Add UMA metric for Expect CT failure

chrome/browser/ssl/chrome_expect_ct_reporter_unittest.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h"
 
 #include <string>
 
 #include "base/base64.h"
 #include "base/command_line.h"
 #include "base/feature_list.h"
 #include "base/json/json_reader.h"
+#include "base/run_loop.h"
+#include "base/test/histogram_tester.h"
 #include "base/values.h"
 #include "chrome/common/chrome_features.h"
+#include "content/public/test/test_browser_thread_bundle.h"
 #include "net/base/test_data_directory.h"
 #include "net/ssl/signed_certificate_timestamp_and_status.h"
 #include "net/test/cert_test_util.h"
+#include "net/test/url_request/url_request_failed_job.h"
 #include "net/url_request/certificate_report_sender.h"
+#include "net/url_request/url_request_filter.h"
 #include "net/url_request/url_request_test_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "url/gurl.h"
 
 namespace {
 
 // A test CertificateReportSender that exposes the latest report URI and
 // serialized report to be sent.
 class TestCertificateReportSender : public net::CertificateReportSender {
  public:
@@ skipping 214 matching lines @@
   const base::ListValue* report_invalid_scts = nullptr;
   ASSERT_TRUE(report_dict->GetList("invalid-scts", &report_invalid_scts));
   const base::ListValue* report_valid_scts = nullptr;
   ASSERT_TRUE(report_dict->GetList("valid-scts", &report_valid_scts));
 
   ASSERT_NO_FATAL_FAILURE(CheckReportSCTs(
       ssl_info.signed_certificate_timestamps, *report_unknown_scts,
       *report_invalid_scts, *report_valid_scts));
 }
 
+// A test network delegate that allows the user to specify a callback to
+// be run whenever a net::URLRequest is destroyed.
+class TestExpectCTNetworkDelegate : public net::NetworkDelegateImpl {

[meacer, 2016/04/07 18:12:11]

Seems like this should derive from net::NetworkDelegate instead.

[estark, 2016/04/07 18:25:12]

Hmm, I don't think so. I don't quite understand why they are separate, but
NetworkDelegateImpl has lots of subclasses outside of //net (including
ChromeNetworkDelegate) and NetworkDelegate has none.

[meacer, 2016/04/07 18:32:29]

Ok never mind. Looks like NetworkDelegateImpl is just providing default
implementations for NetworkDelegate. 

+ public:
+  TestExpectCTNetworkDelegate()
+      : url_request_destroyed_callback_(base::Bind(&base::DoNothing)) {}
+
+  void set_url_request_destroyed_callback(const base::Closure& callback) {
+    url_request_destroyed_callback_ = callback;
+  }
+
+  // net::NetworkDelegateImpl:
+  void OnURLRequestDestroyed(net::URLRequest* request) override {
+    url_request_destroyed_callback_.Run();
+  }
+
+ private:
+  base::Closure url_request_destroyed_callback_;
+
+  DISALLOW_COPY_AND_ASSIGN(TestExpectCTNetworkDelegate);
+};
+
+// A test fixture that allows tests to send a report and wait until the
+// net::URLRequest that sent the report is destroyed.
+class ChromeExpectCTReporterWaitTest : public ::testing::Test {
+ public:
+  ChromeExpectCTReporterWaitTest()
+      : context_(true),
+        thread_bundle_(content::TestBrowserThreadBundle::IO_MAINLOOP) {
+    context_.set_network_delegate(&network_delegate_);
+    context_.Init();
+  }
+
+  void SetUp() override { net::URLRequestFailedJob::AddUrlHandler(); }
+
+  void TearDown() override {
+    net::URLRequestFilter::GetInstance()->ClearHandlers();
+  }
+
+  net::TestURLRequestContext* context() { return &context_; }
+
+ protected:
+  void SendReport(ChromeExpectCTReporter* reporter,
+                  const net::HostPortPair& host_port,
+                  const GURL& report_uri,
+                  const net::SSLInfo& ssl_info) {
+    base::RunLoop run_loop;
+    network_delegate_.set_url_request_destroyed_callback(
+        run_loop.QuitClosure());
+    reporter->OnExpectCTFailed(host_port, report_uri, ssl_info);
+    run_loop.Run();
+  }
+
+ private:
+  TestExpectCTNetworkDelegate network_delegate_;
+  net::TestURLRequestContext context_;
+  content::TestBrowserThreadBundle thread_bundle_;

[meacer, 2016/04/07 18:12:11]

DISALLOW_COPY_AND_ASSIGN

[estark, 2016/04/07 18:25:12]

Done.

+};
+
 void EnableFeature() {
   base::FeatureList::ClearInstanceForTesting();
   std::unique_ptr<base::FeatureList> feature_list(new base::FeatureList);
   feature_list->InitializeFromCommandLine(features::kExpectCTReporting.name,
                                           "");
   base::FeatureList::SetInstance(std::move(feature_list));
 }
 
 }  // namespace
 
@@ skipping 29 matching lines @@
   reporter.report_sender_.reset(sender);
   EXPECT_TRUE(sender->latest_report_uri().is_empty());
   EXPECT_TRUE(sender->latest_serialized_report().empty());
 
   reporter.OnExpectCTFailed(net::HostPortPair("example.test", 443), GURL(),
                             net::SSLInfo());
   EXPECT_TRUE(sender->latest_report_uri().is_empty());
   EXPECT_TRUE(sender->latest_serialized_report().empty());
 }
 
+// Test that if a report fails to send, the UMA metric is recorded.
+TEST_F(ChromeExpectCTReporterWaitTest, SendReportFailure) {
+  EnableFeature();
+  base::HistogramTester histograms;
+  const std::string histogram_name = "SSL.ExpectCTReportFailure";
+  histograms.ExpectTotalCount(histogram_name, 0);
+
+  ChromeExpectCTReporter reporter(context());
+
+  net::SSLInfo ssl_info;
+  ssl_info.cert =
+      net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
+  ssl_info.unverified_cert = net::ImportCertFromFile(
+      net::GetTestCertsDirectory(), "localhost_cert.pem");
+
+  net::HostPortPair host_port("example.test", 443);
+  GURL report_uri(
+      net::URLRequestFailedJob::GetMockHttpUrl(net::ERR_CONNECTION_FAILED));
+
+  SendReport(&reporter, host_port, report_uri, ssl_info);
+
+  histograms.ExpectTotalCount(histogram_name, 1);
+  histograms.ExpectBucketCount(histogram_name, net::ERR_CONNECTION_FAILED, 1);
+}
+
 // Test that a sent report has the right format.
 TEST(ChromeExpectCTReporterTest, SendReport) {
   EnableFeature();
   TestCertificateReportSender* sender = new TestCertificateReportSender();
   net::TestURLRequestContext context;
   ChromeExpectCTReporter reporter(&context);
   reporter.report_sender_.reset(sender);
   EXPECT_TRUE(sender->latest_report_uri().is_empty());
   EXPECT_TRUE(sender->latest_serialized_report().empty());
 
@@ skipping 38 matching lines @@
   net::HostPortPair host_port("example.test", 443);
   GURL report_uri("http://example-report.test");
 
   // Check that the report is sent and contains the correct information.
   reporter.OnExpectCTFailed(host_port, report_uri, ssl_info);
   EXPECT_EQ(report_uri, sender->latest_report_uri());
   EXPECT_FALSE(sender->latest_serialized_report().empty());
   ASSERT_NO_FATAL_FAILURE(CheckExpectCTReport(
       sender->latest_serialized_report(), host_port, ssl_info));
 }