr<StreamSocket> transport( | 1133 scoped_ptr<StreamSocket> transport( |
1134 new TCPClientSocket(addr, &log, NetLog::Source())); | 1134 new TCPClientSocket(addr, &log, NetLog::Source())); |
1135 int rv = transport->Connect(callback.callback()); | 1135 int rv = transport->Connect(callback.callback()); |
1136 if (rv == ERR_IO_PENDING) | 1136 if (rv == ERR_IO_PENDING) |
1137 rv = callback.WaitForResult(); | 1137 rv = callback.WaitForResult(); |
1138 EXPECT_EQ(OK, rv); | 1138 EXPECT_EQ(OK, rv); |
1139 | 1139 |
1140 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 1140 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
1141 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 1141 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
1142 | 1142 |
1143 EXPECT_FALSE(sock->IsConnected()); | 1143 EXPECT_FALSE(sock->IsConnected()); |
1144 | 1144 |
1145 rv = sock->Connect(callback.callback()); | 1145 rv = sock->Connect(callback.callback()); |
1146 | 1146 |
1147 CapturingNetLog::CapturedEntryList entries; | 1147 TestNetLog::CapturedEntryList entries; |
1148 log.GetEntries(&entries); | 1148 log.GetEntries(&entries); |
1149 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 1149 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
1150 if (rv == ERR_IO_PENDING) | 1150 if (rv == ERR_IO_PENDING) |
1151 rv = callback.WaitForResult(); | 1151 rv = callback.WaitForResult(); |
1152 | 1152 |
1153 log.GetEntries(&entries); | 1153 log.GetEntries(&entries); |
1154 // Because we prematurely kill the handshake at CertificateRequest, | 1154 // Because we prematurely kill the handshake at CertificateRequest, |
1155 // the server may still send data (notably the ServerHelloDone) | 1155 // the server may still send data (notably the ServerHelloDone) |
1156 // after the error is returned. As a result, the SSL_CONNECT may not | 1156 // after the error is returned. As a result, the SSL_CONNECT may not |
1157 // be the last entry. See http://crbug.com/54445. We use | 1157 // be the last entry. See http://crbug.com/54445. We use |
(...skipping 23 matching lines...) Expand all Loading... |
1181 SpawnedTestServer::SSLOptions ssl_options; | 1181 SpawnedTestServer::SSLOptions ssl_options; |
1182 ssl_options.request_client_certificate = true; | 1182 ssl_options.request_client_certificate = true; |
1183 SpawnedTestServer test_server( | 1183 SpawnedTestServer test_server( |
1184 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | 1184 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); |
1185 ASSERT_TRUE(test_server.Start()); | 1185 ASSERT_TRUE(test_server.Start()); |
1186 | 1186 |
1187 AddressList addr; | 1187 AddressList addr; |
1188 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 1188 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1189 | 1189 |
1190 TestCompletionCallback callback; | 1190 TestCompletionCallback callback; |
1191 CapturingNetLog log; | 1191 TestNetLog log; |
1192 scoped_ptr<StreamSocket> transport( | 1192 scoped_ptr<StreamSocket> transport( |
1193 new TCPClientSocket(addr, &log, NetLog::Source())); | 1193 new TCPClientSocket(addr, &log, NetLog::Source())); |
1194 int rv = transport->Connect(callback.callback()); | 1194 int rv = transport->Connect(callback.callback()); |
1195 if (rv == ERR_IO_PENDING) | 1195 if (rv == ERR_IO_PENDING) |
1196 rv = callback.WaitForResult(); | 1196 rv = callback.WaitForResult(); |
1197 EXPECT_EQ(OK, rv); | 1197 EXPECT_EQ(OK, rv); |
1198 | 1198 |
1199 SSLConfig ssl_config; | 1199 SSLConfig ssl_config; |
1200 ssl_config.send_client_cert = true; | 1200 ssl_config.send_client_cert = true; |
1201 ssl_config.client_cert = NULL; | 1201 ssl_config.client_cert = NULL; |
1202 | 1202 |
1203 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 1203 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
1204 transport.Pass(), test_server.host_port_pair(), ssl_config)); | 1204 transport.Pass(), test_server.host_port_pair(), ssl_config)); |
1205 | 1205 |
1206 EXPECT_FALSE(sock->IsConnected()); | 1206 EXPECT_FALSE(sock->IsConnected()); |
1207 | 1207 |
1208 // Our test server accepts certificate-less connections. | 1208 // Our test server accepts certificate-less connections. |
1209 // TODO(davidben): Add a test which requires them and verify the error. | 1209 // TODO(davidben): Add a test which requires them and verify the error. |
1210 rv = sock->Connect(callback.callback()); | 1210 rv = sock->Connect(callback.callback()); |
1211 | 1211 |
1212 CapturingNetLog::CapturedEntryList entries; | 1212 TestNetLog::CapturedEntryList entries; |
1213 log.GetEntries(&entries); | 1213 log.GetEntries(&entries); |
1214 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 1214 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
1215 if (rv == ERR_IO_PENDING) | 1215 if (rv == ERR_IO_PENDING) |
1216 rv = callback.WaitForResult(); | 1216 rv = callback.WaitForResult(); |
1217 | 1217 |
1218 EXPECT_EQ(OK, rv); | 1218 EXPECT_EQ(OK, rv); |
1219 EXPECT_TRUE(sock->IsConnected()); | 1219 EXPECT_TRUE(sock->IsConnected()); |
1220 log.GetEntries(&entries); | 1220 log.GetEntries(&entries); |
1221 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); | 1221 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); |
1222 | 1222 |
(...skipping 875 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2098 TEST_F(SSLClientSocketTest, Read_FullLogging) { | 2098 TEST_F(SSLClientSocketTest, Read_FullLogging) { |
2099 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | 2099 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, |
2100 SpawnedTestServer::kLocalhost, | 2100 SpawnedTestServer::kLocalhost, |
2101 base::FilePath()); | 2101 base::FilePath()); |
2102 ASSERT_TRUE(test_server.Start()); | 2102 ASSERT_TRUE(test_server.Start()); |
2103 | 2103 |
2104 AddressList addr; | 2104 AddressList addr; |
2105 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 2105 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
2106 | 2106 |
2107 TestCompletionCallback callback; | 2107 TestCompletionCallback callback; |
2108 CapturingNetLog log; | 2108 TestNetLog log; |
2109 log.SetLogLevel(NetLog::LOG_ALL); | 2109 log.SetLogLevel(NetLog::LOG_ALL); |
2110 scoped_ptr<StreamSocket> transport( | 2110 scoped_ptr<StreamSocket> transport( |
2111 new TCPClientSocket(addr, &log, NetLog::Source())); | 2111 new TCPClientSocket(addr, &log, NetLog::Source())); |
2112 int rv = transport->Connect(callback.callback()); | 2112 int rv = transport->Connect(callback.callback()); |
2113 if (rv == ERR_IO_PENDING) | 2113 if (rv == ERR_IO_PENDING) |
2114 rv = callback.WaitForResult(); | 2114 rv = callback.WaitForResult(); |
2115 EXPECT_EQ(OK, rv); | 2115 EXPECT_EQ(OK, rv); |
2116 | 2116 |
2117 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 2117 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
2118 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 2118 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
(...skipping 10 matching lines...) Expand all Loading... |
2129 memcpy(request_buffer->data(), request_text, arraysize(request_text) - 1); | 2129 memcpy(request_buffer->data(), request_text, arraysize(request_text) - 1); |
2130 | 2130 |
2131 rv = sock->Write( | 2131 rv = sock->Write( |
2132 request_buffer.get(), arraysize(request_text) - 1, callback.callback()); | 2132 request_buffer.get(), arraysize(request_text) - 1, callback.callback()); |
2133 EXPECT_TRUE(rv >= 0 || rv == ERR_IO_PENDING); | 2133 EXPECT_TRUE(rv >= 0 || rv == ERR_IO_PENDING); |
2134 | 2134 |
2135 if (rv == ERR_IO_PENDING) | 2135 if (rv == ERR_IO_PENDING) |
2136 rv = callback.WaitForResult(); | 2136 rv = callback.WaitForResult(); |
2137 EXPECT_EQ(static_cast<int>(arraysize(request_text) - 1), rv); | 2137 EXPECT_EQ(static_cast<int>(arraysize(request_text) - 1), rv); |
2138 | 2138 |
2139 CapturingNetLog::CapturedEntryList entries; | 2139 TestNetLog::CapturedEntryList entries; |
2140 log.GetEntries(&entries); | 2140 log.GetEntries(&entries); |
2141 size_t last_index = ExpectLogContainsSomewhereAfter( | 2141 size_t last_index = ExpectLogContainsSomewhereAfter( |
2142 entries, 5, NetLog::TYPE_SSL_SOCKET_BYTES_SENT, NetLog::PHASE_NONE); | 2142 entries, 5, NetLog::TYPE_SSL_SOCKET_BYTES_SENT, NetLog::PHASE_NONE); |
2143 | 2143 |
2144 scoped_refptr<IOBuffer> buf(new IOBuffer(4096)); | 2144 scoped_refptr<IOBuffer> buf(new IOBuffer(4096)); |
2145 for (;;) { | 2145 for (;;) { |
2146 rv = sock->Read(buf.get(), 4096, callback.callback()); | 2146 rv = sock->Read(buf.get(), 4096, callback.callback()); |
2147 EXPECT_TRUE(rv >= 0 || rv == ERR_IO_PENDING); | 2147 EXPECT_TRUE(rv >= 0 || rv == ERR_IO_PENDING); |
2148 | 2148 |
2149 if (rv == ERR_IO_PENDING) | 2149 if (rv == ERR_IO_PENDING) |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2223 // Enable only AES_128_CBC on the test server. | 2223 // Enable only AES_128_CBC on the test server. |
2224 ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128; | 2224 ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128; |
2225 SpawnedTestServer test_server( | 2225 SpawnedTestServer test_server( |
2226 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | 2226 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); |
2227 ASSERT_TRUE(test_server.Start()); | 2227 ASSERT_TRUE(test_server.Start()); |
2228 | 2228 |
2229 AddressList addr; | 2229 AddressList addr; |
2230 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 2230 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
2231 | 2231 |
2232 TestCompletionCallback callback; | 2232 TestCompletionCallback callback; |
2233 CapturingNetLog log; | 2233 TestNetLog log; |
2234 scoped_ptr<StreamSocket> transport( | 2234 scoped_ptr<StreamSocket> transport( |
2235 new TCPClientSocket(addr, &log, NetLog::Source())); | 2235 new TCPClientSocket(addr, &log, NetLog::Source())); |
2236 int rv = transport->Connect(callback.callback()); | 2236 int rv = transport->Connect(callback.callback()); |
2237 if (rv == ERR_IO_PENDING) | 2237 if (rv == ERR_IO_PENDING) |
2238 rv = callback.WaitForResult(); | 2238 rv = callback.WaitForResult(); |
2239 EXPECT_EQ(OK, rv); | 2239 EXPECT_EQ(OK, rv); |
2240 | 2240 |
2241 SSLConfig ssl_config; | 2241 SSLConfig ssl_config; |
2242 for (size_t i = 0; i < arraysize(kCiphersToDisable); ++i) | 2242 for (size_t i = 0; i < arraysize(kCiphersToDisable); ++i) |
2243 ssl_config.disabled_cipher_suites.push_back(kCiphersToDisable[i]); | 2243 ssl_config.disabled_cipher_suites.push_back(kCiphersToDisable[i]); |
2244 | 2244 |
2245 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 2245 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
2246 transport.Pass(), test_server.host_port_pair(), ssl_config)); | 2246 transport.Pass(), test_server.host_port_pair(), ssl_config)); |
2247 | 2247 |
2248 EXPECT_FALSE(sock->IsConnected()); | 2248 EXPECT_FALSE(sock->IsConnected()); |
2249 | 2249 |
2250 rv = sock->Connect(callback.callback()); | 2250 rv = sock->Connect(callback.callback()); |
2251 CapturingNetLog::CapturedEntryList entries; | 2251 TestNetLog::CapturedEntryList entries; |
2252 log.GetEntries(&entries); | 2252 log.GetEntries(&entries); |
2253 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 2253 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
2254 | 2254 |
2255 if (rv == ERR_IO_PENDING) | 2255 if (rv == ERR_IO_PENDING) |
2256 rv = callback.WaitForResult(); | 2256 rv = callback.WaitForResult(); |
2257 EXPECT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, rv); | 2257 EXPECT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, rv); |
2258 // The exact ordering depends no whether an extra read is issued. Just check | 2258 // The exact ordering depends no whether an extra read is issued. Just check |
2259 // the error is somewhere in the log. | 2259 // the error is somewhere in the log. |
2260 log.GetEntries(&entries); | 2260 log.GetEntries(&entries); |
2261 ExpectLogContainsSomewhere( | 2261 ExpectLogContainsSomewhere( |
(...skipping 260 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2522 SpawnedTestServer test_server( | 2522 SpawnedTestServer test_server( |
2523 SpawnedTestServer::TYPE_HTTPS, | 2523 SpawnedTestServer::TYPE_HTTPS, |
2524 ssl_options, | 2524 ssl_options, |
2525 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | 2525 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
2526 ASSERT_TRUE(test_server.Start()); | 2526 ASSERT_TRUE(test_server.Start()); |
2527 | 2527 |
2528 AddressList addr; | 2528 AddressList addr; |
2529 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 2529 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
2530 | 2530 |
2531 TestCompletionCallback callback; | 2531 TestCompletionCallback callback; |
2532 CapturingNetLog log; | 2532 TestNetLog log; |
2533 scoped_ptr<StreamSocket> transport( | 2533 scoped_ptr<StreamSocket> transport( |
2534 new TCPClientSocket(addr, &log, NetLog::Source())); | 2534 new TCPClientSocket(addr, &log, NetLog::Source())); |
2535 int rv = transport->Connect(callback.callback()); | 2535 int rv = transport->Connect(callback.callback()); |
2536 if (rv == ERR_IO_PENDING) | 2536 if (rv == ERR_IO_PENDING) |
2537 rv = callback.WaitForResult(); | 2537 rv = callback.WaitForResult(); |
2538 EXPECT_EQ(OK, rv); | 2538 EXPECT_EQ(OK, rv); |
2539 | 2539 |
2540 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | 2540 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( |
2541 transport.Pass(), test_server.host_port_pair(), SSLConfig())); | 2541 transport.Pass(), test_server.host_port_pair(), SSLConfig())); |
2542 EXPECT_FALSE(sock->IsConnected()); | 2542 EXPECT_FALSE(sock->IsConnected()); |
2543 rv = sock->Connect(callback.callback()); | 2543 rv = sock->Connect(callback.callback()); |
2544 | 2544 |
2545 CapturingNetLog::CapturedEntryList entries; | 2545 TestNetLog::CapturedEntryList entries; |
2546 log.GetEntries(&entries); | 2546 log.GetEntries(&entries); |
2547 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | 2547 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); |
2548 if (rv == ERR_IO_PENDING) | 2548 if (rv == ERR_IO_PENDING) |
2549 rv = callback.WaitForResult(); | 2549 rv = callback.WaitForResult(); |
2550 | 2550 |
2551 EXPECT_EQ(OK, rv); | 2551 EXPECT_EQ(OK, rv); |
2552 EXPECT_TRUE(sock->IsConnected()); | 2552 EXPECT_TRUE(sock->IsConnected()); |
2553 log.GetEntries(&entries); | 2553 log.GetEntries(&entries); |
2554 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); | 2554 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); |
2555 | 2555 |
(...skipping 829 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3385 ssl_config.channel_id_enabled = true; | 3385 ssl_config.channel_id_enabled = true; |
3386 | 3386 |
3387 int rv; | 3387 int rv; |
3388 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 3388 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
3389 | 3389 |
3390 EXPECT_EQ(ERR_UNEXPECTED, rv); | 3390 EXPECT_EQ(ERR_UNEXPECTED, rv); |
3391 EXPECT_FALSE(sock_->IsConnected()); | 3391 EXPECT_FALSE(sock_->IsConnected()); |
3392 } | 3392 } |
3393 | 3393 |
3394 } // namespace net | 3394 } // namespace net |
OLD | NEW |