| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_error_handler.h" | 5 #include "chrome/browser/ssl/ssl_error_handler.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/message_loop/message_loop.h" | 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/metrics/field_trial.h" | 9 #include "base/metrics/field_trial.h" |
| 10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 11 #include "base/time/time.h" | 11 #include "base/time/time.h" |
| 12 #include "chrome/browser/captive_portal/captive_portal_service.h" | 12 #include "chrome/browser/captive_portal/captive_portal_service.h" |
| 13 #include "chrome/browser/profiles/profile.h" | 13 #include "chrome/browser/profiles/profile.h" |
| 14 #include "chrome/browser/ssl/common_name_mismatch_handler.h" |
| 14 #include "chrome/test/base/chrome_render_view_host_test_harness.h" | 15 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
| 15 #include "chrome/test/base/testing_profile.h" | 16 #include "chrome/test/base/testing_profile.h" |
| 16 #include "components/captive_portal/captive_portal_testing_utils.h" | 17 #include "components/captive_portal/captive_portal_testing_utils.h" |
| 17 #include "content/public/browser/notification_service.h" | 18 #include "content/public/browser/notification_service.h" |
| 18 #include "net/base/net_errors.h" | 19 #include "net/base/net_errors.h" |
| 20 #include "net/base/test_data_directory.h" |
| 21 #include "net/cert/x509_certificate.h" |
| 19 #include "net/ssl/ssl_info.h" | 22 #include "net/ssl/ssl_info.h" |
| 23 #include "net/test/cert_test_util.h" |
| 24 #include "net/test/test_certificate_data.h" |
| 20 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
| 21 | 26 |
| 22 class TestSSLErrorHandler : public SSLErrorHandler { | 27 class TestSSLErrorHandler : public SSLErrorHandler { |
| 23 public: | 28 public: |
| 24 TestSSLErrorHandler(Profile* profile, | 29 TestSSLErrorHandler(Profile* profile, |
| 25 content::WebContents* web_contents, | 30 content::WebContents* web_contents, |
| 26 const net::SSLInfo& ssl_info) | 31 const net::SSLInfo& ssl_info) |
| 27 : SSLErrorHandler(web_contents, | 32 : SSLErrorHandler(web_contents, |
| 28 net::ERR_CERT_COMMON_NAME_INVALID, | 33 net::ERR_CERT_COMMON_NAME_INVALID, |
| 29 ssl_info, | 34 ssl_info, |
| 30 GURL(), | 35 GURL(), |
| 31 0, | 36 0, |
| 32 nullptr, | 37 nullptr, |
| 33 base::Callback<void(bool)>()), | 38 base::Callback<void(bool)>()), |
| 34 profile_(profile), | 39 profile_(profile), |
| 35 captive_portal_checked_(false), | 40 captive_portal_checked_(false), |
| 41 suggested_url_exists_(false), |
| 42 suggested_url_checked_(false), |
| 36 ssl_interstitial_shown_(false), | 43 ssl_interstitial_shown_(false), |
| 37 captive_portal_interstitial_shown_(false) {} | 44 captive_portal_interstitial_shown_(false), |
| 45 common_name_mismatch_redirect_(false) {} |
| 38 | 46 |
| 39 ~TestSSLErrorHandler() override { | 47 ~TestSSLErrorHandler() override { |
| 40 } | 48 } |
| 41 | 49 |
| 42 using SSLErrorHandler::StartHandlingError; | 50 using SSLErrorHandler::StartHandlingError; |
| 43 | 51 |
| 44 void SendCaptivePortalNotification( | 52 void SendCaptivePortalNotification( |
| 45 captive_portal::CaptivePortalResult result) { | 53 captive_portal::CaptivePortalResult result) { |
| 46 CaptivePortalService::Results results; | 54 CaptivePortalService::Results results; |
| 47 results.previous_result = captive_portal::RESULT_INTERNET_CONNECTED; | 55 results.previous_result = captive_portal::RESULT_INTERNET_CONNECTED; |
| 48 results.result = result; | 56 results.result = result; |
| 49 content::NotificationService::current()->Notify( | 57 content::NotificationService::current()->Notify( |
| 50 chrome::NOTIFICATION_CAPTIVE_PORTAL_CHECK_RESULT, | 58 chrome::NOTIFICATION_CAPTIVE_PORTAL_CHECK_RESULT, |
| 51 content::Source<Profile>(profile_), | 59 content::Source<Profile>(profile_), |
| 52 content::Details<CaptivePortalService::Results>(&results)); | 60 content::Details<CaptivePortalService::Results>(&results)); |
| 53 } | 61 } |
| 54 | 62 |
| 63 void SendSuggestedUrlCheckResult( |
| 64 const CommonNameMismatchHandler::SuggestedUrlCheckResult& result, |
| 65 const GURL& suggested_url) { |
| 66 CommonNameMismatchHandlerCallback(result, suggested_url); |
| 67 } |
| 68 |
| 55 bool IsTimerRunning() const { | 69 bool IsTimerRunning() const { |
| 56 return get_timer().IsRunning(); | 70 return get_timer().IsRunning(); |
| 57 } | 71 } |
| 58 | 72 |
| 59 int captive_portal_checked() const { | 73 int captive_portal_checked() const { |
| 60 return captive_portal_checked_; | 74 return captive_portal_checked_; |
| 61 } | 75 } |
| 62 | 76 |
| 63 int ssl_interstitial_shown() const { | 77 int ssl_interstitial_shown() const { |
| 64 return ssl_interstitial_shown_; | 78 return ssl_interstitial_shown_; |
| 65 } | 79 } |
| 66 | 80 |
| 67 int captive_portal_interstitial_shown() const { | 81 int captive_portal_interstitial_shown() const { |
| 68 return captive_portal_interstitial_shown_; | 82 return captive_portal_interstitial_shown_; |
| 69 } | 83 } |
| 70 | 84 |
| 85 void SetSuggestedUrlExists(bool suggested_url_exists) { |
| 86 suggested_url_exists_ = suggested_url_exists; |
| 87 } |
| 88 |
| 89 bool GetSuggestedUrl(const std::vector<std::string>& dns_names, |
| 90 GURL* suggested_url) const override { |
| 91 if (!suggested_url_exists_) |
| 92 return false; |
| 93 *suggested_url = GURL("www.example.com"); |
| 94 return true; |
| 95 } |
| 96 |
| 97 bool suggested_url_checked() const { return suggested_url_checked_; } |
| 98 |
| 99 bool common_name_mismatch_redirect() const { |
| 100 return common_name_mismatch_redirect_; |
| 101 } |
| 102 |
| 71 void Reset() { | 103 void Reset() { |
| 72 captive_portal_checked_ = false; | 104 captive_portal_checked_ = false; |
| 105 suggested_url_exists_ = false; |
| 106 suggested_url_checked_ = false; |
| 73 ssl_interstitial_shown_ = false; | 107 ssl_interstitial_shown_ = false; |
| 74 captive_portal_interstitial_shown_ = false; | 108 captive_portal_interstitial_shown_ = false; |
| 109 common_name_mismatch_redirect_ = false; |
| 75 } | 110 } |
| 76 | 111 |
| 77 private: | 112 private: |
| 78 void CheckForCaptivePortal() override { | 113 void CheckForCaptivePortal() override { |
| 79 captive_portal_checked_ = true; | 114 captive_portal_checked_ = true; |
| 80 } | 115 } |
| 81 | 116 |
| 82 void ShowSSLInterstitial() override { | 117 void ShowSSLInterstitial() override { ssl_interstitial_shown_ = true; } |
| 83 ssl_interstitial_shown_ = true; | |
| 84 } | |
| 85 | 118 |
| 86 void ShowCaptivePortalInterstitial(const GURL& landing_url) override { | 119 void ShowCaptivePortalInterstitial(const GURL& landing_url) override { |
| 87 captive_portal_interstitial_shown_ = true; | 120 captive_portal_interstitial_shown_ = true; |
| 88 } | 121 } |
| 89 | 122 |
| 123 void CheckSuggestedUrl(const GURL& suggested_url) override { |
| 124 suggested_url_checked_ = true; |
| 125 } |
| 126 |
| 127 void NavigateToSuggestedURL(const GURL& suggested_url) override { |
| 128 common_name_mismatch_redirect_ = true; |
| 129 } |
| 130 |
| 90 Profile* profile_; | 131 Profile* profile_; |
| 91 bool captive_portal_checked_; | 132 bool captive_portal_checked_; |
| 133 bool suggested_url_exists_; |
| 134 bool suggested_url_checked_; |
| 92 bool ssl_interstitial_shown_; | 135 bool ssl_interstitial_shown_; |
| 93 bool captive_portal_interstitial_shown_; | 136 bool captive_portal_interstitial_shown_; |
| 137 bool common_name_mismatch_redirect_; |
| 94 | 138 |
| 95 DISALLOW_COPY_AND_ASSIGN(TestSSLErrorHandler); | 139 DISALLOW_COPY_AND_ASSIGN(TestSSLErrorHandler); |
| 96 }; | 140 }; |
| 97 | 141 |
| 98 class SSLErrorHandlerTest : public ChromeRenderViewHostTestHarness { | 142 class SSLErrorHandlerTest : public ChromeRenderViewHostTestHarness { |
| 99 public: | 143 public: |
| 100 SSLErrorHandlerTest() | 144 SSLErrorHandlerTest() |
| 101 : field_trial_list_(NULL) { | 145 : field_trial_list_(NULL) { |
| 102 } | 146 } |
| 103 | 147 |
| 104 void SetUp() override { | 148 void SetUp() override { |
| 105 ChromeRenderViewHostTestHarness::SetUp(); | 149 ChromeRenderViewHostTestHarness::SetUp(); |
| 106 SSLErrorHandler::SetInterstitialDelayTypeForTest(SSLErrorHandler::NONE); | 150 SSLErrorHandler::SetInterstitialDelayTypeForTest(SSLErrorHandler::NONE); |
| 151 ssl_info_.cert = |
| 152 net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem"); |
| 153 ssl_info_.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID; |
| 107 error_handler_.reset(new TestSSLErrorHandler(profile(), | 154 error_handler_.reset(new TestSSLErrorHandler(profile(), |
| 108 web_contents(), | 155 web_contents(), |
| 109 ssl_info_)); | 156 ssl_info_)); |
| 110 // Enable finch experiment for captive portal interstitials. | 157 // Enable finch experiment for captive portal interstitials. |
| 111 ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( | 158 ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( |
| 112 "CaptivePortalInterstitial", "Enabled")); | 159 "CaptivePortalInterstitial", "Enabled")); |
| 113 } | 160 } |
| 114 | 161 |
| 115 void TearDown() override { | 162 void TearDown() override { |
| 116 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 163 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 117 error_handler_.reset(NULL); | 164 error_handler_.reset(NULL); |
| 118 ChromeRenderViewHostTestHarness::TearDown(); | 165 ChromeRenderViewHostTestHarness::TearDown(); |
| 119 } | 166 } |
| 120 | 167 |
| 121 TestSSLErrorHandler* error_handler() { return error_handler_.get(); } | 168 TestSSLErrorHandler* error_handler() { return error_handler_.get(); } |
| 122 | 169 |
| 123 private: | 170 private: |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 184 error_handler()->SendCaptivePortalNotification( | 231 error_handler()->SendCaptivePortalNotification( |
| 185 captive_portal::RESULT_INTERNET_CONNECTED); | 232 captive_portal::RESULT_INTERNET_CONNECTED); |
| 186 base::MessageLoop::current()->RunUntilIdle(); | 233 base::MessageLoop::current()->RunUntilIdle(); |
| 187 | 234 |
| 188 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 235 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 189 EXPECT_FALSE(error_handler()->captive_portal_checked()); | 236 EXPECT_FALSE(error_handler()->captive_portal_checked()); |
| 190 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); | 237 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 191 EXPECT_FALSE(error_handler()->captive_portal_interstitial_shown()); | 238 EXPECT_FALSE(error_handler()->captive_portal_interstitial_shown()); |
| 192 } | 239 } |
| 193 | 240 |
| 241 TEST_F(SSLErrorHandlerTest, ShouldNotCheckSuggestedUrlIfNoSuggestedUrl) { |
| 242 error_handler()->SetSuggestedUrlExists(false); |
| 243 error_handler()->StartHandlingError(); |
| 244 |
| 245 EXPECT_TRUE(error_handler()->captive_portal_checked()); |
| 246 EXPECT_TRUE(error_handler()->IsTimerRunning()); |
| 247 EXPECT_FALSE(error_handler()->suggested_url_checked()); |
| 248 base::RunLoop().RunUntilIdle(); |
| 249 |
| 250 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 251 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 252 } |
| 253 |
| 254 TEST_F(SSLErrorHandlerTest, ShouldNotCheckCaptivePortalIfSuggestedUrlExists) { |
| 255 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 256 error_handler()->SetSuggestedUrlExists(true); |
| 257 error_handler()->StartHandlingError(); |
| 258 |
| 259 EXPECT_TRUE(error_handler()->IsTimerRunning()); |
| 260 EXPECT_TRUE(error_handler()->suggested_url_checked()); |
| 261 EXPECT_FALSE(error_handler()->captive_portal_checked()); |
| 262 base::RunLoop().RunUntilIdle(); |
| 263 |
| 264 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 265 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 266 } |
| 267 |
| 194 #else // #if !defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 268 #else // #if !defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 195 | 269 |
| 196 TEST_F(SSLErrorHandlerTest, | 270 TEST_F(SSLErrorHandlerTest, |
| 197 ShouldShowSSLInterstitialOnCaptivePortalDetectionDisabled) { | 271 ShouldShowSSLInterstitialOnCaptivePortalDetectionDisabled) { |
| 198 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 272 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 273 error_handler()->SetSuggestedUrlExists(false); |
| 199 error_handler()->StartHandlingError(); | 274 error_handler()->StartHandlingError(); |
| 200 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 275 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 201 EXPECT_FALSE(error_handler()->captive_portal_checked()); | 276 EXPECT_FALSE(error_handler()->captive_portal_checked()); |
| 202 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); | 277 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 203 EXPECT_FALSE(error_handler()->captive_portal_interstitial_shown()); | 278 EXPECT_FALSE(error_handler()->captive_portal_interstitial_shown()); |
| 204 } | 279 } |
| 205 | 280 |
| 206 #endif // defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 281 #endif // defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 282 |
| 283 TEST_F(SSLErrorHandlerTest, |
| 284 ShouldShowSSLInterstitialOnTimerExpiredWhenSuggestedUrlExists) { |
| 285 error_handler()->SetSuggestedUrlExists(true); |
| 286 error_handler()->StartHandlingError(); |
| 287 |
| 288 EXPECT_TRUE(error_handler()->IsTimerRunning()); |
| 289 EXPECT_TRUE(error_handler()->suggested_url_checked()); |
| 290 EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); |
| 291 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); |
| 292 |
| 293 base::RunLoop().RunUntilIdle(); |
| 294 |
| 295 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 296 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 297 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); |
| 298 } |
| 299 |
| 300 TEST_F(SSLErrorHandlerTest, ShouldRedirectOnSuggestedUrlCheckResult) { |
| 301 error_handler()->SetSuggestedUrlExists(true); |
| 302 error_handler()->StartHandlingError(); |
| 303 |
| 304 EXPECT_TRUE(error_handler()->IsTimerRunning()); |
| 305 EXPECT_TRUE(error_handler()->suggested_url_checked()); |
| 306 EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); |
| 307 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); |
| 308 // Fake a valid suggested URL check result. |
| 309 // The URL returned by |SuggestedUrlCheckResult| can be different from |
| 310 // |suggested_url|, if there is a redirect. |
| 311 error_handler()->SendSuggestedUrlCheckResult( |
| 312 CommonNameMismatchHandler::SuggestedUrlCheckResult:: |
| 313 SUGGESTED_URL_AVAILABLE, |
| 314 GURL("https://random.example.com")); |
| 315 |
| 316 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 317 EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); |
| 318 EXPECT_TRUE(error_handler()->common_name_mismatch_redirect()); |
| 319 } |
| 320 |
| 321 TEST_F(SSLErrorHandlerTest, ShouldShowSSLInterstitialOnInvalidUrlCheckResult) { |
| 322 error_handler()->SetSuggestedUrlExists(true); |
| 323 error_handler()->StartHandlingError(); |
| 324 |
| 325 EXPECT_TRUE(error_handler()->IsTimerRunning()); |
| 326 EXPECT_TRUE(error_handler()->suggested_url_checked()); |
| 327 EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); |
| 328 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); |
| 329 // Fake an Invalid Suggested URL Check result. |
| 330 error_handler()->SendSuggestedUrlCheckResult( |
| 331 CommonNameMismatchHandler::SuggestedUrlCheckResult:: |
| 332 SUGGESTED_URL_NOT_AVAILABLE, |
| 333 GURL()); |
| 334 |
| 335 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 336 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 337 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); |
| 338 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1223233002:
Common Name Mismatch Handler For WWW Subdomain Mismatch case (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master