OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 #include <vector> | 6 #include <vector> |
7 | 7 |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
10 #include "net/base/net_util.h" | 10 #include "net/base/net_util.h" |
11 #include "net/base/request_priority.h" | 11 #include "net/base/request_priority.h" |
12 #include "net/dns/mock_host_resolver.h" | 12 #include "net/dns/mock_host_resolver.h" |
13 #include "net/http/http_auth_handler_mock.h" | 13 #include "net/http/http_auth_handler_mock.h" |
14 #include "net/http/http_network_session.h" | 14 #include "net/http/http_network_session.h" |
15 #include "net/http/http_network_transaction.h" | 15 #include "net/http/http_network_transaction.h" |
16 #include "net/http/http_request_info.h" | 16 #include "net/http/http_request_info.h" |
17 #include "net/http/http_server_properties_impl.h" | 17 #include "net/http/http_server_properties_impl.h" |
18 #include "net/http/transport_security_state.h" | 18 #include "net/http/transport_security_state.h" |
19 #include "net/proxy/proxy_service.h" | 19 #include "net/proxy/proxy_service.h" |
20 #include "net/socket/socket_test_util.h" | 20 #include "net/socket/socket_test_util.h" |
| 21 #include "net/ssl/default_channel_id_store.h" |
21 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
22 | 23 |
23 namespace net { | 24 namespace net { |
24 | 25 |
25 namespace { | 26 namespace { |
26 | 27 |
27 class TLS10SSLConfigService : public SSLConfigService { | 28 class TLS10SSLConfigService : public SSLConfigService { |
28 public: | 29 public: |
29 TLS10SSLConfigService() { | 30 TLS10SSLConfigService() { |
30 ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1; | 31 ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1; |
(...skipping 16 matching lines...) Expand all Loading... |
47 } | 48 } |
48 | 49 |
49 void GetSSLConfig(SSLConfig* config) override { *config = ssl_config_; } | 50 void GetSSLConfig(SSLConfig* config) override { *config = ssl_config_; } |
50 | 51 |
51 private: | 52 private: |
52 ~TLS12SSLConfigService() override {} | 53 ~TLS12SSLConfigService() override {} |
53 | 54 |
54 SSLConfig ssl_config_; | 55 SSLConfig ssl_config_; |
55 }; | 56 }; |
56 | 57 |
| 58 class TokenBindingSSLConfigService : public SSLConfigService { |
| 59 public: |
| 60 TokenBindingSSLConfigService() { |
| 61 ssl_config_.token_binding_params.push_back(TB_PARAM_ECDSAP256); |
| 62 } |
| 63 |
| 64 void GetSSLConfig(SSLConfig* config) override { *config = ssl_config_; } |
| 65 |
| 66 private: |
| 67 ~TokenBindingSSLConfigService() override {} |
| 68 |
| 69 SSLConfig ssl_config_; |
| 70 }; |
| 71 |
57 } // namespace | 72 } // namespace |
58 | 73 |
59 class HttpNetworkTransactionSSLTest : public testing::Test { | 74 class HttpNetworkTransactionSSLTest : public testing::Test { |
60 protected: | 75 protected: |
61 void SetUp() override { | 76 void SetUp() override { |
62 ssl_config_service_ = new TLS10SSLConfigService; | 77 ssl_config_service_ = new TLS10SSLConfigService; |
63 session_params_.ssl_config_service = ssl_config_service_.get(); | 78 session_params_.ssl_config_service = ssl_config_service_.get(); |
64 | 79 |
65 auth_handler_factory_.reset(new HttpAuthHandlerMock::Factory()); | 80 auth_handler_factory_.reset(new HttpAuthHandlerMock::Factory()); |
66 session_params_.http_auth_handler_factory = auth_handler_factory_.get(); | 81 session_params_.http_auth_handler_factory = auth_handler_factory_.get(); |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
141 mock_socket_factory_.mock_data(); | 156 mock_socket_factory_.mock_data(); |
142 // Confirms that |ssl_data1|, |ssl_data2| and |ssl_data3| are consumed. | 157 // Confirms that |ssl_data1|, |ssl_data2| and |ssl_data3| are consumed. |
143 EXPECT_EQ(3u, mock_data.next_index()); | 158 EXPECT_EQ(3u, mock_data.next_index()); |
144 | 159 |
145 SSLConfig& ssl_config = GetServerSSLConfig(&trans); | 160 SSLConfig& ssl_config = GetServerSSLConfig(&trans); |
146 // |version_max| fallbacks to TLS 1.0. | 161 // |version_max| fallbacks to TLS 1.0. |
147 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_max); | 162 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_max); |
148 EXPECT_TRUE(ssl_config.version_fallback); | 163 EXPECT_TRUE(ssl_config.version_fallback); |
149 } | 164 } |
150 | 165 |
| 166 #if !defined(OS_IOS) |
| 167 TEST_F(HttpNetworkTransactionSSLTest, TokenBinding) { |
| 168 ssl_config_service_ = new TokenBindingSSLConfigService; |
| 169 session_params_.ssl_config_service = ssl_config_service_.get(); |
| 170 ChannelIDService channel_id_service(new DefaultChannelIDStore(NULL), |
| 171 base::ThreadTaskRunnerHandle::Get()); |
| 172 session_params_.channel_id_service = &channel_id_service; |
| 173 |
| 174 SSLSocketDataProvider ssl_data(ASYNC, OK); |
| 175 ssl_data.token_binding_negotiated = true; |
| 176 ssl_data.token_binding_key_param = TB_PARAM_ECDSAP256; |
| 177 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data); |
| 178 MockRead mock_reads[] = {MockRead("HTTP/1.1 200 OK\r\n\r\n"), |
| 179 MockRead(SYNCHRONOUS, OK)}; |
| 180 StaticSocketDataProvider data(mock_reads, arraysize(mock_reads), NULL, 0); |
| 181 mock_socket_factory_.AddSocketDataProvider(&data); |
| 182 |
| 183 HttpNetworkSession session(session_params_); |
| 184 HttpNetworkTransaction trans(DEFAULT_PRIORITY, &session); |
| 185 |
| 186 TestCompletionCallback callback; |
| 187 int rv = |
| 188 callback.GetResult(trans.Start(GetRequestInfo("https://www.example.com/"), |
| 189 callback.callback(), BoundNetLog())); |
| 190 EXPECT_EQ(OK, rv); |
| 191 |
| 192 HttpRequestHeaders headers1; |
| 193 ASSERT_TRUE(trans.GetFullRequestHeaders(&headers1)); |
| 194 std::string token_binding_header1; |
| 195 EXPECT_TRUE(headers1.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 196 &token_binding_header1)); |
| 197 |
| 198 // Send a second request and verify that the token binding header is the same |
| 199 // as in the first request. |
| 200 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data); |
| 201 StaticSocketDataProvider data2(mock_reads, arraysize(mock_reads), NULL, 0); |
| 202 mock_socket_factory_.AddSocketDataProvider(&data2); |
| 203 |
| 204 rv = |
| 205 callback.GetResult(trans.Start(GetRequestInfo("https://www.example.com/"), |
| 206 callback.callback(), BoundNetLog())); |
| 207 EXPECT_EQ(OK, rv); |
| 208 |
| 209 HttpRequestHeaders headers2; |
| 210 ASSERT_TRUE(trans.GetFullRequestHeaders(&headers2)); |
| 211 std::string token_binding_header2; |
| 212 EXPECT_TRUE(headers2.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 213 &token_binding_header2)); |
| 214 |
| 215 EXPECT_EQ(token_binding_header1, token_binding_header2); |
| 216 } |
| 217 #endif // !defined(OS_IOS) |
| 218 |
151 } // namespace net | 219 } // namespace net |
152 | 220 |
OLD | NEW |