OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/net/certificate_error_reporter.h" | 5 #include "chrome/browser/net/certificate_error_reporter.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
12 #include "base/files/file_path.h" | |
13 #include "base/files/file_util.h" | |
14 #include "base/macros.h" | 12 #include "base/macros.h" |
15 #include "base/message_loop/message_loop.h" | 13 #include "base/message_loop/message_loop.h" |
16 #include "base/path_service.h" | |
17 #include "base/run_loop.h" | 14 #include "base/run_loop.h" |
18 #include "base/thread_task_runner_handle.h" | 15 #include "base/thread_task_runner_handle.h" |
19 #include "chrome/browser/net/cert_logger.pb.h" | 16 #include "chrome/browser/net/encrypted_cert_logger.pb.h" |
20 #include "chrome/common/chrome_paths.h" | 17 #include "chrome/common/chrome_paths.h" |
21 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
22 #include "crypto/curve25519.h" | 19 #include "crypto/curve25519.h" |
23 #include "net/base/load_flags.h" | 20 #include "net/base/load_flags.h" |
24 #include "net/base/network_delegate_impl.h" | 21 #include "net/base/network_delegate_impl.h" |
25 #include "net/base/test_data_directory.h" | |
26 #include "net/base/upload_bytes_element_reader.h" | 22 #include "net/base/upload_bytes_element_reader.h" |
27 #include "net/base/upload_data_stream.h" | 23 #include "net/base/upload_data_stream.h" |
28 #include "net/base/upload_element_reader.h" | 24 #include "net/base/upload_element_reader.h" |
29 #include "net/cert/cert_status_flags.h" | |
30 #include "net/test/cert_test_util.h" | |
31 #include "net/test/url_request/url_request_failed_job.h" | 25 #include "net/test/url_request/url_request_failed_job.h" |
32 #include "net/test/url_request/url_request_mock_data_job.h" | 26 #include "net/test/url_request/url_request_mock_data_job.h" |
33 #include "net/url_request/url_request_filter.h" | 27 #include "net/url_request/url_request_filter.h" |
34 #include "net/url_request/url_request_test_util.h" | 28 #include "net/url_request/url_request_test_util.h" |
35 #include "testing/gtest/include/gtest/gtest.h" | 29 #include "testing/gtest/include/gtest/gtest.h" |
36 | 30 |
37 using chrome_browser_net::CertificateErrorReporter; | 31 using chrome_browser_net::CertificateErrorReporter; |
38 using content::BrowserThread; | 32 using content::BrowserThread; |
39 using net::CertStatus; | 33 using net::CertStatus; |
40 using net::CompletionCallback; | 34 using net::CompletionCallback; |
41 using net::SSLInfo; | |
42 using net::NetworkDelegateImpl; | 35 using net::NetworkDelegateImpl; |
43 using net::TestURLRequestContext; | 36 using net::TestURLRequestContext; |
44 using net::URLRequest; | 37 using net::URLRequest; |
45 | 38 |
46 namespace { | 39 namespace { |
47 | 40 |
48 const char kHostname[] = "test.mail.google.com"; | 41 const char kDummyReport[] = "test.mail.google.com"; |
49 const char kSecondRequestHostname[] = "test2.mail.google.com"; | 42 const char kSecondDummyReport[] = "test2.mail.google.com"; |
50 const char kDummyFailureLog[] = "dummy failure log"; | |
51 const char kTestCertFilename[] = "test_mail_google_com.pem"; | |
52 const uint32 kServerPublicKeyVersion = 1; | 43 const uint32 kServerPublicKeyVersion = 1; |
53 const CertStatus kCertStatus = | |
54 net::CERT_STATUS_COMMON_NAME_INVALID | net::CERT_STATUS_REVOKED; | |
55 const size_t kNumCertErrors = 2; | |
56 const chrome_browser_net::CertLoggerRequest::CertError kFirstReportedCertError = | |
57 chrome_browser_net::CertLoggerRequest::ERR_CERT_COMMON_NAME_INVALID; | |
58 const chrome_browser_net::CertLoggerRequest::CertError | |
59 kSecondReportedCertError = | |
60 chrome_browser_net::CertLoggerRequest::ERR_CERT_REVOKED; | |
61 | |
62 SSLInfo GetTestSSLInfo() { | |
63 SSLInfo info; | |
64 info.cert = | |
65 net::ImportCertFromFile(net::GetTestCertsDirectory(), kTestCertFilename); | |
66 info.is_issued_by_known_root = true; | |
67 info.cert_status = kCertStatus; | |
68 info.pinning_failure_log = kDummyFailureLog; | |
69 return info; | |
70 } | |
71 | |
72 std::string GetPEMEncodedChain() { | |
73 base::FilePath cert_path = | |
74 net::GetTestCertsDirectory().AppendASCII(kTestCertFilename); | |
75 std::string cert_data; | |
76 EXPECT_TRUE(base::ReadFileToString(cert_path, &cert_data)); | |
77 return cert_data; | |
78 } | |
79 | 44 |
80 void EnableUrlRequestMocks(bool enable) { | 45 void EnableUrlRequestMocks(bool enable) { |
81 net::URLRequestFilter::GetInstance()->ClearHandlers(); | 46 net::URLRequestFilter::GetInstance()->ClearHandlers(); |
82 if (!enable) | 47 if (!enable) |
83 return; | 48 return; |
84 | 49 |
85 net::URLRequestFailedJob::AddUrlHandler(); | 50 net::URLRequestFailedJob::AddUrlHandler(); |
86 net::URLRequestMockDataJob::AddUrlHandler(); | 51 net::URLRequestMockDataJob::AddUrlHandler(); |
87 } | 52 } |
88 | 53 |
89 // Check that data uploaded in the request matches the test data (an SSL | 54 // Check that data uploaded in the request matches the test report |
90 // report for one of the given hostnames, with the info returned by | 55 // data. The sent reports will be erased from |expect_reports|. |
91 // |GetTestSSLInfo()|). The hostname sent in the report will be erased | |
92 // from |expect_hostnames|. | |
93 void CheckUploadData(URLRequest* request, | 56 void CheckUploadData(URLRequest* request, |
94 std::set<std::string>* expect_hostnames, | 57 std::set<std::string>* expect_reports, |
95 bool encrypted, | 58 bool encrypted, |
96 const uint8* server_private_key) { | 59 const uint8* server_private_key) { |
97 const net::UploadDataStream* upload = request->get_upload(); | 60 const net::UploadDataStream* upload = request->get_upload(); |
98 ASSERT_TRUE(upload); | 61 ASSERT_TRUE(upload); |
99 ASSERT_TRUE(upload->GetElementReaders()); | 62 ASSERT_TRUE(upload->GetElementReaders()); |
100 EXPECT_EQ(1u, upload->GetElementReaders()->size()); | 63 EXPECT_EQ(1u, upload->GetElementReaders()->size()); |
101 | 64 |
102 const net::UploadBytesElementReader* reader = | 65 const net::UploadBytesElementReader* reader = |
103 (*upload->GetElementReaders())[0]->AsBytesReader(); | 66 (*upload->GetElementReaders())[0]->AsBytesReader(); |
104 ASSERT_TRUE(reader); | 67 ASSERT_TRUE(reader); |
105 std::string upload_data(reader->bytes(), reader->length()); | 68 std::string upload_data(reader->bytes(), reader->length()); |
106 | 69 |
107 chrome_browser_net::CertLoggerRequest uploaded_request; | 70 std::string uploaded_report; |
108 #if defined(USE_OPENSSL) | 71 #if defined(USE_OPENSSL) |
109 if (encrypted) { | 72 if (encrypted) { |
110 chrome_browser_net::EncryptedCertLoggerRequest encrypted_request; | 73 chrome_browser_net::EncryptedCertLoggerRequest encrypted_request; |
111 ASSERT_TRUE(encrypted_request.ParseFromString(upload_data)); | 74 ASSERT_TRUE(encrypted_request.ParseFromString(upload_data)); |
112 EXPECT_EQ(kServerPublicKeyVersion, | 75 EXPECT_EQ(kServerPublicKeyVersion, |
113 encrypted_request.server_public_key_version()); | 76 encrypted_request.server_public_key_version()); |
114 EXPECT_EQ(chrome_browser_net::EncryptedCertLoggerRequest:: | 77 EXPECT_EQ(chrome_browser_net::EncryptedCertLoggerRequest:: |
115 AEAD_ECDH_AES_128_CTR_HMAC_SHA256, | 78 AEAD_ECDH_AES_128_CTR_HMAC_SHA256, |
116 encrypted_request.algorithm()); | 79 encrypted_request.algorithm()); |
117 ASSERT_TRUE( | 80 ASSERT_TRUE(CertificateErrorReporter::DecryptCertificateErrorReport( |
118 chrome_browser_net::CertificateErrorReporter:: | 81 server_private_key, encrypted_request, &uploaded_report)); |
119 DecryptCertificateErrorReport(server_private_key, encrypted_request, | |
120 &uploaded_request)); | |
121 } else { | 82 } else { |
122 ASSERT_TRUE(uploaded_request.ParseFromString(upload_data)); | 83 uploaded_report = upload_data; |
123 } | 84 } |
124 #else | 85 #else |
125 ASSERT_TRUE(uploaded_request.ParseFromString(upload_data)); | 86 uploaded_report = upload_data; |
126 #endif | 87 #endif |
127 | 88 |
128 EXPECT_EQ(1u, expect_hostnames->count(uploaded_request.hostname())); | 89 EXPECT_EQ(1u, expect_reports->count(uploaded_report)); |
129 expect_hostnames->erase(uploaded_request.hostname()); | 90 expect_reports->erase(uploaded_report); |
130 | |
131 EXPECT_EQ(GetPEMEncodedChain(), uploaded_request.cert_chain()); | |
132 EXPECT_EQ(1, uploaded_request.pin().size()); | |
133 EXPECT_EQ(kDummyFailureLog, uploaded_request.pin().Get(0)); | |
134 EXPECT_EQ(2, uploaded_request.cert_error().size()); | |
135 | |
136 std::set<chrome_browser_net::CertLoggerRequest::CertError> reported_errors; | |
137 reported_errors.insert( | |
138 static_cast<chrome_browser_net::CertLoggerRequest::CertError>( | |
139 uploaded_request.cert_error().Get(0))); | |
140 reported_errors.insert( | |
141 static_cast<chrome_browser_net::CertLoggerRequest::CertError>( | |
142 uploaded_request.cert_error().Get(1))); | |
143 EXPECT_EQ(kNumCertErrors, reported_errors.size()); | |
144 EXPECT_EQ(1u, reported_errors.count(kFirstReportedCertError)); | |
145 EXPECT_EQ(1u, reported_errors.count(kSecondReportedCertError)); | |
146 } | 91 } |
147 | 92 |
148 // A network delegate that lets tests check that a certificate error | 93 // A network delegate that lets tests check that a certificate error |
149 // report was sent. It counts the number of requests and lets tests | 94 // report was sent. It counts the number of requests and lets tests |
150 // register a callback to run when the request is destroyed. It also | 95 // register a callback to run when the request is destroyed. It also |
151 // checks that the uploaded data is as expected (a report for | 96 // checks that the uploaded data is as expected. |
152 // |kHostname| and |GetTestSSLInfo()|). | |
153 class TestCertificateErrorReporterNetworkDelegate : public NetworkDelegateImpl { | 97 class TestCertificateErrorReporterNetworkDelegate : public NetworkDelegateImpl { |
154 public: | 98 public: |
155 TestCertificateErrorReporterNetworkDelegate() | 99 TestCertificateErrorReporterNetworkDelegate() |
156 : url_request_destroyed_callback_(base::Bind(&base::DoNothing)), | 100 : url_request_destroyed_callback_(base::Bind(&base::DoNothing)), |
157 all_url_requests_destroyed_callback_(base::Bind(&base::DoNothing)), | 101 all_url_requests_destroyed_callback_(base::Bind(&base::DoNothing)), |
158 num_requests_(0), | 102 num_requests_(0), |
159 expect_cookies_(false), | 103 expect_cookies_(false), |
160 expect_request_encrypted_(false) { | 104 expect_request_encrypted_(false) { |
161 memset(server_private_key_, 1, sizeof(server_private_key_)); | 105 memset(server_private_key_, 1, sizeof(server_private_key_)); |
162 crypto::curve25519::ScalarBaseMult(server_private_key_, server_public_key_); | 106 crypto::curve25519::ScalarBaseMult(server_private_key_, server_public_key_); |
163 } | 107 } |
164 | 108 |
165 ~TestCertificateErrorReporterNetworkDelegate() override {} | 109 ~TestCertificateErrorReporterNetworkDelegate() override {} |
166 | 110 |
167 void ExpectHostname(const std::string& hostname) { | 111 void ExpectReport(const std::string& report) { |
168 expect_hostnames_.insert(hostname); | 112 expect_reports_.insert(report); |
169 } | 113 } |
170 | 114 |
171 void set_all_url_requests_destroyed_callback( | 115 void set_all_url_requests_destroyed_callback( |
172 const base::Closure& all_url_requests_destroyed_callback) { | 116 const base::Closure& all_url_requests_destroyed_callback) { |
173 all_url_requests_destroyed_callback_ = all_url_requests_destroyed_callback; | 117 all_url_requests_destroyed_callback_ = all_url_requests_destroyed_callback; |
174 } | 118 } |
175 | 119 |
176 void set_url_request_destroyed_callback( | 120 void set_url_request_destroyed_callback( |
177 const base::Closure& url_request_destroyed_callback) { | 121 const base::Closure& url_request_destroyed_callback) { |
178 url_request_destroyed_callback_ = url_request_destroyed_callback; | 122 url_request_destroyed_callback_ = url_request_destroyed_callback; |
(...skipping 23 matching lines...) Expand all Loading... | |
202 EXPECT_EQ("POST", request->method()); | 146 EXPECT_EQ("POST", request->method()); |
203 | 147 |
204 if (expect_cookies_) { | 148 if (expect_cookies_) { |
205 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); | 149 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); |
206 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); | 150 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); |
207 } else { | 151 } else { |
208 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); | 152 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); |
209 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); | 153 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); |
210 } | 154 } |
211 | 155 |
212 std::string uploaded_request_hostname; | 156 CheckUploadData(request, &expect_reports_, expect_request_encrypted_, |
Ryan Sleevi
2015/05/13 01:02:12
Note: None of these functions will abort the test
estark
2015/05/13 01:44:49
Interesting... I didn't know that, but can you cla
Ryan Sleevi
2015/05/13 02:07:55
Well, ASSERTs wont cause the test to crash either.
estark
2015/05/13 04:13:42
Ah, yeah, what I meant was that I don't think a fa
| |
213 CheckUploadData(request, &expect_hostnames_, expect_request_encrypted_, | |
214 server_private_key_); | 157 server_private_key_); |
215 expect_hostnames_.erase(uploaded_request_hostname); | |
216 return net::OK; | 158 return net::OK; |
217 } | 159 } |
218 | 160 |
219 void OnURLRequestDestroyed(URLRequest* request) override { | 161 void OnURLRequestDestroyed(URLRequest* request) override { |
220 url_request_destroyed_callback_.Run(); | 162 url_request_destroyed_callback_.Run(); |
221 if (expect_hostnames_.empty()) | 163 if (expect_reports_.empty()) |
222 all_url_requests_destroyed_callback_.Run(); | 164 all_url_requests_destroyed_callback_.Run(); |
223 } | 165 } |
224 | 166 |
225 const uint8* server_public_key() { return server_public_key_; } | 167 const uint8* server_public_key() { return server_public_key_; } |
226 const uint8* server_private_key() { return server_private_key_; } | 168 const uint8* server_private_key() { return server_private_key_; } |
227 | 169 |
228 private: | 170 private: |
229 base::Closure url_request_destroyed_callback_; | 171 base::Closure url_request_destroyed_callback_; |
230 base::Closure all_url_requests_destroyed_callback_; | 172 base::Closure all_url_requests_destroyed_callback_; |
231 int num_requests_; | 173 int num_requests_; |
232 GURL expect_url_; | 174 GURL expect_url_; |
233 std::set<std::string> expect_hostnames_; | 175 std::set<std::string> expect_reports_; |
234 bool expect_cookies_; | 176 bool expect_cookies_; |
235 bool expect_request_encrypted_; | 177 bool expect_request_encrypted_; |
236 | 178 |
237 uint8 server_public_key_[32]; | 179 uint8 server_public_key_[32]; |
238 uint8 server_private_key_[32]; | 180 uint8 server_private_key_[32]; |
239 | 181 |
240 DISALLOW_COPY_AND_ASSIGN(TestCertificateErrorReporterNetworkDelegate); | 182 DISALLOW_COPY_AND_ASSIGN(TestCertificateErrorReporterNetworkDelegate); |
241 }; | 183 }; |
242 | 184 |
243 class CertificateErrorReporterTest : public ::testing::Test { | 185 class CertificateErrorReporterTest : public ::testing::Test { |
(...skipping 13 matching lines...) Expand all Loading... | |
257 TestURLRequestContext* context() { return &context_; } | 199 TestURLRequestContext* context() { return &context_; } |
258 | 200 |
259 private: | 201 private: |
260 base::MessageLoop message_loop_; | 202 base::MessageLoop message_loop_; |
261 TestCertificateErrorReporterNetworkDelegate network_delegate_; | 203 TestCertificateErrorReporterNetworkDelegate network_delegate_; |
262 TestURLRequestContext context_; | 204 TestURLRequestContext context_; |
263 }; | 205 }; |
264 | 206 |
265 void SendReport(CertificateErrorReporter* reporter, | 207 void SendReport(CertificateErrorReporter* reporter, |
266 TestCertificateErrorReporterNetworkDelegate* network_delegate, | 208 TestCertificateErrorReporterNetworkDelegate* network_delegate, |
267 const std::string& report_hostname, | 209 const std::string& report, |
268 const GURL& url, | 210 const GURL& url, |
269 int request_sequence_number, | 211 int request_sequence_number, |
270 CertificateErrorReporter::ReportType type) { | 212 CertificateErrorReporter::ReportType type) { |
271 base::RunLoop run_loop; | 213 base::RunLoop run_loop; |
272 network_delegate->set_url_request_destroyed_callback(run_loop.QuitClosure()); | 214 network_delegate->set_url_request_destroyed_callback(run_loop.QuitClosure()); |
273 | 215 |
274 network_delegate->set_expect_url(url); | 216 network_delegate->set_expect_url(url); |
275 network_delegate->ExpectHostname(report_hostname); | 217 network_delegate->ExpectReport(report); |
276 | 218 |
277 EXPECT_EQ(request_sequence_number, network_delegate->num_requests()); | 219 EXPECT_EQ(request_sequence_number, network_delegate->num_requests()); |
278 | 220 |
279 reporter->SendReport(type, report_hostname, GetTestSSLInfo()); | 221 reporter->SendReport(type, report); |
280 run_loop.Run(); | 222 run_loop.Run(); |
281 | 223 |
282 EXPECT_EQ(request_sequence_number + 1, network_delegate->num_requests()); | 224 EXPECT_EQ(request_sequence_number + 1, network_delegate->num_requests()); |
283 } | 225 } |
284 | 226 |
285 // Test that CertificateErrorReporter::SendReport creates a URLRequest | 227 // Test that CertificateErrorReporter::SendReport creates a URLRequest |
286 // for the endpoint and sends the expected data. | 228 // for the endpoint and sends the expected data. |
287 TEST_F(CertificateErrorReporterTest, PinningViolationSendReportSendsRequest) { | 229 TEST_F(CertificateErrorReporterTest, PinningViolationSendReportSendsRequest) { |
288 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 230 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
289 CertificateErrorReporter reporter( | 231 CertificateErrorReporter reporter( |
290 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 232 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
291 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 233 SendReport(&reporter, network_delegate(), kDummyReport, url, 0, |
292 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 234 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
293 } | 235 } |
294 | 236 |
295 TEST_F(CertificateErrorReporterTest, ExtendedReportingSendReportSendsRequest) { | 237 TEST_F(CertificateErrorReporterTest, ExtendedReportingSendReportSendsRequest) { |
296 // Data should not be encrypted when sent to an HTTPS URL. | 238 // Data should not be encrypted when sent to an HTTPS URL. |
297 GURL https_url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 239 GURL https_url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
298 CertificateErrorReporter https_reporter( | 240 CertificateErrorReporter https_reporter( |
299 context(), https_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 241 context(), https_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
300 network_delegate()->set_expect_request_encrypted(false); | 242 network_delegate()->set_expect_request_encrypted(false); |
301 SendReport(&https_reporter, network_delegate(), kHostname, https_url, 0, | 243 SendReport(&https_reporter, network_delegate(), kDummyReport, https_url, 0, |
302 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); | 244 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); |
303 | 245 |
304 // Data should be encrypted when sent to an HTTP URL. | 246 // Data should be encrypted when sent to an HTTP URL. |
305 if (CertificateErrorReporter::IsHttpUploadUrlSupported()) { | 247 if (CertificateErrorReporter::IsHttpUploadUrlSupported()) { |
306 GURL http_url = net::URLRequestMockDataJob::GetMockHttpUrl("dummy data", 1); | 248 GURL http_url = net::URLRequestMockDataJob::GetMockHttpUrl("dummy data", 1); |
307 CertificateErrorReporter http_reporter( | 249 CertificateErrorReporter http_reporter( |
308 context(), http_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES, | 250 context(), http_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES, |
309 network_delegate()->server_public_key(), kServerPublicKeyVersion); | 251 network_delegate()->server_public_key(), kServerPublicKeyVersion); |
310 network_delegate()->set_expect_request_encrypted(true); | 252 network_delegate()->set_expect_request_encrypted(true); |
311 SendReport(&http_reporter, network_delegate(), kHostname, http_url, 1, | 253 SendReport(&http_reporter, network_delegate(), kDummyReport, http_url, 1, |
312 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); | 254 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); |
313 } | 255 } |
314 } | 256 } |
315 | 257 |
316 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSequentially) { | 258 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSequentially) { |
317 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 259 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
318 CertificateErrorReporter reporter( | 260 CertificateErrorReporter reporter( |
319 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 261 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
320 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 262 SendReport(&reporter, network_delegate(), kDummyReport, url, 0, |
321 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 263 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
322 SendReport(&reporter, network_delegate(), kSecondRequestHostname, url, 1, | 264 SendReport(&reporter, network_delegate(), kDummyReport, url, 1, |
323 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 265 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
324 } | 266 } |
325 | 267 |
326 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSimultaneously) { | 268 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSimultaneously) { |
327 base::RunLoop run_loop; | 269 base::RunLoop run_loop; |
328 network_delegate()->set_all_url_requests_destroyed_callback( | 270 network_delegate()->set_all_url_requests_destroyed_callback( |
329 run_loop.QuitClosure()); | 271 run_loop.QuitClosure()); |
330 | 272 |
331 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 273 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
332 network_delegate()->set_expect_url(url); | 274 network_delegate()->set_expect_url(url); |
333 network_delegate()->ExpectHostname(kHostname); | 275 network_delegate()->ExpectReport(kDummyReport); |
334 network_delegate()->ExpectHostname(kSecondRequestHostname); | 276 network_delegate()->ExpectReport(kSecondDummyReport); |
335 | 277 |
336 CertificateErrorReporter reporter( | 278 CertificateErrorReporter reporter( |
337 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 279 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
338 | 280 |
339 EXPECT_EQ(0, network_delegate()->num_requests()); | 281 EXPECT_EQ(0, network_delegate()->num_requests()); |
340 | 282 |
341 reporter.SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION, | 283 reporter.SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION, |
342 kHostname, GetTestSSLInfo()); | 284 kDummyReport); |
343 reporter.SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION, | 285 reporter.SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION, |
344 kSecondRequestHostname, GetTestSSLInfo()); | 286 kSecondDummyReport); |
345 | 287 |
346 run_loop.Run(); | 288 run_loop.Run(); |
347 | 289 |
348 EXPECT_EQ(2, network_delegate()->num_requests()); | 290 EXPECT_EQ(2, network_delegate()->num_requests()); |
349 } | 291 } |
350 | 292 |
351 // Test that pending URLRequests get cleaned up when the reporter is | 293 // Test that pending URLRequests get cleaned up when the reporter is |
352 // deleted. | 294 // deleted. |
353 TEST_F(CertificateErrorReporterTest, PendingRequestGetsDeleted) { | 295 TEST_F(CertificateErrorReporterTest, PendingRequestGetsDeleted) { |
354 base::RunLoop run_loop; | 296 base::RunLoop run_loop; |
355 network_delegate()->set_url_request_destroyed_callback( | 297 network_delegate()->set_url_request_destroyed_callback( |
356 run_loop.QuitClosure()); | 298 run_loop.QuitClosure()); |
357 | 299 |
358 GURL url = net::URLRequestFailedJob::GetMockHttpUrlWithFailurePhase( | 300 GURL url = net::URLRequestFailedJob::GetMockHttpUrlWithFailurePhase( |
359 net::URLRequestFailedJob::START, net::ERR_IO_PENDING); | 301 net::URLRequestFailedJob::START, net::ERR_IO_PENDING); |
360 network_delegate()->set_expect_url(url); | 302 network_delegate()->set_expect_url(url); |
361 network_delegate()->ExpectHostname(kHostname); | 303 network_delegate()->ExpectReport(kDummyReport); |
362 | 304 |
363 EXPECT_EQ(0, network_delegate()->num_requests()); | 305 EXPECT_EQ(0, network_delegate()->num_requests()); |
364 | 306 |
365 scoped_ptr<CertificateErrorReporter> reporter(new CertificateErrorReporter( | 307 scoped_ptr<CertificateErrorReporter> reporter(new CertificateErrorReporter( |
366 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES)); | 308 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES)); |
367 reporter->SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION, | 309 reporter->SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION, |
368 kHostname, GetTestSSLInfo()); | 310 kDummyReport); |
369 reporter.reset(); | 311 reporter.reset(); |
370 | 312 |
371 run_loop.Run(); | 313 run_loop.Run(); |
372 | 314 |
373 EXPECT_EQ(1, network_delegate()->num_requests()); | 315 EXPECT_EQ(1, network_delegate()->num_requests()); |
374 } | 316 } |
375 | 317 |
376 // Test that a request that returns an error gets cleaned up. | 318 // Test that a request that returns an error gets cleaned up. |
377 TEST_F(CertificateErrorReporterTest, ErroredRequestGetsDeleted) { | 319 TEST_F(CertificateErrorReporterTest, ErroredRequestGetsDeleted) { |
378 GURL url = net::URLRequestFailedJob::GetMockHttpsUrl(net::ERR_FAILED); | 320 GURL url = net::URLRequestFailedJob::GetMockHttpsUrl(net::ERR_FAILED); |
379 CertificateErrorReporter reporter( | 321 CertificateErrorReporter reporter( |
380 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 322 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
381 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 323 SendReport(&reporter, network_delegate(), kDummyReport, url, 0, |
382 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 324 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
383 } | 325 } |
384 | 326 |
385 // Test that cookies are sent or not sent according to the error | 327 // Test that cookies are sent or not sent according to the error |
386 // reporter's cookies preference. | 328 // reporter's cookies preference. |
387 | 329 |
388 TEST_F(CertificateErrorReporterTest, SendCookiesPreference) { | 330 TEST_F(CertificateErrorReporterTest, SendCookiesPreference) { |
389 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 331 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
390 CertificateErrorReporter reporter(context(), url, | 332 CertificateErrorReporter reporter(context(), url, |
391 CertificateErrorReporter::SEND_COOKIES); | 333 CertificateErrorReporter::SEND_COOKIES); |
392 | 334 |
393 network_delegate()->set_expect_cookies(true); | 335 network_delegate()->set_expect_cookies(true); |
394 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 336 SendReport(&reporter, network_delegate(), kDummyReport, url, 0, |
395 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 337 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
396 } | 338 } |
397 | 339 |
398 TEST_F(CertificateErrorReporterTest, DoNotSendCookiesPreference) { | 340 TEST_F(CertificateErrorReporterTest, DoNotSendCookiesPreference) { |
399 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 341 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
400 CertificateErrorReporter reporter( | 342 CertificateErrorReporter reporter( |
401 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 343 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
402 | 344 |
403 network_delegate()->set_expect_cookies(false); | 345 network_delegate()->set_expect_cookies(false); |
404 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 346 SendReport(&reporter, network_delegate(), kDummyReport, url, 0, |
405 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 347 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
406 } | 348 } |
407 | 349 |
408 #if defined(USE_OPENSSL) | 350 #if defined(USE_OPENSSL) |
409 // This test decrypts a "known gold" report. It's intentionally brittle | 351 // This test decrypts a "known gold" report. It's intentionally brittle |
410 // in order to catch changes in report encryption that could cause the | 352 // in order to catch changes in report encryption that could cause the |
411 // server to no longer be able to decrypt reports that it receives from | 353 // server to no longer be able to decrypt reports that it receives from |
412 // Chrome. | 354 // Chrome. |
413 TEST_F(CertificateErrorReporterTest, DecryptExampleReport) { | 355 TEST_F(CertificateErrorReporterTest, DecryptExampleReport) { |
414 // This data should not be changed without also changing the | 356 // This data should not be changed without also changing the |
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
562 ASSERT_TRUE(encrypted_request.ParseFromString(std::string( | 504 ASSERT_TRUE(encrypted_request.ParseFromString(std::string( |
563 (char*) kSerializedEncryptedReport, sizeof(kSerializedEncryptedReport)))); | 505 (char*) kSerializedEncryptedReport, sizeof(kSerializedEncryptedReport)))); |
564 ASSERT_TRUE(chrome_browser_net::CertificateErrorReporter:: | 506 ASSERT_TRUE(chrome_browser_net::CertificateErrorReporter:: |
565 DecryptCertificateErrorReport( | 507 DecryptCertificateErrorReport( |
566 network_delegate()->server_private_key(), | 508 network_delegate()->server_private_key(), |
567 encrypted_request, &request)); | 509 encrypted_request, &request)); |
568 } | 510 } |
569 #endif | 511 #endif |
570 | 512 |
571 } // namespace | 513 } // namespace |
OLD | NEW |