Chromium Code Reviews| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <string> | |
| 6 | |
| 7 #include "base/memory/ref_counted.h" | |
| 8 #include "base/memory/scoped_ptr.h" | |
| 9 #include "net/base/net_util.h" | |
| 10 #include "net/base/request_priority.h" | |
| 11 #include "net/http/http_network_session.h" | |
| 12 #include "net/http/http_network_transaction.h" | |
| 13 #include "net/http/http_request_info.h" | |
| 14 #include "net/socket/socket_test_util.h" | |
| 15 #include "net/spdy/spdy_test_util_spdy3.h" | |
| 16 #include "testing/gtest/include/gtest/gtest.h" | |
| 17 | |
| 18 namespace net { | |
| 19 | |
| 20 namespace { | |
| 21 | |
| 22 class HttpNetworkTransactionSSLTest : public testing::Test { | |
| 23 public: | |
| 24 HttpRequestInfo* GetRequestInfo(std::string url) { | |
| 25 HttpRequestInfo* request_info = new HttpRequestInfo; | |
| 26 request_info->url = GURL(url); | |
| 27 request_info->method = "GET"; | |
| 28 return request_info; | |
| 29 } | |
| 30 }; | |
| 31 | |
| 32 TEST_F(HttpNetworkTransactionSSLTest, Google_SSLVersionMinPreloadedEnabled) { | |
| 33 net::test_spdy3::SpdySessionDependencies session_deps; | |
|
thaidn_google
2013/04/16 00:39:12
Please let me know if you think I shouldn't reuse
Ryan Sleevi
2013/04/16 19:55:26
You shouldn't re-use this class :)
You could use
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 34 | |
| 35 // |ssl_data1| contains the data for the first SSL handshake that will | |
|
Ryan Sleevi
2013/04/16 19:55:26
comment nit: you intermix comments of "first SSL h
| |
| 36 // return |net::ERR_SSL_PROTOCOL_ERROR| to trigger the fallback logic in | |
| 37 // |HttpNetworkTransaction::HandleSSLHandshakeError|. | |
| 38 SSLSocketDataProvider ssl_data1(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 39 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data1); | |
| 40 net::StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 41 session_deps.socket_factory->AddSocketDataProvider(&data1); | |
| 42 | |
| 43 // |ssl_data2| contains the data for the second SSL handshake. When a | |
| 44 // connection to a server fails during an SSL handshake, | |
| 45 // HttpNetworkTransaction will attempt to fallback to TLSv1 if the previous | |
| 46 // connection was attempted with TLSv1.1. This is transparent to the caller | |
| 47 // of the HttpNetworkTransaction. | |
| 48 SSLSocketDataProvider ssl_data2(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 49 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data2); | |
| 50 net::StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 51 session_deps.socket_factory->AddSocketDataProvider(&data2); | |
| 52 | |
| 53 // Note: usually there should be a third handshake when | |
| 54 // |HttpNetworkTransaction| attempts to fallback to SSLv3 if the previous | |
| 55 // connection was attempted with TLSv1. There are only two handshakes here | |
| 56 // because SSLv3 fallback on Google's properties is disabled in this test. | |
| 57 | |
| 58 scoped_refptr<HttpNetworkSession> session( | |
| 59 net::test_spdy3::SpdySessionDependencies::SpdyCreateSession( | |
| 60 &session_deps)); | |
| 61 scoped_ptr<HttpNetworkTransaction> trans( | |
| 62 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
| 63 TestCompletionCallback callback; | |
| 64 | |
| 65 // This will consume |ssl_data1| and |ssl_data2|. | |
| 66 int rv = trans->Start(GetRequestInfo("https://www.google.com/"), | |
| 67 callback.callback(), BoundNetLog()); | |
| 68 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 69 // Complete the SSL handshake. | |
| 70 rv = callback.WaitForResult(); | |
|
Ryan Sleevi
2013/04/16 19:55:26
We're trying to phase out this pattern in existing
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 71 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); | |
|
Ryan Sleevi
2013/04/16 19:55:26
You're in net (line 18), so you don't need the net
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 72 | |
| 73 // |version_max| never fallbacks to SSLv3 for Google's properties. | |
| 74 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, | |
| 75 trans->server_ssl_config_for_testing().version_max); | |
| 76 } | |
| 77 | |
| 78 TEST_F(HttpNetworkTransactionSSLTest, Google_SSLVersionMinPreloadedDisabled) { | |
| 79 net::test_spdy3::SpdySessionDependencies session_deps; | |
| 80 | |
| 81 // |ssl_data1| contains the data for the first SSL handshake that will | |
| 82 // return |net::ERR_SSL_PROTOCOL_ERROR| to trigger the fallback logic in | |
| 83 // |HttpNetworkTransaction::HandleSSLHandshakeError|. | |
| 84 SSLSocketDataProvider ssl_data1(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 85 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data1); | |
| 86 net::StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 87 session_deps.socket_factory->AddSocketDataProvider(&data1); | |
| 88 | |
| 89 // |ssl_data2| contains the data for the second SSL handshake. When a | |
| 90 // connection to a server fails during an SSL handshake, | |
| 91 // HttpNetworkTransaction will attempt to fallback to TLSv1 if the previous | |
| 92 // connection was attempted with TLSv1.1. This is transparent to the caller | |
| 93 // of the HttpNetworkTransaction. | |
| 94 SSLSocketDataProvider ssl_data2(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 95 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data2); | |
| 96 net::StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 97 session_deps.socket_factory->AddSocketDataProvider(&data2); | |
| 98 | |
| 99 // ssl_data3 contains the data for the third SSL handshake. When a | |
| 100 // connection to a server fails during an SSL handshake, | |
| 101 // |HttpNetworkTransaction| will attempt to fallback to SSLv3 if the previous | |
| 102 // connection was attempted with TLSv1. This is transparent to the caller | |
| 103 // of the |HttpNetworkTransaction|. | |
| 104 SSLSocketDataProvider ssl_data3(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 105 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data3); | |
| 106 net::StaticSocketDataProvider data3(NULL, 0, NULL, 0); | |
| 107 session_deps.socket_factory->AddSocketDataProvider(&data3); | |
| 108 | |
| 109 // Note: if ssl_data3 is omitted (like in | |
| 110 // |Google_SSLVersionMinPreloadedEnabled|) then this test will crash, because | |
| 111 // Chrome will attempt to handshake 3 times, but there are just 2 handshake | |
| 112 // data. | |
| 113 | |
| 114 scoped_refptr<HttpNetworkSession> session( | |
| 115 net::test_spdy3::SpdySessionDependencies::SpdyCreateSession( | |
| 116 &session_deps)); | |
| 117 scoped_ptr<HttpNetworkTransaction> trans( | |
| 118 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
| 119 TestCompletionCallback callback; | |
| 120 | |
| 121 SSLConfig& ssl_config = trans->server_ssl_config_for_testing(); | |
| 122 ssl_config.ssl_version_min_preloaded_disabled = true; | |
| 123 | |
| 124 // This will consume |ssl_data1|, |ssl_data2| and |ssl_data3|. | |
| 125 int rv = trans->Start(GetRequestInfo("https://www.google.com/"), | |
| 126 callback.callback(), BoundNetLog()); | |
| 127 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 128 // Complete the SSL handshake. | |
| 129 rv = callback.WaitForResult(); | |
| 130 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); | |
| 131 | |
| 132 // |version_max| fallbacks to SSLv3 for Google's properties when | |
| 133 // |ssl_version_min_preloaded_disabled| is true. | |
| 134 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, | |
| 135 ssl_config.version_max); | |
| 136 } | |
| 137 | |
| 138 TEST_F(HttpNetworkTransactionSSLTest, PayPal_SSLVersionMinPreloadedDisabled) { | |
| 139 net::test_spdy3::SpdySessionDependencies session_deps; | |
| 140 | |
| 141 // |ssl_data1| contains the data for the first SSL handshake that will | |
| 142 // return |net::ERR_SSL_PROTOCOL_ERROR| to trigger the fallback logic in | |
| 143 // |HttpNetworkTransaction::HandleSSLHandshakeError|. | |
| 144 SSLSocketDataProvider ssl_data1(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 145 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data1); | |
| 146 net::StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 147 session_deps.socket_factory->AddSocketDataProvider(&data1); | |
| 148 | |
| 149 // |ssl_data2| contains the data for the second SSL handshake. When a | |
| 150 // connection to a server fails during an SSL handshake, | |
| 151 // HttpNetworkTransaction will attempt to fallback to TLSv1 if the previous | |
| 152 // connection was attempted with TLSv1.1. This is transparent to the caller | |
| 153 // of the HttpNetworkTransaction. | |
| 154 SSLSocketDataProvider ssl_data2(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 155 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data2); | |
| 156 net::StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 157 session_deps.socket_factory->AddSocketDataProvider(&data2); | |
| 158 | |
| 159 // ssl_data3 contains the data for the third SSL handshake. When a | |
| 160 // connection to a server fails during an SSL handshake, | |
| 161 // HttpNetworkTransaction will attempt to fallback to SSLv3 if the previous | |
| 162 // connection was attempted with TLSv1. This is transparent to the caller | |
| 163 // of the HttpNetworkTransaction. Because this test failure is due to | |
| 164 // requiring a client certificate, this fallback handshake should also | |
| 165 // fail. | |
|
Ryan Sleevi
2013/04/16 19:55:26
This comment seems entirely incorrect (and thus cr
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 166 SSLSocketDataProvider ssl_data3(ASYNC, net::ERR_SSL_PROTOCOL_ERROR); | |
| 167 session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_data3); | |
| 168 net::StaticSocketDataProvider data3(NULL, 0, NULL, 0); | |
| 169 session_deps.socket_factory->AddSocketDataProvider(&data3); | |
| 170 | |
| 171 // Note: if ssl_data3 is omitted (like in | |
| 172 // |Google_SSLVersionMinPreloadedEnabled|) then this test will crash, because | |
| 173 // Chrome will attempt to handshake 3 times, but there are just 2 handshake | |
|
Ryan Sleevi
2013/04/16 19:55:26
nit: s/Chrome/Chromium/
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 174 // data. | |
| 175 | |
| 176 scoped_refptr<HttpNetworkSession> session( | |
| 177 net::test_spdy3::SpdySessionDependencies::SpdyCreateSession( | |
| 178 &session_deps)); | |
| 179 scoped_ptr<HttpNetworkTransaction> trans( | |
| 180 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
|
Ryan Sleevi
2013/04/16 19:55:26
style: indentation
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 181 TestCompletionCallback callback; | |
| 182 | |
| 183 // This will consume |ssl_data1|, |ssl_data2| and |ssl_data3|. | |
| 184 int rv = trans->Start(GetRequestInfo("https://www.paypal.com/"), | |
| 185 callback.callback(), BoundNetLog()); | |
|
Ryan Sleevi
2013/04/16 19:55:26
style: indentation
thaidn_google
2013/04/17 00:46:17
Done.
| |
| 186 EXPECT_EQ(ERR_IO_PENDING, rv); | |
| 187 // Complete the SSL handshake. | |
| 188 rv = callback.WaitForResult(); | |
| 189 EXPECT_EQ(net::ERR_SSL_PROTOCOL_ERROR, rv); | |
| 190 | |
| 191 // |version_max| fallbacks to SSLv3. | |
| 192 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, | |
| 193 trans->server_ssl_config_for_testing().version_max); | |
| 194 } | |
| 195 | |
| 196 } // namespace | |
| 197 } // namespace net | |
| 198 | |
| OLD | NEW |