| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 2021 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2032 | 2032 |
| 2033 // Verifies that SSLClientSocket::ClearSessionCache can be called without | 2033 // Verifies that SSLClientSocket::ClearSessionCache can be called without |
| 2034 // explicit NSS initialization. | 2034 // explicit NSS initialization. |
| 2035 TEST(SSLClientSocket, ClearSessionCache) { | 2035 TEST(SSLClientSocket, ClearSessionCache) { |
| 2036 SSLClientSocket::ClearSessionCache(); | 2036 SSLClientSocket::ClearSessionCache(); |
| 2037 } | 2037 } |
| 2038 | 2038 |
| 2039 TEST(SSLClientSocket, SerializeNextProtos) { | 2039 TEST(SSLClientSocket, SerializeNextProtos) { |
| 2040 NextProtoVector next_protos; | 2040 NextProtoVector next_protos; |
| 2041 next_protos.push_back(kProtoHTTP11); | 2041 next_protos.push_back(kProtoHTTP11); |
| 2042 next_protos.push_back(kProtoSPDY31); | 2042 next_protos.push_back(kProtoHTTP2); |
| 2043 static std::vector<uint8_t> serialized = | 2043 static std::vector<uint8_t> serialized = |
| 2044 SSLClientSocket::SerializeNextProtos(next_protos); | 2044 SSLClientSocket::SerializeNextProtos(next_protos); |
| 2045 ASSERT_EQ(18u, serialized.size()); | 2045 ASSERT_EQ(12u, serialized.size()); |
| 2046 EXPECT_EQ(8, serialized[0]); // length("http/1.1") | 2046 EXPECT_EQ(8, serialized[0]); // length("http/1.1") |
| 2047 EXPECT_EQ('h', serialized[1]); | 2047 EXPECT_EQ('h', serialized[1]); |
| 2048 EXPECT_EQ('t', serialized[2]); | 2048 EXPECT_EQ('t', serialized[2]); |
| 2049 EXPECT_EQ('t', serialized[3]); | 2049 EXPECT_EQ('t', serialized[3]); |
| 2050 EXPECT_EQ('p', serialized[4]); | 2050 EXPECT_EQ('p', serialized[4]); |
| 2051 EXPECT_EQ('/', serialized[5]); | 2051 EXPECT_EQ('/', serialized[5]); |
| 2052 EXPECT_EQ('1', serialized[6]); | 2052 EXPECT_EQ('1', serialized[6]); |
| 2053 EXPECT_EQ('.', serialized[7]); | 2053 EXPECT_EQ('.', serialized[7]); |
| 2054 EXPECT_EQ('1', serialized[8]); | 2054 EXPECT_EQ('1', serialized[8]); |
| 2055 EXPECT_EQ(8, serialized[9]); // length("spdy/3.1") | 2055 EXPECT_EQ(2, serialized[9]); // length("h2") |
| 2056 EXPECT_EQ('s', serialized[10]); | 2056 EXPECT_EQ('h', serialized[10]); |
| 2057 EXPECT_EQ('p', serialized[11]); | 2057 EXPECT_EQ('2', serialized[11]); |
| 2058 EXPECT_EQ('d', serialized[12]); | |
| 2059 EXPECT_EQ('y', serialized[13]); | |
| 2060 EXPECT_EQ('/', serialized[14]); | |
| 2061 EXPECT_EQ('3', serialized[15]); | |
| 2062 EXPECT_EQ('.', serialized[16]); | |
| 2063 EXPECT_EQ('1', serialized[17]); | |
| 2064 } | 2058 } |
| 2065 | 2059 |
| 2066 // Test that the server certificates are properly retrieved from the underlying | 2060 // Test that the server certificates are properly retrieved from the underlying |
| 2067 // SSL stack. | 2061 // SSL stack. |
| 2068 TEST_F(SSLClientSocketTest, VerifyServerChainProperlyOrdered) { | 2062 TEST_F(SSLClientSocketTest, VerifyServerChainProperlyOrdered) { |
| 2069 // The connection does not have to be successful. | 2063 // The connection does not have to be successful. |
| 2070 cert_verifier_->set_default_result(ERR_CERT_INVALID); | 2064 cert_verifier_->set_default_result(ERR_CERT_INVALID); |
| 2071 | 2065 |
| 2072 // Set up a test server with CERT_CHAIN_WRONG_ROOT. | 2066 // Set up a test server with CERT_CHAIN_WRONG_ROOT. |
| 2073 // This makes the server present redundant-server-chain.pem, which contains | 2067 // This makes the server present redundant-server-chain.pem, which contains |
| (...skipping 1037 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3111 | 3105 |
| 3112 int rv; | 3106 int rv; |
| 3113 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); | 3107 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); |
| 3114 EXPECT_THAT(rv, IsOk()); | 3108 EXPECT_THAT(rv, IsOk()); |
| 3115 | 3109 |
| 3116 std::string proto; | 3110 std::string proto; |
| 3117 EXPECT_EQ(SSLClientSocket::kNextProtoNegotiated, sock_->GetNextProto(&proto)); | 3111 EXPECT_EQ(SSLClientSocket::kNextProtoNegotiated, sock_->GetNextProto(&proto)); |
| 3118 EXPECT_EQ("h2", proto); | 3112 EXPECT_EQ("h2", proto); |
| 3119 } | 3113 } |
| 3120 | 3114 |
| 3121 // In case of no overlap between client and server list, SSLClientSocket should | |
| 3122 // fall back to last one on the client list. | |
| 3123 TEST_F(SSLClientSocketTest, NPNNoOverlap) { | |
| 3124 SpawnedTestServer::SSLOptions server_options; | |
| 3125 server_options.npn_protocols.push_back(std::string("http/1.1")); | |
| 3126 ASSERT_TRUE(StartTestServer(server_options)); | |
| 3127 | |
| 3128 SSLConfig client_config; | |
| 3129 client_config.npn_protos.push_back(kProtoSPDY31); | |
| 3130 client_config.npn_protos.push_back(kProtoHTTP2); | |
| 3131 | |
| 3132 int rv; | |
| 3133 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); | |
| 3134 EXPECT_THAT(rv, IsOk()); | |
| 3135 | |
| 3136 std::string proto; | |
| 3137 EXPECT_EQ(SSLClientSocket::kNextProtoNoOverlap, sock_->GetNextProto(&proto)); | |
| 3138 EXPECT_EQ("h2", proto); | |
| 3139 } | |
| 3140 | |
| 3141 // Server preference should be respected. The list is in decreasing order of | |
| 3142 // preference. | |
| 3143 TEST_F(SSLClientSocketTest, NPNServerPreference) { | |
| 3144 SpawnedTestServer::SSLOptions server_options; | |
| 3145 server_options.npn_protocols.push_back(std::string("spdy/3.1")); | |
| 3146 server_options.npn_protocols.push_back(std::string("h2")); | |
| 3147 ASSERT_TRUE(StartTestServer(server_options)); | |
| 3148 | |
| 3149 SSLConfig client_config; | |
| 3150 client_config.npn_protos.push_back(kProtoHTTP2); | |
| 3151 client_config.npn_protos.push_back(kProtoSPDY31); | |
| 3152 | |
| 3153 int rv; | |
| 3154 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); | |
| 3155 EXPECT_THAT(rv, IsOk()); | |
| 3156 | |
| 3157 std::string proto; | |
| 3158 EXPECT_EQ(SSLClientSocket::kNextProtoNegotiated, sock_->GetNextProto(&proto)); | |
| 3159 EXPECT_EQ("spdy/3.1", proto); | |
| 3160 } | |
| 3161 | |
| 3162 // If npn_protos.empty(), then NPN should be disabled, even if | 3115 // If npn_protos.empty(), then NPN should be disabled, even if |
| 3163 // !alpn_protos.empty(). Tlslite does not support ALPN, therefore if NPN is | 3116 // !alpn_protos.empty(). Tlslite does not support ALPN, therefore if NPN is |
| 3164 // disabled in the client, no protocol should be negotiated. | 3117 // disabled in the client, no protocol should be negotiated. |
| 3165 TEST_F(SSLClientSocketTest, NPNClientDisabled) { | 3118 TEST_F(SSLClientSocketTest, NPNClientDisabled) { |
| 3166 SpawnedTestServer::SSLOptions server_options; | 3119 SpawnedTestServer::SSLOptions server_options; |
| 3167 server_options.npn_protocols.push_back(std::string("http/1.1")); | 3120 server_options.npn_protocols.push_back(std::string("http/1.1")); |
| 3168 ASSERT_TRUE(StartTestServer(server_options)); | 3121 ASSERT_TRUE(StartTestServer(server_options)); |
| 3169 | 3122 |
| 3170 SSLConfig client_config; | 3123 SSLConfig client_config; |
| 3171 client_config.alpn_protos.push_back(kProtoHTTP11); | 3124 client_config.alpn_protos.push_back(kProtoHTTP11); |
| (...skipping 293 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3465 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); | 3418 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); |
| 3466 | 3419 |
| 3467 EXPECT_THAT(rv, IsError(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN)); | 3420 EXPECT_THAT(rv, IsError(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN)); |
| 3468 EXPECT_TRUE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING); | 3421 EXPECT_TRUE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING); |
| 3469 EXPECT_TRUE(ssl_info.cert_status & | 3422 EXPECT_TRUE(ssl_info.cert_status & |
| 3470 CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED); | 3423 CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED); |
| 3471 EXPECT_TRUE(sock_->IsConnected()); | 3424 EXPECT_TRUE(sock_->IsConnected()); |
| 3472 } | 3425 } |
| 3473 | 3426 |
| 3474 } // namespace net | 3427 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2140673002:
Remove SPDY/3.1 tests. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master