| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 #include <utility> | 6 #include <utility> |
| 7 | 7 |
| 8 #include "base/memory/ptr_util.h" | 8 #include "base/memory/ptr_util.h" |
| 9 #include "build/build_config.h" | 9 #include "build/build_config.h" |
| 10 | 10 |
| (...skipping 6198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6209 request->Start(); | 6209 request->Start(); |
| 6210 base::RunLoop().Run(); | 6210 base::RunLoop().Run(); |
| 6211 | 6211 |
| 6212 TransportSecurityState* security_state = | 6212 TransportSecurityState* security_state = |
| 6213 default_context_.transport_security_state(); | 6213 default_context_.transport_security_state(); |
| 6214 TransportSecurityState::PKPState pkp_state; | 6214 TransportSecurityState::PKPState pkp_state; |
| 6215 EXPECT_FALSE( | 6215 EXPECT_FALSE( |
| 6216 security_state->GetDynamicPKPState(test_server_hostname, &pkp_state)); | 6216 security_state->GetDynamicPKPState(test_server_hostname, &pkp_state)); |
| 6217 } | 6217 } |
| 6218 | 6218 |
| 6219 TEST_F(URLRequestTestHTTP, PKPBypassRecorded) { |
| 6220 EmbeddedTestServer https_test_server(net::EmbeddedTestServer::TYPE_HTTPS); |
| 6221 https_test_server.SetSSLConfig( |
| 6222 net::EmbeddedTestServer::CERT_COMMON_NAME_IS_DOMAIN); |
| 6223 https_test_server.ServeFilesFromSourceDirectory( |
| 6224 base::FilePath(kTestFilePath)); |
| 6225 ASSERT_TRUE(https_test_server.Start()); |
| 6226 |
| 6227 // Set up a MockCertVerifier to be a local root that violates the pin |
| 6228 scoped_refptr<X509Certificate> cert = https_test_server.GetCertificate(); |
| 6229 ASSERT_TRUE(cert); |
| 6230 |
| 6231 MockCertVerifier cert_verifier; |
| 6232 CertVerifyResult verify_result; |
| 6233 verify_result.verified_cert = cert; |
| 6234 verify_result.is_issued_by_known_root = false; |
| 6235 HashValue hash; |
| 6236 ASSERT_TRUE( |
| 6237 hash.FromString("sha256/1111111111111111111111111111111111111111111=")); |
| 6238 verify_result.public_key_hashes.push_back(hash); |
| 6239 cert_verifier.AddResultForCert(cert.get(), verify_result, OK); |
| 6240 cert_verifier.set_default_result(OK); |
| 6241 |
| 6242 std::string test_server_hostname = https_test_server.GetURL("/").host(); |
| 6243 |
| 6244 // Set up HPKP |
| 6245 base::Time current_time = base::Time::Now(); |
| 6246 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(10000); |
| 6247 HashValue pin; |
| 6248 ASSERT_TRUE( |
| 6249 pin.FromString("sha256/2222222222222222222222222222222222222222222=")); |
| 6250 HashValueVector hashes; |
| 6251 hashes.push_back(pin); |
| 6252 GURL report_uri(kHPKPReportUri); |
| 6253 TransportSecurityState security_state; |
| 6254 security_state.AddHPKP(test_server_hostname, expiry, |
| 6255 false, /* include subdomains */ |
| 6256 hashes, report_uri); |
| 6257 |
| 6258 TestNetworkDelegate network_delegate; |
| 6259 TestURLRequestContext context(true); |
| 6260 context.set_transport_security_state(&security_state); |
| 6261 context.set_network_delegate(&network_delegate); |
| 6262 context.set_cert_verifier(&cert_verifier); |
| 6263 context.Init(); |
| 6264 |
| 6265 TestDelegate d; |
| 6266 std::unique_ptr<URLRequest> request(context.CreateRequest( |
| 6267 https_test_server.GetURL("/hpkp-headers.html"), DEFAULT_PRIORITY, &d)); |
| 6268 request->Start(); |
| 6269 base::RunLoop().Run(); |
| 6270 |
| 6271 TransportSecurityState::PKPState pkp_state; |
| 6272 EXPECT_TRUE( |
| 6273 security_state.GetDynamicPKPState(test_server_hostname, &pkp_state)); |
| 6274 EXPECT_TRUE(request->ssl_info().pkp_bypassed); |
| 6275 } |
| 6276 |
| 6219 TEST_F(URLRequestTestHTTP, ProcessSTSOnce) { | 6277 TEST_F(URLRequestTestHTTP, ProcessSTSOnce) { |
| 6220 EmbeddedTestServer https_test_server(net::EmbeddedTestServer::TYPE_HTTPS); | 6278 EmbeddedTestServer https_test_server(net::EmbeddedTestServer::TYPE_HTTPS); |
| 6221 https_test_server.SetSSLConfig( | 6279 https_test_server.SetSSLConfig( |
| 6222 net::EmbeddedTestServer::CERT_COMMON_NAME_IS_DOMAIN); | 6280 net::EmbeddedTestServer::CERT_COMMON_NAME_IS_DOMAIN); |
| 6223 https_test_server.ServeFilesFromSourceDirectory( | 6281 https_test_server.ServeFilesFromSourceDirectory( |
| 6224 base::FilePath(kTestFilePath)); | 6282 base::FilePath(kTestFilePath)); |
| 6225 ASSERT_TRUE(https_test_server.Start()); | 6283 ASSERT_TRUE(https_test_server.Start()); |
| 6226 | 6284 |
| 6227 std::string test_server_hostname = https_test_server.GetURL("/").host(); | 6285 std::string test_server_hostname = https_test_server.GetURL("/").host(); |
| 6228 | 6286 |
| (...skipping 3812 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 10041 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 10099 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
| 10042 | 10100 |
| 10043 req->Start(); | 10101 req->Start(); |
| 10044 req->Cancel(); | 10102 req->Cancel(); |
| 10045 base::RunLoop().RunUntilIdle(); | 10103 base::RunLoop().RunUntilIdle(); |
| 10046 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 10104 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
| 10047 EXPECT_EQ(0, d.received_redirect_count()); | 10105 EXPECT_EQ(0, d.received_redirect_count()); |
| 10048 } | 10106 } |
| 10049 | 10107 |
| 10050 } // namespace net | 10108 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2016143002:
Expose when PKP is bypassed in SSLInfo. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master