| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 #include <vector> | 6 #include <vector> |
| 7 | 7 |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "net/base/net_util.h" | 10 #include "net/base/net_util.h" |
| 11 #include "net/base/request_priority.h" | 11 #include "net/base/request_priority.h" |
| 12 #include "net/dns/mock_host_resolver.h" | 12 #include "net/dns/mock_host_resolver.h" |
| 13 #include "net/http/http_auth_handler_mock.h" | 13 #include "net/http/http_auth_handler_mock.h" |
| 14 #include "net/http/http_network_session.h" | 14 #include "net/http/http_network_session.h" |
| 15 #include "net/http/http_network_transaction.h" | 15 #include "net/http/http_network_transaction.h" |
| 16 #include "net/http/http_request_info.h" | 16 #include "net/http/http_request_info.h" |
| 17 #include "net/http/http_server_properties_impl.h" | 17 #include "net/http/http_server_properties_impl.h" |
| 18 #include "net/http/transport_security_state.h" | 18 #include "net/http/transport_security_state.h" |
| 19 #include "net/proxy/proxy_service.h" | 19 #include "net/proxy/proxy_service.h" |
| 20 #include "net/socket/socket_test_util.h" | 20 #include "net/socket/socket_test_util.h" |
| 21 #include "net/ssl/default_channel_id_store.h" |
| 21 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
| 22 | 23 |
| 23 namespace net { | 24 namespace net { |
| 24 | 25 |
| 25 namespace { | 26 namespace { |
| 26 | 27 |
| 27 class TLS10SSLConfigService : public SSLConfigService { | 28 class TLS10SSLConfigService : public SSLConfigService { |
| 28 public: | 29 public: |
| 29 TLS10SSLConfigService() { | 30 TLS10SSLConfigService() { |
| 30 ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1; | 31 ssl_config_.version_min = SSL_PROTOCOL_VERSION_TLS1; |
| (...skipping 16 matching lines...) Expand all Loading... |
| 47 } | 48 } |
| 48 | 49 |
| 49 void GetSSLConfig(SSLConfig* config) override { *config = ssl_config_; } | 50 void GetSSLConfig(SSLConfig* config) override { *config = ssl_config_; } |
| 50 | 51 |
| 51 private: | 52 private: |
| 52 ~TLS12SSLConfigService() override {} | 53 ~TLS12SSLConfigService() override {} |
| 53 | 54 |
| 54 SSLConfig ssl_config_; | 55 SSLConfig ssl_config_; |
| 55 }; | 56 }; |
| 56 | 57 |
| 58 class TokenBindingSSLConfigService : public SSLConfigService { |
| 59 public: |
| 60 TokenBindingSSLConfigService() { |
| 61 ssl_config_.token_binding_params.push_back(TB_PARAM_ECDSAP256); |
| 62 } |
| 63 |
| 64 void GetSSLConfig(SSLConfig* config) override { *config = ssl_config_; } |
| 65 |
| 66 private: |
| 67 ~TokenBindingSSLConfigService() override {} |
| 68 |
| 69 SSLConfig ssl_config_; |
| 70 }; |
| 71 |
| 57 } // namespace | 72 } // namespace |
| 58 | 73 |
| 59 class HttpNetworkTransactionSSLTest : public testing::Test { | 74 class HttpNetworkTransactionSSLTest : public testing::Test { |
| 60 protected: | 75 protected: |
| 61 void SetUp() override { | 76 void SetUp() override { |
| 62 ssl_config_service_ = new TLS10SSLConfigService; | 77 ssl_config_service_ = new TLS10SSLConfigService; |
| 63 session_params_.ssl_config_service = ssl_config_service_.get(); | 78 session_params_.ssl_config_service = ssl_config_service_.get(); |
| 64 | 79 |
| 65 auth_handler_factory_.reset(new HttpAuthHandlerMock::Factory()); | 80 auth_handler_factory_.reset(new HttpAuthHandlerMock::Factory()); |
| 66 session_params_.http_auth_handler_factory = auth_handler_factory_.get(); | 81 session_params_.http_auth_handler_factory = auth_handler_factory_.get(); |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 141 mock_socket_factory_.mock_data(); | 156 mock_socket_factory_.mock_data(); |
| 142 // Confirms that |ssl_data1|, |ssl_data2| and |ssl_data3| are consumed. | 157 // Confirms that |ssl_data1|, |ssl_data2| and |ssl_data3| are consumed. |
| 143 EXPECT_EQ(3u, mock_data.next_index()); | 158 EXPECT_EQ(3u, mock_data.next_index()); |
| 144 | 159 |
| 145 SSLConfig& ssl_config = GetServerSSLConfig(&trans); | 160 SSLConfig& ssl_config = GetServerSSLConfig(&trans); |
| 146 // |version_max| fallbacks to TLS 1.0. | 161 // |version_max| fallbacks to TLS 1.0. |
| 147 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_max); | 162 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_max); |
| 148 EXPECT_TRUE(ssl_config.version_fallback); | 163 EXPECT_TRUE(ssl_config.version_fallback); |
| 149 } | 164 } |
| 150 | 165 |
| 166 #if !defined(OS_IOS) |
| 167 TEST_F(HttpNetworkTransactionSSLTest, TokenBinding) { |
| 168 ssl_config_service_ = new TokenBindingSSLConfigService; |
| 169 session_params_.ssl_config_service = ssl_config_service_.get(); |
| 170 ChannelIDService channel_id_service(new DefaultChannelIDStore(NULL), |
| 171 base::ThreadTaskRunnerHandle::Get()); |
| 172 session_params_.channel_id_service = &channel_id_service; |
| 173 |
| 174 SSLSocketDataProvider ssl_data(ASYNC, OK); |
| 175 ssl_data.token_binding_negotiated = true; |
| 176 ssl_data.token_binding_key_param = TB_PARAM_ECDSAP256; |
| 177 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data); |
| 178 MockRead mock_reads[] = {MockRead("HTTP/1.1 200 OK\r\n\r\n"), |
| 179 MockRead(SYNCHRONOUS, OK)}; |
| 180 StaticSocketDataProvider data(mock_reads, arraysize(mock_reads), NULL, 0); |
| 181 mock_socket_factory_.AddSocketDataProvider(&data); |
| 182 |
| 183 HttpNetworkSession session(session_params_); |
| 184 HttpNetworkTransaction trans(DEFAULT_PRIORITY, &session); |
| 185 |
| 186 TestCompletionCallback callback; |
| 187 int rv = |
| 188 callback.GetResult(trans.Start(GetRequestInfo("https://www.example.com/"), |
| 189 callback.callback(), BoundNetLog())); |
| 190 EXPECT_EQ(OK, rv); |
| 191 |
| 192 HttpRequestHeaders headers1; |
| 193 ASSERT_TRUE(trans.GetFullRequestHeaders(&headers1)); |
| 194 std::string token_binding_header1; |
| 195 EXPECT_TRUE(headers1.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 196 &token_binding_header1)); |
| 197 |
| 198 // Send a second request and verify that the token binding header is the same |
| 199 // as in the first request. |
| 200 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data); |
| 201 StaticSocketDataProvider data2(mock_reads, arraysize(mock_reads), NULL, 0); |
| 202 mock_socket_factory_.AddSocketDataProvider(&data2); |
| 203 |
| 204 rv = |
| 205 callback.GetResult(trans.Start(GetRequestInfo("https://www.example.com/"), |
| 206 callback.callback(), BoundNetLog())); |
| 207 EXPECT_EQ(OK, rv); |
| 208 |
| 209 HttpRequestHeaders headers2; |
| 210 ASSERT_TRUE(trans.GetFullRequestHeaders(&headers2)); |
| 211 std::string token_binding_header2; |
| 212 EXPECT_TRUE(headers2.GetHeader(HttpRequestHeaders::kTokenBinding, |
| 213 &token_binding_header2)); |
| 214 |
| 215 EXPECT_EQ(token_binding_header1, token_binding_header2); |
| 216 } |
| 217 #endif // !defined(OS_IOS) |
| 218 |
| 151 } // namespace net | 219 } // namespace net |
| 152 | 220 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1378613004:
Set Token-Binding HTTP header (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@tb-tls-ext-new