| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/ssl/ssl_client_session_cache_openssl.h" | |
| 6 | |
| 7 #include <openssl/ssl.h> | |
| 8 | |
| 9 #include "base/memory/ptr_util.h" | |
| 10 #include "base/strings/string_number_conversions.h" | |
| 11 #include "base/test/simple_test_clock.h" | |
| 12 #include "net/ssl/scoped_openssl_types.h" | |
| 13 #include "testing/gtest/include/gtest/gtest.h" | |
| 14 | |
| 15 namespace net { | |
| 16 | |
| 17 // Test basic insertion and lookup operations. | |
| 18 TEST(SSLClientSessionCacheOpenSSLTest, Basic) { | |
| 19 SSLClientSessionCacheOpenSSL::Config config; | |
| 20 SSLClientSessionCacheOpenSSL cache(config); | |
| 21 | |
| 22 ScopedSSL_SESSION session1(SSL_SESSION_new()); | |
| 23 ScopedSSL_SESSION session2(SSL_SESSION_new()); | |
| 24 ScopedSSL_SESSION session3(SSL_SESSION_new()); | |
| 25 EXPECT_EQ(1u, session1->references); | |
| 26 EXPECT_EQ(1u, session2->references); | |
| 27 EXPECT_EQ(1u, session3->references); | |
| 28 | |
| 29 EXPECT_EQ(nullptr, cache.Lookup("key1").get()); | |
| 30 EXPECT_EQ(nullptr, cache.Lookup("key2").get()); | |
| 31 EXPECT_EQ(0u, cache.size()); | |
| 32 | |
| 33 cache.Insert("key1", session1.get()); | |
| 34 EXPECT_EQ(session1.get(), cache.Lookup("key1").get()); | |
| 35 EXPECT_EQ(nullptr, cache.Lookup("key2").get()); | |
| 36 EXPECT_EQ(1u, cache.size()); | |
| 37 | |
| 38 cache.Insert("key2", session2.get()); | |
| 39 EXPECT_EQ(session1.get(), cache.Lookup("key1").get()); | |
| 40 EXPECT_EQ(session2.get(), cache.Lookup("key2").get()); | |
| 41 EXPECT_EQ(2u, cache.size()); | |
| 42 | |
| 43 EXPECT_EQ(2u, session1->references); | |
| 44 EXPECT_EQ(2u, session2->references); | |
| 45 | |
| 46 cache.Insert("key1", session3.get()); | |
| 47 EXPECT_EQ(session3.get(), cache.Lookup("key1").get()); | |
| 48 EXPECT_EQ(session2.get(), cache.Lookup("key2").get()); | |
| 49 EXPECT_EQ(2u, cache.size()); | |
| 50 | |
| 51 EXPECT_EQ(1u, session1->references); | |
| 52 EXPECT_EQ(2u, session2->references); | |
| 53 EXPECT_EQ(2u, session3->references); | |
| 54 | |
| 55 cache.Flush(); | |
| 56 EXPECT_EQ(nullptr, cache.Lookup("key1").get()); | |
| 57 EXPECT_EQ(nullptr, cache.Lookup("key2").get()); | |
| 58 EXPECT_EQ(nullptr, cache.Lookup("key3").get()); | |
| 59 EXPECT_EQ(0u, cache.size()); | |
| 60 | |
| 61 EXPECT_EQ(1u, session1->references); | |
| 62 EXPECT_EQ(1u, session2->references); | |
| 63 EXPECT_EQ(1u, session3->references); | |
| 64 } | |
| 65 | |
| 66 // Test that a session may be inserted at two different keys. This should never | |
| 67 // be necessary, but the API doesn't prohibit it. | |
| 68 TEST(SSLClientSessionCacheOpenSSLTest, DoubleInsert) { | |
| 69 SSLClientSessionCacheOpenSSL::Config config; | |
| 70 SSLClientSessionCacheOpenSSL cache(config); | |
| 71 | |
| 72 ScopedSSL_SESSION session(SSL_SESSION_new()); | |
| 73 EXPECT_EQ(1u, session->references); | |
| 74 | |
| 75 EXPECT_EQ(nullptr, cache.Lookup("key1").get()); | |
| 76 EXPECT_EQ(nullptr, cache.Lookup("key2").get()); | |
| 77 EXPECT_EQ(0u, cache.size()); | |
| 78 | |
| 79 cache.Insert("key1", session.get()); | |
| 80 EXPECT_EQ(session.get(), cache.Lookup("key1").get()); | |
| 81 EXPECT_EQ(nullptr, cache.Lookup("key2").get()); | |
| 82 EXPECT_EQ(1u, cache.size()); | |
| 83 | |
| 84 EXPECT_EQ(2u, session->references); | |
| 85 | |
| 86 cache.Insert("key2", session.get()); | |
| 87 EXPECT_EQ(session.get(), cache.Lookup("key1").get()); | |
| 88 EXPECT_EQ(session.get(), cache.Lookup("key2").get()); | |
| 89 EXPECT_EQ(2u, cache.size()); | |
| 90 | |
| 91 EXPECT_EQ(3u, session->references); | |
| 92 | |
| 93 cache.Flush(); | |
| 94 EXPECT_EQ(nullptr, cache.Lookup("key1").get()); | |
| 95 EXPECT_EQ(nullptr, cache.Lookup("key2").get()); | |
| 96 EXPECT_EQ(0u, cache.size()); | |
| 97 | |
| 98 EXPECT_EQ(1u, session->references); | |
| 99 } | |
| 100 | |
| 101 // Tests that the session cache's size is correctly bounded. | |
| 102 TEST(SSLClientSessionCacheOpenSSLTest, MaxEntries) { | |
| 103 SSLClientSessionCacheOpenSSL::Config config; | |
| 104 config.max_entries = 3; | |
| 105 SSLClientSessionCacheOpenSSL cache(config); | |
| 106 | |
| 107 ScopedSSL_SESSION session1(SSL_SESSION_new()); | |
| 108 ScopedSSL_SESSION session2(SSL_SESSION_new()); | |
| 109 ScopedSSL_SESSION session3(SSL_SESSION_new()); | |
| 110 ScopedSSL_SESSION session4(SSL_SESSION_new()); | |
| 111 | |
| 112 // Insert three entries. | |
| 113 cache.Insert("key1", session1.get()); | |
| 114 cache.Insert("key2", session2.get()); | |
| 115 cache.Insert("key3", session3.get()); | |
| 116 EXPECT_EQ(session1.get(), cache.Lookup("key1").get()); | |
| 117 EXPECT_EQ(session2.get(), cache.Lookup("key2").get()); | |
| 118 EXPECT_EQ(session3.get(), cache.Lookup("key3").get()); | |
| 119 EXPECT_EQ(3u, cache.size()); | |
| 120 | |
| 121 // On insertion of a fourth, the first is removed. | |
| 122 cache.Insert("key4", session4.get()); | |
| 123 EXPECT_EQ(nullptr, cache.Lookup("key1").get()); | |
| 124 EXPECT_EQ(session4.get(), cache.Lookup("key4").get()); | |
| 125 EXPECT_EQ(session3.get(), cache.Lookup("key3").get()); | |
| 126 EXPECT_EQ(session2.get(), cache.Lookup("key2").get()); | |
| 127 EXPECT_EQ(3u, cache.size()); | |
| 128 | |
| 129 // Despite being newest, the next to be removed is session4 as it was accessed | |
| 130 // least. recently. | |
| 131 cache.Insert("key1", session1.get()); | |
| 132 EXPECT_EQ(session1.get(), cache.Lookup("key1").get()); | |
| 133 EXPECT_EQ(session2.get(), cache.Lookup("key2").get()); | |
| 134 EXPECT_EQ(session3.get(), cache.Lookup("key3").get()); | |
| 135 EXPECT_EQ(nullptr, cache.Lookup("key4").get()); | |
| 136 EXPECT_EQ(3u, cache.size()); | |
| 137 } | |
| 138 | |
| 139 // Tests that session expiration works properly. | |
| 140 TEST(SSLClientSessionCacheOpenSSLTest, Expiration) { | |
| 141 const size_t kNumEntries = 20; | |
| 142 const size_t kExpirationCheckCount = 10; | |
| 143 const base::TimeDelta kTimeout = base::TimeDelta::FromSeconds(1000); | |
| 144 | |
| 145 SSLClientSessionCacheOpenSSL::Config config; | |
| 146 config.expiration_check_count = kExpirationCheckCount; | |
| 147 config.timeout = kTimeout; | |
| 148 SSLClientSessionCacheOpenSSL cache(config); | |
| 149 base::SimpleTestClock* clock = new base::SimpleTestClock; | |
| 150 cache.SetClockForTesting(base::WrapUnique(clock)); | |
| 151 | |
| 152 // Add |kNumEntries - 1| entries. | |
| 153 for (size_t i = 0; i < kNumEntries - 1; i++) { | |
| 154 ScopedSSL_SESSION session(SSL_SESSION_new()); | |
| 155 cache.Insert(base::SizeTToString(i), session.get()); | |
| 156 } | |
| 157 EXPECT_EQ(kNumEntries - 1, cache.size()); | |
| 158 | |
| 159 // Expire all the previous entries and insert one more entry. | |
| 160 clock->Advance(kTimeout * 2); | |
| 161 ScopedSSL_SESSION session(SSL_SESSION_new()); | |
| 162 cache.Insert("key", session.get()); | |
| 163 | |
| 164 // All entries are still in the cache. | |
| 165 EXPECT_EQ(kNumEntries, cache.size()); | |
| 166 | |
| 167 // Perform one fewer lookup than needed to trigger the expiration check. This | |
| 168 // shall not expire any session. | |
| 169 for (size_t i = 0; i < kExpirationCheckCount - 1; i++) | |
| 170 cache.Lookup("key"); | |
| 171 | |
| 172 // All entries are still in the cache. | |
| 173 EXPECT_EQ(kNumEntries, cache.size()); | |
| 174 | |
| 175 // Perform one more lookup. This will expire all sessions but the last one. | |
| 176 cache.Lookup("key"); | |
| 177 EXPECT_EQ(1u, cache.size()); | |
| 178 EXPECT_EQ(session.get(), cache.Lookup("key").get()); | |
| 179 for (size_t i = 0; i < kNumEntries - 1; i++) { | |
| 180 SCOPED_TRACE(i); | |
| 181 EXPECT_EQ(nullptr, cache.Lookup(base::SizeTToString(i))); | |
| 182 } | |
| 183 } | |
| 184 | |
| 185 // Tests that Lookup performs an expiration check before returning a cached | |
| 186 // session. | |
| 187 TEST(SSLClientSessionCacheOpenSSLTest, LookupExpirationCheck) { | |
| 188 // kExpirationCheckCount is set to a suitably large number so the automated | |
| 189 // pruning never triggers. | |
| 190 const size_t kExpirationCheckCount = 1000; | |
| 191 const base::TimeDelta kTimeout = base::TimeDelta::FromSeconds(1000); | |
| 192 | |
| 193 SSLClientSessionCacheOpenSSL::Config config; | |
| 194 config.expiration_check_count = kExpirationCheckCount; | |
| 195 config.timeout = kTimeout; | |
| 196 SSLClientSessionCacheOpenSSL cache(config); | |
| 197 base::SimpleTestClock* clock = new base::SimpleTestClock; | |
| 198 cache.SetClockForTesting(base::WrapUnique(clock)); | |
| 199 | |
| 200 // Insert an entry into the session cache. | |
| 201 ScopedSSL_SESSION session(SSL_SESSION_new()); | |
| 202 cache.Insert("key", session.get()); | |
| 203 EXPECT_EQ(session.get(), cache.Lookup("key").get()); | |
| 204 EXPECT_EQ(1u, cache.size()); | |
| 205 | |
| 206 // Expire the session. | |
| 207 clock->Advance(kTimeout * 2); | |
| 208 | |
| 209 // The entry has not been removed yet. | |
| 210 EXPECT_EQ(1u, cache.size()); | |
| 211 | |
| 212 // But it will not be returned on lookup and gets pruned at that point. | |
| 213 EXPECT_EQ(nullptr, cache.Lookup("key").get()); | |
| 214 EXPECT_EQ(0u, cache.size()); | |
| 215 | |
| 216 // Sessions also are treated as expired if the clock rewinds. | |
| 217 cache.Insert("key", session.get()); | |
| 218 EXPECT_EQ(session.get(), cache.Lookup("key").get()); | |
| 219 EXPECT_EQ(1u, cache.size()); | |
| 220 | |
| 221 clock->Advance(-kTimeout * 2); | |
| 222 | |
| 223 EXPECT_EQ(nullptr, cache.Lookup("key").get()); | |
| 224 EXPECT_EQ(0u, cache.size()); | |
| 225 } | |
| 226 | |
| 227 } // namespace net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1921563003:
Renaming _openssl files to _impl (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master