| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <cstdint> | 6 #include <cstdint> |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <ostream> | 8 #include <ostream> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 84 QuicVersionVector supported_versions; | 84 QuicVersionVector supported_versions; |
| 85 }; | 85 }; |
| 86 | 86 |
| 87 // Constructs various test permutations. | 87 // Constructs various test permutations. |
| 88 vector<TestParams> GetTestParams() { | 88 vector<TestParams> GetTestParams() { |
| 89 vector<TestParams> params; | 89 vector<TestParams> params; |
| 90 static const bool kTrueFalse[] = {true, false}; | 90 static const bool kTrueFalse[] = {true, false}; |
| 91 for (bool enable_stateless_rejects : kTrueFalse) { | 91 for (bool enable_stateless_rejects : kTrueFalse) { |
| 92 for (bool use_stateless_rejects : kTrueFalse) { | 92 for (bool use_stateless_rejects : kTrueFalse) { |
| 93 // Start with all versions, remove highest on each iteration. | 93 // Start with all versions, remove highest on each iteration. |
| 94 QuicVersionVector supported_versions = QuicSupportedVersions(); | 94 QuicVersionVector supported_versions = AllSupportedVersions(); |
| 95 while (!supported_versions.empty()) { | 95 while (!supported_versions.empty()) { |
| 96 params.push_back(TestParams(enable_stateless_rejects, | 96 params.push_back(TestParams(enable_stateless_rejects, |
| 97 use_stateless_rejects, supported_versions)); | 97 use_stateless_rejects, supported_versions)); |
| 98 supported_versions.erase(supported_versions.begin()); | 98 supported_versions.erase(supported_versions.begin()); |
| 99 } | 99 } |
| 100 } | 100 } |
| 101 } | 101 } |
| 102 return params; | 102 return params; |
| 103 } | 103 } |
| 104 | 104 |
| 105 class CryptoServerTest : public ::testing::TestWithParam<TestParams> { | 105 class CryptoServerTest : public ::testing::TestWithParam<TestParams> { |
| 106 public: | 106 public: |
| 107 CryptoServerTest() | 107 CryptoServerTest() |
| 108 : rand_(QuicRandom::GetInstance()), | 108 : rand_(QuicRandom::GetInstance()), |
| 109 client_address_(Loopback4(), 1234), | 109 client_address_(Loopback4(), 1234), |
| 110 config_(QuicCryptoServerConfig::TESTING, | 110 config_(QuicCryptoServerConfig::TESTING, |
| 111 rand_, | 111 rand_, |
| 112 CryptoTestUtils::ProofSourceForTesting()), | 112 CryptoTestUtils::ProofSourceForTesting()), |
| 113 compressed_certs_cache_( | 113 compressed_certs_cache_( |
| 114 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize) { | 114 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize), |
| 115 chlo_packet_size_(kDefaultMaxPacketSize) { |
| 115 supported_versions_ = GetParam().supported_versions; | 116 supported_versions_ = GetParam().supported_versions; |
| 116 config_.set_enable_serving_sct(true); | 117 config_.set_enable_serving_sct(true); |
| 117 | 118 |
| 118 client_version_ = supported_versions_.front(); | 119 client_version_ = supported_versions_.front(); |
| 119 client_version_string_ = | 120 client_version_string_ = |
| 120 QuicUtils::TagToString(QuicVersionToQuicTag(client_version_)); | 121 QuicUtils::TagToString(QuicVersionToQuicTag(client_version_)); |
| 121 | 122 |
| 122 FLAGS_quic_require_handshake_confirmation_pre33 = false; | 123 FLAGS_quic_require_handshake_confirmation_pre33 = false; |
| 123 FLAGS_enable_quic_stateless_reject_support = | 124 FLAGS_enable_quic_stateless_reject_support = |
| 124 GetParam().enable_stateless_rejects; | 125 GetParam().enable_stateless_rejects; |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 275 const char* error_substr) { | 276 const char* error_substr) { |
| 276 IPAddress server_ip; | 277 IPAddress server_ip; |
| 277 DiversificationNonce diversification_nonce; | 278 DiversificationNonce diversification_nonce; |
| 278 string error_details; | 279 string error_details; |
| 279 QuicConnectionId server_designated_connection_id = | 280 QuicConnectionId server_designated_connection_id = |
| 280 rand_for_id_generation_.RandUint64(); | 281 rand_for_id_generation_.RandUint64(); |
| 281 QuicErrorCode error = config_.ProcessClientHello( | 282 QuicErrorCode error = config_.ProcessClientHello( |
| 282 result, /*reject_only=*/false, /*connection_id=*/1, server_ip, | 283 result, /*reject_only=*/false, /*connection_id=*/1, server_ip, |
| 283 client_address_, supported_versions_.front(), supported_versions_, | 284 client_address_, supported_versions_.front(), supported_versions_, |
| 284 use_stateless_rejects_, server_designated_connection_id, &clock_, rand_, | 285 use_stateless_rejects_, server_designated_connection_id, &clock_, rand_, |
| 285 &compressed_certs_cache_, ¶ms_, &crypto_proof_, &out_, | 286 &compressed_certs_cache_, ¶ms_, &crypto_proof_, |
| 287 /*total_framing_overhead=*/50, chlo_packet_size_, &out_, |
| 286 &diversification_nonce, &error_details); | 288 &diversification_nonce, &error_details); |
| 287 | 289 |
| 288 if (should_succeed) { | 290 if (should_succeed) { |
| 289 ASSERT_EQ(error, QUIC_NO_ERROR) << "Message failed with error " | 291 ASSERT_EQ(error, QUIC_NO_ERROR) << "Message failed with error " |
| 290 << error_details << ": " | 292 << error_details << ": " |
| 291 << message.DebugString(); | 293 << message.DebugString(); |
| 292 } else { | 294 } else { |
| 293 ASSERT_NE(error, QUIC_NO_ERROR) << "Message didn't fail: " | 295 ASSERT_NE(error, QUIC_NO_ERROR) << "Message didn't fail: " |
| 294 << message.DebugString(); | 296 << message.DebugString(); |
| 295 | 297 |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 368 QuicVersion client_version_; | 370 QuicVersion client_version_; |
| 369 string client_version_string_; | 371 string client_version_string_; |
| 370 QuicCryptoServerConfig config_; | 372 QuicCryptoServerConfig config_; |
| 371 QuicCompressedCertsCache compressed_certs_cache_; | 373 QuicCompressedCertsCache compressed_certs_cache_; |
| 372 QuicCryptoServerConfig::ConfigOptions config_options_; | 374 QuicCryptoServerConfig::ConfigOptions config_options_; |
| 373 QuicCryptoNegotiatedParameters params_; | 375 QuicCryptoNegotiatedParameters params_; |
| 374 QuicCryptoProof crypto_proof_; | 376 QuicCryptoProof crypto_proof_; |
| 375 CryptoHandshakeMessage out_; | 377 CryptoHandshakeMessage out_; |
| 376 uint8_t orbit_[kOrbitSize]; | 378 uint8_t orbit_[kOrbitSize]; |
| 377 bool use_stateless_rejects_; | 379 bool use_stateless_rejects_; |
| 380 size_t chlo_packet_size_; |
| 378 | 381 |
| 379 // These strings contain hex escaped values from the server suitable for using | 382 // These strings contain hex escaped values from the server suitable for using |
| 380 // when constructing client hello messages. | 383 // when constructing client hello messages. |
| 381 string nonce_hex_, pub_hex_, srct_hex_, scid_hex_; | 384 string nonce_hex_, pub_hex_, srct_hex_, scid_hex_; |
| 382 std::unique_ptr<CryptoHandshakeMessage> server_config_; | 385 std::unique_ptr<CryptoHandshakeMessage> server_config_; |
| 383 }; | 386 }; |
| 384 | 387 |
| 385 INSTANTIATE_TEST_CASE_P(CryptoServerTests, | 388 INSTANTIATE_TEST_CASE_P(CryptoServerTests, |
| 386 CryptoServerTest, | 389 CryptoServerTest, |
| 387 ::testing::ValuesIn(GetTestParams())); | 390 ::testing::ValuesIn(GetTestParams())); |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 468 ShouldSucceed(msg); | 471 ShouldSucceed(msg); |
| 469 StringPiece cert, proof, cert_sct; | 472 StringPiece cert, proof, cert_sct; |
| 470 EXPECT_FALSE(out_.GetStringPiece(kCertificateTag, &cert)); | 473 EXPECT_FALSE(out_.GetStringPiece(kCertificateTag, &cert)); |
| 471 EXPECT_FALSE(out_.GetStringPiece(kPROF, &proof)); | 474 EXPECT_FALSE(out_.GetStringPiece(kPROF, &proof)); |
| 472 EXPECT_FALSE(out_.GetStringPiece(kCertificateSCTTag, &cert_sct)); | 475 EXPECT_FALSE(out_.GetStringPiece(kCertificateSCTTag, &cert_sct)); |
| 473 const HandshakeFailureReason kRejectReasons[] = { | 476 const HandshakeFailureReason kRejectReasons[] = { |
| 474 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 477 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 475 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 478 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 476 } | 479 } |
| 477 | 480 |
| 481 TEST_P(CryptoServerTest, RejectNotTooLarge) { |
| 482 FLAGS_quic_use_chlo_packet_size = true; |
| 483 // When the CHLO packet is large enough, ensure that a full REJ is sent. |
| 484 chlo_packet_size_ *= 2; |
| 485 |
| 486 // clang-format off |
| 487 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 488 "CHLO", |
| 489 "PDMD", "X509", |
| 490 "AEAD", "AESG", |
| 491 "KEXS", "C255", |
| 492 "PUBS", pub_hex_.c_str(), |
| 493 "NONC", nonce_hex_.c_str(), |
| 494 "PDMD", "X509", |
| 495 "VER\0", client_version_string_.c_str(), |
| 496 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 497 nullptr); |
| 498 // clang-format on |
| 499 |
| 500 // The REJ will be larger than the CHLO so no PROF or CRT will be sent. |
| 501 config_.set_chlo_multiplier(1); |
| 502 |
| 503 ShouldSucceed(msg); |
| 504 StringPiece cert, proof, cert_sct; |
| 505 EXPECT_TRUE(out_.GetStringPiece(kCertificateTag, &cert)); |
| 506 EXPECT_TRUE(out_.GetStringPiece(kPROF, &proof)); |
| 507 EXPECT_TRUE(out_.GetStringPiece(kCertificateSCTTag, &cert_sct)); |
| 508 const HandshakeFailureReason kRejectReasons[] = { |
| 509 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 510 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 511 } |
| 512 |
| 478 TEST_P(CryptoServerTest, RejectTooLargeButValidSTK) { | 513 TEST_P(CryptoServerTest, RejectTooLargeButValidSTK) { |
| 479 // Check that the server replies with no certificate when a CHLO is | 514 // Check that the server replies with no certificate when a CHLO is |
| 480 // constructed with a PDMD but no SKT when the REJ would be too large. | 515 // constructed with a PDMD but no SKT when the REJ would be too large. |
| 481 // clang-format off | 516 // clang-format off |
| 482 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 517 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 483 "CHLO", | 518 "CHLO", |
| 484 "PDMD", "X509", | 519 "PDMD", "X509", |
| 485 "AEAD", "AESG", | 520 "AEAD", "AESG", |
| 486 "KEXS", "C255", | 521 "KEXS", "C255", |
| 487 "PUBS", pub_hex_.c_str(), | 522 "PUBS", pub_hex_.c_str(), |
| (...skipping 720 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1208 EXPECT_EQ(0, strike_register_client_->PendingVerifications()); | 1243 EXPECT_EQ(0, strike_register_client_->PendingVerifications()); |
| 1209 } else { | 1244 } else { |
| 1210 // version 33. | 1245 // version 33. |
| 1211 ASSERT_EQ(kSHLO, out_.tag()); | 1246 ASSERT_EQ(kSHLO, out_.tag()); |
| 1212 CheckServerHello(out_); | 1247 CheckServerHello(out_); |
| 1213 } | 1248 } |
| 1214 } | 1249 } |
| 1215 | 1250 |
| 1216 } // namespace test | 1251 } // namespace test |
| 1217 } // namespace net | 1252 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2236973002:
Landing Recent QUIC changes until 4AM, Aug 7, 2016 UTC-4 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master