| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/quic_stream_factory.h" | 5 #include "net/quic/quic_stream_factory.h" |
| 6 | 6 |
| 7 #include "base/run_loop.h" | 7 #include "base/run_loop.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "net/base/test_data_directory.h" | 9 #include "net/base/test_data_directory.h" |
| 10 #include "net/cert/cert_verifier.h" | 10 #include "net/cert/cert_verifier.h" |
| (...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 298 return port; | 298 return port; |
| 299 } | 299 } |
| 300 | 300 |
| 301 scoped_ptr<QuicEncryptedPacket> ConstructRstPacket() { | 301 scoped_ptr<QuicEncryptedPacket> ConstructRstPacket() { |
| 302 QuicStreamId stream_id = kClientDataStreamId1; | 302 QuicStreamId stream_id = kClientDataStreamId1; |
| 303 return maker_.MakeRstPacket( | 303 return maker_.MakeRstPacket( |
| 304 1, true, stream_id, | 304 1, true, stream_id, |
| 305 AdjustErrorForVersion(QUIC_RST_ACKNOWLEDGEMENT, GetParam().version)); | 305 AdjustErrorForVersion(QUIC_RST_ACKNOWLEDGEMENT, GetParam().version)); |
| 306 } | 306 } |
| 307 | 307 |
| 308 static ProofVerifyDetailsChromium DefaultProofVerifyDetails() { |
| 309 // Load a certificate that is valid for www.example.org, mail.example.org, |
| 310 // and mail.example.com. |
| 311 scoped_refptr<X509Certificate> test_cert( |
| 312 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem")); |
| 313 EXPECT_TRUE(test_cert.get()); |
| 314 ProofVerifyDetailsChromium verify_details; |
| 315 verify_details.cert_verify_result.verified_cert = test_cert; |
| 316 verify_details.cert_verify_result.is_issued_by_known_root = true; |
| 317 return verify_details; |
| 318 } |
| 319 |
| 308 MockQuicServerInfoFactory quic_server_info_factory_; | 320 MockQuicServerInfoFactory quic_server_info_factory_; |
| 309 MockHostResolver host_resolver_; | 321 MockHostResolver host_resolver_; |
| 310 DeterministicMockClientSocketFactory socket_factory_; | 322 DeterministicMockClientSocketFactory socket_factory_; |
| 311 MockCryptoClientStreamFactory crypto_client_stream_factory_; | 323 MockCryptoClientStreamFactory crypto_client_stream_factory_; |
| 312 MockRandom random_generator_; | 324 MockRandom random_generator_; |
| 313 MockClock* clock_; // Owned by factory_. | 325 MockClock* clock_; // Owned by factory_. |
| 314 scoped_refptr<TestTaskRunner> runner_; | 326 scoped_refptr<TestTaskRunner> runner_; |
| 315 QuicTestPacketMaker maker_; | 327 QuicTestPacketMaker maker_; |
| 316 scoped_ptr<CertVerifier> cert_verifier_; | 328 scoped_ptr<CertVerifier> cert_verifier_; |
| 317 scoped_ptr<ChannelIDService> channel_id_service_; | 329 scoped_ptr<ChannelIDService> channel_id_service_; |
| (...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 645 MockRead reads[] = { | 657 MockRead reads[] = { |
| 646 MockRead(ASYNC, OK, 0) // EOF | 658 MockRead(ASYNC, OK, 0) // EOF |
| 647 }; | 659 }; |
| 648 DeterministicSocketData socket_data(reads, arraysize(reads), nullptr, 0); | 660 DeterministicSocketData socket_data(reads, arraysize(reads), nullptr, 0); |
| 649 socket_factory_.AddSocketDataProvider(&socket_data); | 661 socket_factory_.AddSocketDataProvider(&socket_data); |
| 650 socket_data.StopAfter(1); | 662 socket_data.StopAfter(1); |
| 651 | 663 |
| 652 HostPortPair server1("www.example.org", 443); | 664 HostPortPair server1("www.example.org", 443); |
| 653 HostPortPair server2("mail.example.org", 443); | 665 HostPortPair server2("mail.example.org", 443); |
| 654 | 666 |
| 655 // Load a cert that is valid for: | 667 ProofVerifyDetailsChromium verify_details = DefaultProofVerifyDetails(); |
| 656 // www.example.org (server1) | |
| 657 // mail.example.org (server2) | |
| 658 // www.example.com | |
| 659 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 660 scoped_refptr<X509Certificate> test_cert( | |
| 661 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | |
| 662 ASSERT_NE(static_cast<X509Certificate*>(nullptr), test_cert.get()); | |
| 663 ProofVerifyDetailsChromium verify_details; | |
| 664 verify_details.cert_verify_result.verified_cert = test_cert; | |
| 665 verify_details.cert_verify_result.is_issued_by_known_root = true; | |
| 666 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 668 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 667 | 669 |
| 668 host_resolver_.set_synchronous_mode(true); | 670 host_resolver_.set_synchronous_mode(true); |
| 669 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 671 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 670 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 672 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 671 | 673 |
| 672 QuicStreamRequest request(&factory_); | 674 QuicStreamRequest request(&factory_); |
| 673 is_https_ = true; | 675 is_https_ = true; |
| 674 EXPECT_EQ(OK, | 676 EXPECT_EQ(OK, |
| 675 request.Request(server1, is_https_, privacy_mode_, server1.host(), | 677 request.Request(server1, is_https_, privacy_mode_, server1.host(), |
| (...skipping 25 matching lines...) Expand all Loading... |
| 701 DeterministicSocketData socket_data1(reads, arraysize(reads), nullptr, 0); | 703 DeterministicSocketData socket_data1(reads, arraysize(reads), nullptr, 0); |
| 702 DeterministicSocketData socket_data2(reads, arraysize(reads), nullptr, 0); | 704 DeterministicSocketData socket_data2(reads, arraysize(reads), nullptr, 0); |
| 703 socket_factory_.AddSocketDataProvider(&socket_data1); | 705 socket_factory_.AddSocketDataProvider(&socket_data1); |
| 704 socket_factory_.AddSocketDataProvider(&socket_data2); | 706 socket_factory_.AddSocketDataProvider(&socket_data2); |
| 705 socket_data1.StopAfter(1); | 707 socket_data1.StopAfter(1); |
| 706 socket_data2.StopAfter(1); | 708 socket_data2.StopAfter(1); |
| 707 | 709 |
| 708 HostPortPair server1("www.example.org", 443); | 710 HostPortPair server1("www.example.org", 443); |
| 709 HostPortPair server2("mail.example.org", 443); | 711 HostPortPair server2("mail.example.org", 443); |
| 710 | 712 |
| 711 // Load a cert that is valid for: | 713 ProofVerifyDetailsChromium verify_details = DefaultProofVerifyDetails(); |
| 712 // www.example.org (server1) | |
| 713 // mail.example.org (server2) | |
| 714 // www.example.com | |
| 715 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 716 scoped_refptr<X509Certificate> test_cert( | |
| 717 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | |
| 718 ASSERT_NE(static_cast<X509Certificate*>(nullptr), test_cert.get()); | |
| 719 ProofVerifyDetailsChromium verify_details; | |
| 720 verify_details.cert_verify_result.verified_cert = test_cert; | |
| 721 verify_details.cert_verify_result.is_issued_by_known_root = true; | |
| 722 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 714 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 723 | 715 |
| 724 host_resolver_.set_synchronous_mode(true); | 716 host_resolver_.set_synchronous_mode(true); |
| 725 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 717 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 726 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 718 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 727 | 719 |
| 728 // Disable connection pooling. | 720 // Disable connection pooling. |
| 729 QuicStreamFactoryPeer::DisableConnectionPooling(&factory_); | 721 QuicStreamFactoryPeer::DisableConnectionPooling(&factory_); |
| 730 | 722 |
| 731 QuicStreamRequest request(&factory_); | 723 QuicStreamRequest request(&factory_); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 762 DeterministicSocketData socket_data1(reads, arraysize(reads), nullptr, 0); | 754 DeterministicSocketData socket_data1(reads, arraysize(reads), nullptr, 0); |
| 763 DeterministicSocketData socket_data2(reads, arraysize(reads), nullptr, 0); | 755 DeterministicSocketData socket_data2(reads, arraysize(reads), nullptr, 0); |
| 764 socket_factory_.AddSocketDataProvider(&socket_data1); | 756 socket_factory_.AddSocketDataProvider(&socket_data1); |
| 765 socket_factory_.AddSocketDataProvider(&socket_data2); | 757 socket_factory_.AddSocketDataProvider(&socket_data2); |
| 766 socket_data1.StopAfter(1); | 758 socket_data1.StopAfter(1); |
| 767 socket_data2.StopAfter(1); | 759 socket_data2.StopAfter(1); |
| 768 | 760 |
| 769 HostPortPair server1("www.example.org", 443); | 761 HostPortPair server1("www.example.org", 443); |
| 770 HostPortPair server2("mail.google.com", 443); | 762 HostPortPair server2("mail.google.com", 443); |
| 771 | 763 |
| 772 // Load a cert that is valid for: | 764 ProofVerifyDetailsChromium verify_details = DefaultProofVerifyDetails(); |
| 773 // www.example.org (server1) | |
| 774 // mail.example.org | |
| 775 // www.example.com | |
| 776 // But is not valid for mail.google.com (server2). | |
| 777 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 778 scoped_refptr<X509Certificate> test_cert( | |
| 779 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | |
| 780 ASSERT_NE(static_cast<X509Certificate*>(nullptr), test_cert.get()); | |
| 781 ProofVerifyDetailsChromium verify_details; | |
| 782 verify_details.cert_verify_result.verified_cert = test_cert; | |
| 783 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 765 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 784 | 766 |
| 785 host_resolver_.set_synchronous_mode(true); | 767 host_resolver_.set_synchronous_mode(true); |
| 786 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 768 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 787 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 769 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 788 | 770 |
| 789 QuicStreamRequest request(&factory_); | 771 QuicStreamRequest request(&factory_); |
| 790 is_https_ = true; | 772 is_https_ = true; |
| 791 EXPECT_EQ(OK, | 773 EXPECT_EQ(OK, |
| 792 request.Request(server1, is_https_, privacy_mode_, server1.host(), | 774 request.Request(server1, is_https_, privacy_mode_, server1.host(), |
| (...skipping 28 matching lines...) Expand all Loading... |
| 821 socket_factory_.AddSocketDataProvider(&socket_data); | 803 socket_factory_.AddSocketDataProvider(&socket_data); |
| 822 socket_data.StopAfter(1); | 804 socket_data.StopAfter(1); |
| 823 | 805 |
| 824 HostPortPair server1("www.example.org", 443); | 806 HostPortPair server1("www.example.org", 443); |
| 825 HostPortPair server2("mail.example.org", 443); | 807 HostPortPair server2("mail.example.org", 443); |
| 826 uint8 primary_pin = 1; | 808 uint8 primary_pin = 1; |
| 827 uint8 backup_pin = 2; | 809 uint8 backup_pin = 2; |
| 828 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, | 810 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 829 backup_pin); | 811 backup_pin); |
| 830 | 812 |
| 831 // Load a cert that is valid for: | 813 ProofVerifyDetailsChromium verify_details = DefaultProofVerifyDetails(); |
| 832 // www.example.org (server1) | |
| 833 // mail.example.org (server2) | |
| 834 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 835 scoped_refptr<X509Certificate> test_cert( | |
| 836 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | |
| 837 ASSERT_NE(static_cast<X509Certificate*>(nullptr), test_cert.get()); | |
| 838 ProofVerifyDetailsChromium verify_details; | |
| 839 verify_details.cert_verify_result.verified_cert = test_cert; | |
| 840 verify_details.cert_verify_result.is_issued_by_known_root = true; | |
| 841 verify_details.cert_verify_result.public_key_hashes.push_back( | 814 verify_details.cert_verify_result.public_key_hashes.push_back( |
| 842 test::GetTestHashValue(primary_pin)); | 815 test::GetTestHashValue(primary_pin)); |
| 843 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 816 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 844 | 817 |
| 845 host_resolver_.set_synchronous_mode(true); | 818 host_resolver_.set_synchronous_mode(true); |
| 846 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 819 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 847 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 820 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 848 | 821 |
| 849 QuicStreamRequest request(&factory_); | 822 QuicStreamRequest request(&factory_); |
| 850 is_https_ = true; | 823 is_https_ = true; |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 882 socket_data1.StopAfter(1); | 855 socket_data1.StopAfter(1); |
| 883 socket_data2.StopAfter(1); | 856 socket_data2.StopAfter(1); |
| 884 | 857 |
| 885 HostPortPair server1("www.example.org", 443); | 858 HostPortPair server1("www.example.org", 443); |
| 886 HostPortPair server2("mail.example.org", 443); | 859 HostPortPair server2("mail.example.org", 443); |
| 887 uint8 primary_pin = 1; | 860 uint8 primary_pin = 1; |
| 888 uint8 backup_pin = 2; | 861 uint8 backup_pin = 2; |
| 889 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, | 862 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 890 backup_pin); | 863 backup_pin); |
| 891 | 864 |
| 892 // Load a cert that is valid for: | 865 ProofVerifyDetailsChromium verify_details = DefaultProofVerifyDetails(); |
| 893 // www.example.org (server1) | |
| 894 // mail.example.org (server2) | |
| 895 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 896 scoped_refptr<X509Certificate> test_cert( | |
| 897 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | |
| 898 ASSERT_NE(static_cast<X509Certificate*>(nullptr), test_cert.get()); | |
| 899 ProofVerifyDetailsChromium verify_details; | |
| 900 verify_details.cert_verify_result.verified_cert = test_cert; | |
| 901 verify_details.cert_verify_result.is_issued_by_known_root = true; | |
| 902 verify_details.cert_verify_result.public_key_hashes.push_back( | 866 verify_details.cert_verify_result.public_key_hashes.push_back( |
| 903 test::GetTestHashValue(primary_pin)); | 867 test::GetTestHashValue(primary_pin)); |
| 904 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 868 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 905 | 869 |
| 906 host_resolver_.set_synchronous_mode(true); | 870 host_resolver_.set_synchronous_mode(true); |
| 907 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 871 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 908 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 872 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 909 | 873 |
| 910 // Disable connection pooling. | 874 // Disable connection pooling. |
| 911 QuicStreamFactoryPeer::DisableConnectionPooling(&factory_); | 875 QuicStreamFactoryPeer::DisableConnectionPooling(&factory_); |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 949 socket_data2.StopAfter(1); | 913 socket_data2.StopAfter(1); |
| 950 | 914 |
| 951 HostPortPair server1("www.example.org", 443); | 915 HostPortPair server1("www.example.org", 443); |
| 952 HostPortPair server2("mail.example.org", 443); | 916 HostPortPair server2("mail.example.org", 443); |
| 953 uint8 primary_pin = 1; | 917 uint8 primary_pin = 1; |
| 954 uint8 backup_pin = 2; | 918 uint8 backup_pin = 2; |
| 955 uint8 bad_pin = 3; | 919 uint8 bad_pin = 3; |
| 956 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, | 920 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 957 backup_pin); | 921 backup_pin); |
| 958 | 922 |
| 959 // Load a cert that is valid for: | 923 ProofVerifyDetailsChromium verify_details1 = DefaultProofVerifyDetails(); |
| 960 // www.example.org (server1) | |
| 961 // mail.example.org (server2) | |
| 962 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 963 scoped_refptr<X509Certificate> test_cert( | |
| 964 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | |
| 965 ASSERT_NE(static_cast<X509Certificate*>(nullptr), test_cert.get()); | |
| 966 | |
| 967 ProofVerifyDetailsChromium verify_details1; | |
| 968 verify_details1.cert_verify_result.verified_cert = test_cert; | |
| 969 verify_details1.cert_verify_result.is_issued_by_known_root = true; | |
| 970 verify_details1.cert_verify_result.public_key_hashes.push_back( | 924 verify_details1.cert_verify_result.public_key_hashes.push_back( |
| 971 test::GetTestHashValue(bad_pin)); | 925 test::GetTestHashValue(bad_pin)); |
| 972 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details1); | 926 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details1); |
| 973 | 927 |
| 974 ProofVerifyDetailsChromium verify_details2; | 928 ProofVerifyDetailsChromium verify_details2 = DefaultProofVerifyDetails(); |
| 975 verify_details2.cert_verify_result.verified_cert = test_cert; | |
| 976 verify_details2.cert_verify_result.is_issued_by_known_root = true; | |
| 977 verify_details2.cert_verify_result.public_key_hashes.push_back( | 929 verify_details2.cert_verify_result.public_key_hashes.push_back( |
| 978 test::GetTestHashValue(primary_pin)); | 930 test::GetTestHashValue(primary_pin)); |
| 979 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details2); | 931 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details2); |
| 980 | 932 |
| 981 host_resolver_.set_synchronous_mode(true); | 933 host_resolver_.set_synchronous_mode(true); |
| 982 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 934 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 983 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 935 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 984 | 936 |
| 985 QuicStreamRequest request(&factory_); | 937 QuicStreamRequest request(&factory_); |
| 986 is_https_ = true; | 938 is_https_ = true; |
| (...skipping 740 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1727 EXPECT_TRUE(socket_data.AllReadDataConsumed()); | 1679 EXPECT_TRUE(socket_data.AllReadDataConsumed()); |
| 1728 EXPECT_TRUE(socket_data.AllWriteDataConsumed()); | 1680 EXPECT_TRUE(socket_data.AllWriteDataConsumed()); |
| 1729 EXPECT_TRUE(socket_data2.AllReadDataConsumed()); | 1681 EXPECT_TRUE(socket_data2.AllReadDataConsumed()); |
| 1730 EXPECT_TRUE(socket_data2.AllWriteDataConsumed()); | 1682 EXPECT_TRUE(socket_data2.AllWriteDataConsumed()); |
| 1731 EXPECT_TRUE(socket_data3.AllReadDataConsumed()); | 1683 EXPECT_TRUE(socket_data3.AllReadDataConsumed()); |
| 1732 EXPECT_TRUE(socket_data3.AllWriteDataConsumed()); | 1684 EXPECT_TRUE(socket_data3.AllWriteDataConsumed()); |
| 1733 } | 1685 } |
| 1734 | 1686 |
| 1735 } // namespace test | 1687 } // namespace test |
| 1736 } // namespace net | 1688 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1142953002:
Introduce QuicStreamFactoryTest::DefaultProofVerifyDetails(). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master