| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <string> |
| 6 |
| 7 #include "base/memory/ref_counted.h" |
| 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "net/base/net_util.h" |
| 10 #include "net/base/request_priority.h" |
| 11 #include "net/dns/mock_host_resolver.h" |
| 12 #include "net/http/http_auth_handler_mock.h" |
| 13 #include "net/http/http_network_session.h" |
| 14 #include "net/http/http_network_transaction.h" |
| 15 #include "net/http/http_request_info.h" |
| 16 #include "net/http/http_server_properties_impl.h" |
| 17 #include "net/http/transport_security_state.h" |
| 18 #include "net/proxy/proxy_service.h" |
| 19 #include "net/socket/socket_test_util.h" |
| 20 #include "testing/gtest/include/gtest/gtest.h" |
| 21 |
| 22 namespace net { |
| 23 |
| 24 namespace { |
| 25 |
| 26 class TLS1OnlySSLConfigService : public SSLConfigService { |
| 27 public: |
| 28 TLS1OnlySSLConfigService() { |
| 29 ssl_config_.version_min = SSL_PROTOCOL_VERSION_SSL3; |
| 30 ssl_config_.version_max = SSL_PROTOCOL_VERSION_TLS1; |
| 31 } |
| 32 |
| 33 virtual void GetSSLConfig(SSLConfig* config) OVERRIDE { |
| 34 *config = ssl_config_; |
| 35 } |
| 36 |
| 37 private: |
| 38 virtual ~TLS1OnlySSLConfigService() {} |
| 39 |
| 40 SSLConfig ssl_config_; |
| 41 }; |
| 42 |
| 43 } // namespace |
| 44 |
| 45 class HttpNetworkTransactionSSLTest : public testing::Test { |
| 46 protected: |
| 47 virtual void SetUp() { |
| 48 ssl_config_service_ = new TLS1OnlySSLConfigService; |
| 49 session_params_.ssl_config_service = ssl_config_service_.get(); |
| 50 |
| 51 auth_handler_factory_.reset(new HttpAuthHandlerMock::Factory()); |
| 52 session_params_.http_auth_handler_factory = auth_handler_factory_.get(); |
| 53 |
| 54 proxy_service_.reset(ProxyService::CreateDirect()); |
| 55 session_params_.proxy_service = proxy_service_.get(); |
| 56 |
| 57 session_params_.client_socket_factory = &mock_socket_factory_; |
| 58 session_params_.host_resolver = &mock_resolver_; |
| 59 session_params_.http_server_properties = &http_server_properties_; |
| 60 session_params_.transport_security_state = &transport_security_state_; |
| 61 } |
| 62 |
| 63 HttpRequestInfo* GetRequestInfo(std::string url) { |
| 64 HttpRequestInfo* request_info = new HttpRequestInfo; |
| 65 request_info->url = GURL(url); |
| 66 request_info->method = "GET"; |
| 67 return request_info; |
| 68 } |
| 69 |
| 70 SSLConfig& GetServerSSLConfig(HttpNetworkTransaction* trans) { |
| 71 return trans->server_ssl_config_; |
| 72 } |
| 73 |
| 74 scoped_refptr<SSLConfigService> ssl_config_service_; |
| 75 scoped_ptr<HttpAuthHandlerMock::Factory> auth_handler_factory_; |
| 76 scoped_ptr<ProxyService> proxy_service_; |
| 77 |
| 78 MockClientSocketFactory mock_socket_factory_; |
| 79 MockHostResolver mock_resolver_; |
| 80 HttpServerPropertiesImpl http_server_properties_; |
| 81 TransportSecurityState transport_security_state_; |
| 82 HttpNetworkSession::Params session_params_; |
| 83 }; |
| 84 |
| 85 // Tests that HttpNetworkTransaction does not attempt to |
| 86 // fallback to SSL 3.0 when a TLS 1.0 handshake fails and: |
| 87 // * the site is pinned to the Google pin list (indicating that |
| 88 // it is a Google site); |
| 89 // * SSL 3.0 fallback is disabled. |
| 90 TEST_F(HttpNetworkTransactionSSLTest, SSL3VersionFallbackDisabled_Google) { |
| 91 // |ssl_data1| is for the first handshake (TLS 1.0), which will fail for |
| 92 // protocol reasons (e.g., simulating a version rollback attack). |
| 93 // Because SSL 3.0 fallback is disabled, only this simulated SSL handshake |
| 94 // is consumed. |
| 95 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); |
| 96 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); |
| 97 StaticSocketDataProvider data1(NULL, 0, NULL, 0); |
| 98 mock_socket_factory_.AddSocketDataProvider(&data1); |
| 99 |
| 100 // This extra handshake, which should be unconsumed, is provided to ensure |
| 101 // that even if the behaviour being tested here ever breaks (and Google |
| 102 // properties begin SSL 3.0 fallbacks), this test will not crash (and bring |
| 103 // down all of net_unittests), but it will fail gracefully. |
| 104 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); |
| 105 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); |
| 106 StaticSocketDataProvider data2(NULL, 0, NULL, 0); |
| 107 mock_socket_factory_.AddSocketDataProvider(&data2); |
| 108 |
| 109 scoped_refptr<HttpNetworkSession> session( |
| 110 new HttpNetworkSession(session_params_)); |
| 111 scoped_ptr<HttpNetworkTransaction> trans( |
| 112 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); |
| 113 |
| 114 TestCompletionCallback callback; |
| 115 // This will consume only |ssl_data1|. |ssl_data2| will not be consumed. |
| 116 int rv = callback.GetResult( |
| 117 trans->Start(GetRequestInfo("https://www.google.com/"), |
| 118 callback.callback(), BoundNetLog())); |
| 119 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); |
| 120 |
| 121 SocketDataProviderArray<SocketDataProvider>& mock_data = |
| 122 mock_socket_factory_.mock_data(); |
| 123 // Confirms that only |ssl_data1| is consumed. |
| 124 EXPECT_EQ(1u, mock_data.next_index()); |
| 125 |
| 126 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); |
| 127 // |version_max| never fallbacks to SSLv3 for Google properties. |
| 128 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_max); |
| 129 EXPECT_FALSE(ssl_config.version_fallback); |
| 130 } |
| 131 |
| 132 // Tests that HttpNetworkTransaction attempts to fallback to SSL 3.0 |
| 133 // when a TLS 1.0 handshake fails and: |
| 134 // * the site is pinned to the Google pin list (indicating that |
| 135 // it is a Google site); |
| 136 // * SSL 3.0 fallback is enabled. |
| 137 TEST_F(HttpNetworkTransactionSSLTest, SSL3VersionFallbackEnabled_Google) { |
| 138 // |ssl_data1| is for the first handshake (TLS 1.0), which will fail for |
| 139 // protocol reasons (e.g., simulating a version rollback attack). |
| 140 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); |
| 141 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); |
| 142 StaticSocketDataProvider data1(NULL, 0, NULL, 0); |
| 143 mock_socket_factory_.AddSocketDataProvider(&data1); |
| 144 |
| 145 // |ssl_data2| contains the handshake result for a SSL 3.0 |
| 146 // handshake which will be attempted after the TLS 1.0 |
| 147 // handshake fails. |
| 148 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); |
| 149 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); |
| 150 StaticSocketDataProvider data2(NULL, 0, NULL, 0); |
| 151 mock_socket_factory_.AddSocketDataProvider(&data2); |
| 152 |
| 153 scoped_refptr<HttpNetworkSession> session( |
| 154 new HttpNetworkSession(session_params_)); |
| 155 scoped_ptr<HttpNetworkTransaction> trans( |
| 156 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); |
| 157 |
| 158 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); |
| 159 ssl_config.ssl3_version_fallback_enabled = true; |
| 160 |
| 161 TestCompletionCallback callback; |
| 162 // This will consume |ssl_data1| and |ssl_data2|. |
| 163 int rv = callback.GetResult( |
| 164 trans->Start(GetRequestInfo("https://www.google.com/"), |
| 165 callback.callback(), BoundNetLog())); |
| 166 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); |
| 167 |
| 168 SocketDataProviderArray<SocketDataProvider>& mock_data = |
| 169 mock_socket_factory_.mock_data(); |
| 170 // Confirms that both |ssl_data1| and |ssl_data2| are consumed. |
| 171 EXPECT_EQ(2u, mock_data.next_index()); |
| 172 |
| 173 // |version_max| fallbacks to SSL 3.0 for Google properties when |
| 174 // |ssl3_version_fallback_enabled| is true. |
| 175 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max); |
| 176 EXPECT_TRUE(ssl_config.version_fallback); |
| 177 } |
| 178 |
| 179 // Tests that HttpNetworkTransaction attempts to fallback to SSL 3.0 |
| 180 // when a TLS 1.0 handshake fails and the site is not a Google domain, |
| 181 // even if SSL 3.0 fallback is disabled. |
| 182 // TODO(thaidn): revise the above comment and this test when the |
| 183 // SSL 3.0 fallback experiment is applied for non-Google domains. |
| 184 TEST_F(HttpNetworkTransactionSSLTest, SSL3VersionFallbackDisabled_Paypal) { |
| 185 // |ssl_data1| is for the first handshake (TLS 1.0), which will fail for |
| 186 // protocol reasons (e.g., simulating a version rollback attack). |
| 187 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); |
| 188 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); |
| 189 StaticSocketDataProvider data1(NULL, 0, NULL, 0); |
| 190 mock_socket_factory_.AddSocketDataProvider(&data1); |
| 191 |
| 192 // |ssl_data2| contains the handshake result for a SSL 3.0 |
| 193 // handshake which will be attempted after the TLS 1.0 |
| 194 // handshake fails. |
| 195 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); |
| 196 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); |
| 197 StaticSocketDataProvider data2(NULL, 0, NULL, 0); |
| 198 mock_socket_factory_.AddSocketDataProvider(&data2); |
| 199 |
| 200 scoped_refptr<HttpNetworkSession> session( |
| 201 new HttpNetworkSession(session_params_)); |
| 202 scoped_ptr<HttpNetworkTransaction> trans( |
| 203 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); |
| 204 |
| 205 TestCompletionCallback callback; |
| 206 // This will consume |ssl_data1| and |ssl_data2|. |
| 207 int rv = callback.GetResult( |
| 208 trans->Start(GetRequestInfo("https://www.paypal.com/"), |
| 209 callback.callback(), BoundNetLog())); |
| 210 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); |
| 211 |
| 212 SocketDataProviderArray<SocketDataProvider>& mock_data = |
| 213 mock_socket_factory_.mock_data(); |
| 214 // Confirms that both |ssl_data1| and |ssl_data2| are consumed. |
| 215 EXPECT_EQ(2u, mock_data.next_index()); |
| 216 |
| 217 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); |
| 218 // |version_max| fallbacks to SSL 3.0. |
| 219 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max); |
| 220 EXPECT_TRUE(ssl_config.version_fallback); |
| 221 } |
| 222 |
| 223 } // namespace net |
| 224 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14125003:
Do not roll back to SSL 3.0 for Google properties. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master