Common Name Mismatch Handler For WWW Subdomain Mismatch case

chrome/browser/ssl/ssl_browser_tests.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
 #include "base/command_line.h"
 #include "base/location.h"
 #include "base/metrics/field_trial.h"
@@ skipping 10 matching lines @@
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/interstitials/security_interstitial_page_test_utils.h"
 #include "chrome/browser/net/certificate_error_reporter.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/cert_logger.pb.h"
 #include "chrome/browser/ssl/cert_report_helper.h"
 #include "chrome/browser/ssl/cert_verifier_browser_test.h"
 #include "chrome/browser/ssl/certificate_error_report.h"
 #include "chrome/browser/ssl/certificate_reporting_test_utils.h"
 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h"
+#include "chrome/browser/ssl/common_name_mismatch_handler.h"
 #include "chrome/browser/ssl/ssl_blocking_page.h"
+#include "chrome/browser/ssl/ssl_error_handler.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_commands.h"
 #include "chrome/browser/ui/browser_navigator.h"
 #include "chrome/browser/ui/browser_tabstrip.h"
 #include "chrome/browser/ui/tabs/tab_strip_model.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/test/base/in_process_browser_test.h"
 #include "chrome/test/base/ui_test_utils.h"
 #include "components/content_settings/core/browser/host_content_settings_map.h"
 #include "components/security_interstitials/core/metrics_helper.h"
 #include "components/variations/variations_associated_data.h"
 #include "components/web_modal/web_contents_modal_dialog_manager.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/interstitial_page.h"
 #include "content/public/browser/navigation_controller.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/render_widget_host_view.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/common/security_style.h"
 #include "content/public/common/ssl_status.h"
 #include "content/public/test/browser_test_utils.h"
 #include "content/public/test/download_test_observer.h"
+#include "content/public/test/test_navigation_observer.h"
 #include "content/public/test/test_renderer_host.h"
 #include "net/base/host_port_pair.h"
 #include "net/base/net_errors.h"
 #include "net/base/test_data_directory.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/cert/mock_cert_verifier.h"
 #include "net/cert/x509_certificate.h"
+#include "net/dns/mock_host_resolver.h"
 #include "net/ssl/ssl_info.h"
+#include "net/test/cert_test_util.h"
 #include "net/test/spawned_test_server/spawned_test_server.h"
+#include "net/test/test_certificate_data.h"
 #include "net/url_request/url_request_context.h"
 
 #if defined(USE_NSS_CERTS)
 #include "chrome/browser/net/nss_context.h"
 #include "net/base/crypto_module.h"
 #include "net/cert/nss_cert_database.h"
 #endif  // defined(USE_NSS_CERTS)
 
 using base::ASCIIToUTF16;
 using chrome_browser_interstitials::SecurityInterstitialIDNTest;
@@ skipping 2177 matching lines @@
 
   ProceedThroughInterstitial(tab);
   EXPECT_TRUE(state->HasAllowException(https_server_host));
 
   ui_test_utils::NavigateToURL(browser(),
                                https_server_.GetURL("files/ssl/google.html"));
   ASSERT_FALSE(tab->GetInterstitialPage());
   EXPECT_FALSE(state->HasAllowException(https_server_host));
 }
 
+typedef CertVerifierBrowserTest CommonNameMismatchBrowserTest;
+
+// Visit the URL www.mail.example.com on a server that presents a valid
+// certificate for mail.example.com. Verify that the page navigates to
+// mail.example.com.
+IN_PROC_BROWSER_TEST_F(CommonNameMismatchBrowserTest,
+                       ShouldShowWWWSubdomainMismatchInterstitial) {
+  net::SpawnedTestServer https_server_example_domain_(
+      net::SpawnedTestServer::TYPE_HTTPS,
+      net::SpawnedTestServer::SSLOptions(
+          net::SpawnedTestServer::SSLOptions::CERT_OK),
+      base::FilePath(kDocRoot));
+  ASSERT_TRUE(https_server_example_domain_.Start());
+
+  host_resolver()->AddRule(
+      "mail.example.com", https_server_example_domain_.host_port_pair().host());
+  host_resolver()->AddRule(
+      "www.mail.example.com",
+      https_server_example_domain_.host_port_pair().host());
+
+  // The pem file does not matter.
+  scoped_refptr<net::X509Certificate> cert1 =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
+
+  // Use the "spdy_pooling.pem" cert which has "mail.example.com"
+  // as one of its SANs.
+  net::CertVerifyResult verify_result;
+  verify_result.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  verify_result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+
+  // Request to "www.test.example.com" should result in
+  // |net::ERR_CERT_COMMON_NAME_INVALID| error.
+  mock_cert_verifier()->AddResultForCertAndHost(
+      cert1.get(), "www.mail.example.com", verify_result,
+      net::ERR_CERT_COMMON_NAME_INVALID);
+
+  net::CertVerifyResult verify_result_valid;
+  verify_result_valid.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  // Request to "www.test.example.com" should not result in any error.
+  mock_cert_verifier()->AddResultForCertAndHost(cert1.get(), "mail.example.com",
+                                                verify_result_valid, net::OK);
+
+  // The path does not matter.
+  GURL https_server_url =
+      https_server_example_domain_.GetURL("files/ssl/google.html?a=b");
+  GURL::Replacements replacements;
+  replacements.SetHostStr("www.mail.example.com");
+  GURL https_server_mismatched_url =
+      https_server_url.ReplaceComponents(replacements);
+
+  WebContents* contents = browser()->tab_strip_model()->GetActiveWebContents();
+  content::TestNavigationObserver observer(contents, 2);
+  ui_test_utils::NavigateToURL(browser(), https_server_mismatched_url);
+  observer.Wait();
+
+  CheckSecurityState(contents, CertError::NONE,
+                     content::SECURITY_STYLE_AUTHENTICATED, AuthState::NONE);
+  replacements.SetHostStr("mail.example.com");
+  GURL https_server_new_url = https_server_url.ReplaceComponents(replacements);
+  // Verify that the current URL is the suggested URL.
+  EXPECT_EQ(https_server_new_url.spec(),
+            contents->GetLastCommittedURL().spec());
+}
+
+// Visit the URL example.org on a server that presents a valid certificate
+// for www.example.org. Verify that the page redirects to www.example.org.
+IN_PROC_BROWSER_TEST_F(CommonNameMismatchBrowserTest,
+                       CheckWWWSubdomainMismatchInverse) {
+  net::SpawnedTestServer https_server_example_domain_(
+      net::SpawnedTestServer::TYPE_HTTPS,
+      net::SpawnedTestServer::SSLOptions(
+          net::SpawnedTestServer::SSLOptions::CERT_OK),
+      base::FilePath(kDocRoot));
+  ASSERT_TRUE(https_server_example_domain_.Start());
+
+  host_resolver()->AddRule(
+      "www.example.org", https_server_example_domain_.host_port_pair().host());
+  host_resolver()->AddRule(
+      "example.org", https_server_example_domain_.host_port_pair().host());
+
+  scoped_refptr<net::X509Certificate> cert1 =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
+
+  net::CertVerifyResult verify_result;
+  verify_result.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  verify_result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+
+  mock_cert_verifier()->AddResultForCertAndHost(
+      cert1.get(), "example.org", verify_result,
+      net::ERR_CERT_COMMON_NAME_INVALID);
+
+  net::CertVerifyResult verify_result_valid;
+  verify_result_valid.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  mock_cert_verifier()->AddResultForCertAndHost(cert1.get(), "www.example.org",
+                                                verify_result_valid, net::OK);
+
+  GURL https_server_url =
+      https_server_example_domain_.GetURL("files/ssl/google.html?a=b");
+  GURL::Replacements replacements;
+  replacements.SetHostStr("example.org");
+  GURL https_server_mismatched_url =
+      https_server_url.ReplaceComponents(replacements);
+
+  WebContents* contents = browser()->tab_strip_model()->GetActiveWebContents();
+  content::TestNavigationObserver observer(contents, 2);
+  ui_test_utils::NavigateToURL(browser(), https_server_mismatched_url);
+  observer.Wait();
+
+  CheckSecurityState(contents, CertError::NONE,
+                     content::SECURITY_STYLE_AUTHENTICATED, AuthState::NONE);
+}
+
+// This observer waits for the SSLErrorHandler to start an interstitial timer
+// for the given web contents.
+class SSLInterstitialTimerObserver {

[Ryan Sleevi, 2015/08/14 00:40:17]

ODR VIOLATION DANGER: Putting this helper in the main scope is extremely
dangerous and may cause ODR violations (I've found and fixed multiple bugs
related to this in other tests in the past). Strongly suggest you move this
helper up to the unnamed namespace.

[Bhanu Dev, 2015/08/15 00:18:53]

Done.

+ public:
+  explicit SSLInterstitialTimerObserver(content::WebContents* web_contents);
+  ~SSLInterstitialTimerObserver();
+
+  // Waits until the interstitial delay timer in SSLErrorHandler is started.
+  void WaitForTimerStarted();
+
+ private:
+  void OnTimerStarted(content::WebContents* web_contents);
+
+  const content::WebContents* web_contents_;
+  SSLErrorHandler::TimerStartedCallback callback_;
+
+  scoped_refptr<content::MessageLoopRunner> message_loop_runner_;

[Ryan Sleevi, 2015/08/14 00:40:17]

Wow, I'm surprised jam@ hasn't nuked this.

base::RunLoop is the preferred hotness for this; anything you see that says
"MessageLoop" is highly suspect and should be avoided as deprecated, and there
should be alternatives that exist.

[Bhanu Dev, 2015/08/15 00:18:53]

Done.

+
+  DISALLOW_COPY_AND_ASSIGN(SSLInterstitialTimerObserver);
+};
+
+SSLInterstitialTimerObserver::SSLInterstitialTimerObserver(
+    content::WebContents* web_contents)
+    : web_contents_(web_contents),
+      message_loop_runner_(new content::MessageLoopRunner) {
+  callback_ = base::Bind(&SSLInterstitialTimerObserver::OnTimerStarted,
+                         base::Unretained(this));
+  SSLErrorHandler::SetInterstitialTimerStartedCallbackForTest(&callback_);
+}
+
+SSLInterstitialTimerObserver::~SSLInterstitialTimerObserver() {
+  SSLErrorHandler::SetInterstitialTimerStartedCallbackForTest(nullptr);
+}
+
+void SSLInterstitialTimerObserver::WaitForTimerStarted() {
+  message_loop_runner_->Run();
+}
+
+void SSLInterstitialTimerObserver::OnTimerStarted(
+    content::WebContents* web_contents) {
+  if (web_contents_ == web_contents && message_loop_runner_.get())
+    message_loop_runner_->Quit();
+}
+
+// Tests this scenario:
+// - |CommonNameMismatchHandler| does not give a callback as it's set into the
+//   state |IGNORE_REQUESTS_FOR_TESTING|. So no suggested URL check result can
+//   arrive.
+// - A cert error triggers an interstitial timer with a very long timeout.
+// - No suggested URL check results arrive, causing the tab to appear as loading
+//   indefinitely (also because the timer has a long timeout).
+// - Stopping the page load shouldn't result in any interstitials.
+IN_PROC_BROWSER_TEST_F(CommonNameMismatchBrowserTest,
+                       InterstitialStopNavigationWhileLoading) {
+  net::SpawnedTestServer https_server_example_domain_(
+      net::SpawnedTestServer::TYPE_HTTPS,
+      net::SpawnedTestServer::SSLOptions(
+          net::SpawnedTestServer::SSLOptions::CERT_OK),
+      base::FilePath(kDocRoot));
+  ASSERT_TRUE(https_server_example_domain_.Start());
+
+  host_resolver()->AddRule(
+      "mail.example.com", https_server_example_domain_.host_port_pair().host());
+  host_resolver()->AddRule(
+      "www.mail.example.com",
+      https_server_example_domain_.host_port_pair().host());
+
+  scoped_refptr<net::X509Certificate> cert1 =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
+
+  net::CertVerifyResult verify_result;
+  verify_result.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  verify_result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+
+  mock_cert_verifier()->AddResultForCertAndHost(
+      cert1.get(), "www.mail.example.com", verify_result,
+      net::ERR_CERT_COMMON_NAME_INVALID);
+
+  net::CertVerifyResult verify_result_valid;
+  verify_result_valid.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  mock_cert_verifier()->AddResultForCertAndHost(cert1.get(), "mail.example.com",
+                                                verify_result_valid, net::OK);
+
+  GURL https_server_url =
+      https_server_example_domain_.GetURL("files/ssl/google.html?a=b");
+  GURL::Replacements replacements;
+  replacements.SetHostStr("www.mail.example.com");
+  GURL https_server_mismatched_url =
+      https_server_url.ReplaceComponents(replacements);
+
+  WebContents* contents = browser()->tab_strip_model()->GetActiveWebContents();
+  CommonNameMismatchHandler::set_state_for_testing(
+      CommonNameMismatchHandler::IGNORE_REQUESTS_FOR_TESTING);
+  SSLInterstitialTimerObserver interstitial_timer_observer(contents);
+
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), https_server_mismatched_url, CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_NONE);
+  interstitial_timer_observer.WaitForTimerStarted();
+
+  EXPECT_TRUE(contents->IsLoading());
+  content::WindowedNotificationObserver observer(
+      content::NOTIFICATION_LOAD_STOP,
+      content::NotificationService::AllSources());
+  contents->Stop();
+  observer.Wait();
+
+  SSLErrorHandler* ssl_error_handler =
+      SSLErrorHandler::FromWebContents(contents);
+  // Make sure that the |SSLErrorHandler| is deleted.
+  EXPECT_FALSE(ssl_error_handler);
+  EXPECT_FALSE(contents->ShowingInterstitialPage());
+  EXPECT_FALSE(contents->IsLoading());
+}
+
+// Same as above, but instead of stopping, the loading page is reloaded. The end
+// result is the same. (i.e. page load stops, no interstitials shown)
+IN_PROC_BROWSER_TEST_F(CommonNameMismatchBrowserTest,
+                       InterstitialReloadNavigationWhileLoading) {
+  net::SpawnedTestServer https_server_example_domain_(
+      net::SpawnedTestServer::TYPE_HTTPS,
+      net::SpawnedTestServer::SSLOptions(
+          net::SpawnedTestServer::SSLOptions::CERT_OK),
+      base::FilePath(kDocRoot));
+  ASSERT_TRUE(https_server_example_domain_.Start());
+
+  host_resolver()->AddRule(
+      "mail.example.com", https_server_example_domain_.host_port_pair().host());
+  host_resolver()->AddRule(
+      "www.mail.example.com",
+      https_server_example_domain_.host_port_pair().host());
+
+  scoped_refptr<net::X509Certificate> cert1 =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
+
+  net::CertVerifyResult verify_result;
+  verify_result.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  verify_result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+
+  mock_cert_verifier()->AddResultForCertAndHost(
+      cert1.get(), "www.mail.example.com", verify_result,
+      net::ERR_CERT_COMMON_NAME_INVALID);
+
+  net::CertVerifyResult verify_result_valid;
+  verify_result_valid.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  mock_cert_verifier()->AddResultForCertAndHost(cert1.get(), "mail.example.com",
+                                                verify_result_valid, net::OK);
+
+  GURL https_server_url =
+      https_server_example_domain_.GetURL("files/ssl/google.html?a=b");
+  GURL::Replacements replacements;
+  replacements.SetHostStr("www.mail.example.com");
+  GURL https_server_mismatched_url =
+      https_server_url.ReplaceComponents(replacements);
+
+  WebContents* contents = browser()->tab_strip_model()->GetActiveWebContents();
+  CommonNameMismatchHandler::set_state_for_testing(
+      CommonNameMismatchHandler::IGNORE_REQUESTS_FOR_TESTING);
+  SSLInterstitialTimerObserver interstitial_timer_observer(contents);
+
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), https_server_mismatched_url, CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_NONE);
+  interstitial_timer_observer.WaitForTimerStarted();
+
+  EXPECT_TRUE(contents->IsLoading());
+  content::TestNavigationObserver observer(contents, 1);
+  chrome::Reload(browser(), CURRENT_TAB);
+  observer.Wait();
+
+  SSLErrorHandler* ssl_error_handler =
+      SSLErrorHandler::FromWebContents(contents);
+  // Make sure that the |SSLErrorHandler| is deleted.
+  EXPECT_FALSE(ssl_error_handler);
+  EXPECT_FALSE(contents->ShowingInterstitialPage());
+  EXPECT_FALSE(contents->IsLoading());
+}
+
+// Same as above, but instead of reloading, the page is navigated away. The
+// new page should load, and no interstitials should be shown.
+IN_PROC_BROWSER_TEST_F(CommonNameMismatchBrowserTest,
+                       InterstitialNavigateAwayWhileLoading) {
+  net::SpawnedTestServer https_server_example_domain_(
+      net::SpawnedTestServer::TYPE_HTTPS,
+      net::SpawnedTestServer::SSLOptions(
+          net::SpawnedTestServer::SSLOptions::CERT_OK),
+      base::FilePath(kDocRoot));
+  ASSERT_TRUE(https_server_example_domain_.Start());
+
+  host_resolver()->AddRule(
+      "mail.example.com", https_server_example_domain_.host_port_pair().host());
+  host_resolver()->AddRule(
+      "www.mail.example.com",
+      https_server_example_domain_.host_port_pair().host());
+
+  scoped_refptr<net::X509Certificate> cert1 =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
+
+  net::CertVerifyResult verify_result;
+  verify_result.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  verify_result.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+
+  mock_cert_verifier()->AddResultForCertAndHost(
+      cert1.get(), "www.mail.example.com", verify_result,
+      net::ERR_CERT_COMMON_NAME_INVALID);
+
+  net::CertVerifyResult verify_result_valid;
+  verify_result_valid.verified_cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "spdy_pooling.pem");
+  mock_cert_verifier()->AddResultForCertAndHost(cert1.get(), "mail.example.com",
+                                                verify_result_valid, net::OK);
+
+  GURL https_server_url =
+      https_server_example_domain_.GetURL("files/ssl/google.html?a=b");
+  GURL::Replacements replacements;
+  replacements.SetHostStr("www.mail.example.com");
+  GURL https_server_mismatched_url =
+      https_server_url.ReplaceComponents(replacements);
+
+  WebContents* contents = browser()->tab_strip_model()->GetActiveWebContents();
+  CommonNameMismatchHandler::set_state_for_testing(
+      CommonNameMismatchHandler::IGNORE_REQUESTS_FOR_TESTING);
+  SSLInterstitialTimerObserver interstitial_timer_observer(contents);
+
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), https_server_mismatched_url, CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_NONE);
+  interstitial_timer_observer.WaitForTimerStarted();
+
+  EXPECT_TRUE(contents->IsLoading());
+  content::TestNavigationObserver observer(contents, 1);
+  browser()->OpenURL(content::OpenURLParams(GURL("https://google.com"),
+                                            content::Referrer(), CURRENT_TAB,
+                                            ui::PAGE_TRANSITION_TYPED, false));
+  observer.Wait();
+
+  SSLErrorHandler* ssl_error_handler =
+      SSLErrorHandler::FromWebContents(contents);
+  // Make sure that the |SSLErrorHandler| is deleted.
+  EXPECT_FALSE(ssl_error_handler);
+  EXPECT_FALSE(contents->ShowingInterstitialPage());
+  EXPECT_FALSE(contents->IsLoading());
+}
+
 class SSLBlockingPageIDNTest : public SecurityInterstitialIDNTest {
  protected:
   // SecurityInterstitialIDNTest implementation
   SecurityInterstitialPage* CreateInterstitial(
       content::WebContents* contents,
       const GURL& request_url) const override {
     net::SSLInfo ssl_info;
     ssl_info.cert = new net::X509Certificate(
         request_url.host(), "CA", base::Time::Max(), base::Time::Max());
     return new SSLBlockingPage(
@@ skipping 30 matching lines @@
 
 // Visit a page over https that contains a frame with a redirect.
 
 // XMLHttpRequest insecure content in synchronous mode.
 
 // XMLHttpRequest insecure content in asynchronous mode.
 
 // XMLHttpRequest over bad ssl in synchronous mode.
 
 // XMLHttpRequest over OK ssl in synchronous mode.