OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <string.h> | 8 #include <string.h> |
9 | 9 |
10 #include <openssl/bio.h> | 10 #include <openssl/bio.h> |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
42 #include "net/ssl/ssl_config_service.h" | 42 #include "net/ssl/ssl_config_service.h" |
43 #include "net/test/cert_test_util.h" | 43 #include "net/test/cert_test_util.h" |
44 #include "net/test/spawned_test_server/spawned_test_server.h" | 44 #include "net/test/spawned_test_server/spawned_test_server.h" |
45 #include "testing/gtest/include/gtest/gtest.h" | 45 #include "testing/gtest/include/gtest/gtest.h" |
46 #include "testing/platform_test.h" | 46 #include "testing/platform_test.h" |
47 | 47 |
48 namespace net { | 48 namespace net { |
49 | 49 |
50 namespace { | 50 namespace { |
51 | 51 |
52 // These client auth tests are currently dependent on OpenSSL's struct X509. | |
53 #if defined(USE_OPENSSL_CERTS) | |
52 typedef OpenSSLClientKeyStore::ScopedEVP_PKEY ScopedEVP_PKEY; | 54 typedef OpenSSLClientKeyStore::ScopedEVP_PKEY ScopedEVP_PKEY; |
53 | 55 |
54 // BIO_free is a macro, it can't be used as a template parameter. | 56 // BIO_free is a macro, it can't be used as a template parameter. |
55 void BIO_free_func(BIO* bio) { | 57 void BIO_free_func(BIO* bio) { |
56 BIO_free(bio); | 58 BIO_free(bio); |
57 } | 59 } |
58 | 60 |
59 typedef crypto::ScopedOpenSSL<BIO, BIO_free_func> ScopedBIO; | 61 typedef crypto::ScopedOpenSSL<BIO, BIO_free_func> ScopedBIO; |
60 typedef crypto::ScopedOpenSSL<RSA, RSA_free> ScopedRSA; | 62 typedef crypto::ScopedOpenSSL<RSA, RSA_free> ScopedRSA; |
61 typedef crypto::ScopedOpenSSL<BIGNUM, BN_free> ScopedBIGNUM; | 63 typedef crypto::ScopedOpenSSL<BIGNUM, BN_free> ScopedBIGNUM; |
62 | 64 |
63 const SSLConfig kDefaultSSLConfig; | 65 const SSLConfig kDefaultSSLConfig; |
64 | 66 |
65 // A ServerBoundCertStore that always returns an error when asked for a | 67 // A ServerBoundCertStore that always returns an error when asked for a |
66 // certificate. | 68 // certificate. |
67 class FailingServerBoundCertStore : public ServerBoundCertStore { | 69 class FailingServerBoundCertStore : public ServerBoundCertStore { |
wtc
2014/04/10 14:59:05
This class is used by the two ChannelID tests. We
haavardm
2014/04/10 15:16:12
Why are the channel id tests in the openssl layer?
wtc
2014/04/10 15:29:00
Channel ID was originally called origin-bound cert
| |
68 virtual int GetServerBoundCert(const std::string& server_identifier, | 70 virtual int GetServerBoundCert(const std::string& server_identifier, |
69 base::Time* expiration_time, | 71 base::Time* expiration_time, |
70 std::string* private_key_result, | 72 std::string* private_key_result, |
71 std::string* cert_result, | 73 std::string* cert_result, |
72 const GetCertCallback& callback) OVERRIDE { | 74 const GetCertCallback& callback) OVERRIDE { |
73 return ERR_UNEXPECTED; | 75 return ERR_UNEXPECTED; |
74 } | 76 } |
75 virtual void SetServerBoundCert(const std::string& server_identifier, | 77 virtual void SetServerBoundCert(const std::string& server_identifier, |
76 base::Time creation_time, | 78 base::Time creation_time, |
77 base::Time expiration_time, | 79 base::Time expiration_time, |
(...skipping 238 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
316 EXPECT_EQ(OK, rv); | 318 EXPECT_EQ(OK, rv); |
317 EXPECT_TRUE(sock_->IsConnected()); | 319 EXPECT_TRUE(sock_->IsConnected()); |
318 | 320 |
319 EXPECT_TRUE(CheckSSLClientSocketSentCert()); | 321 EXPECT_TRUE(CheckSSLClientSocketSentCert()); |
320 | 322 |
321 sock_->Disconnect(); | 323 sock_->Disconnect(); |
322 EXPECT_FALSE(sock_->IsConnected()); | 324 EXPECT_FALSE(sock_->IsConnected()); |
323 } | 325 } |
324 | 326 |
325 // Connect to a server using channel id. It should allow the connection. | 327 // Connect to a server using channel id. It should allow the connection. |
326 TEST_F(SSLClientSocketOpenSSLClientAuthTest, SendChannelID) { | 328 TEST_F(SSLClientSocketOpenSSLClientAuthTest, SendChannelID) { |
wtc
2014/04/10 14:59:05
Is it necessary to disable the two ChannelID tests
| |
327 SpawnedTestServer::SSLOptions ssl_options; | 329 SpawnedTestServer::SSLOptions ssl_options; |
328 | 330 |
329 ASSERT_TRUE(ConnectToTestServer(ssl_options)); | 331 ASSERT_TRUE(ConnectToTestServer(ssl_options)); |
330 | 332 |
331 EnabledChannelID(); | 333 EnabledChannelID(); |
332 SSLConfig ssl_config = kDefaultSSLConfig; | 334 SSLConfig ssl_config = kDefaultSSLConfig; |
333 ssl_config.channel_id_enabled = true; | 335 ssl_config.channel_id_enabled = true; |
334 | 336 |
335 int rv; | 337 int rv; |
336 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 338 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
(...skipping 16 matching lines...) Expand all Loading... | |
353 EnabledFailingChannelID(); | 355 EnabledFailingChannelID(); |
354 SSLConfig ssl_config = kDefaultSSLConfig; | 356 SSLConfig ssl_config = kDefaultSSLConfig; |
355 ssl_config.channel_id_enabled = true; | 357 ssl_config.channel_id_enabled = true; |
356 | 358 |
357 int rv; | 359 int rv; |
358 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 360 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
359 | 361 |
360 EXPECT_EQ(ERR_UNEXPECTED, rv); | 362 EXPECT_EQ(ERR_UNEXPECTED, rv); |
361 EXPECT_FALSE(sock_->IsConnected()); | 363 EXPECT_FALSE(sock_->IsConnected()); |
362 } | 364 } |
365 #endif // defined(USE_OPENSSL_CERTS) | |
363 | 366 |
364 } // namespace | 367 } // namespace |
365 } // namespace net | 368 } // namespace net |
OLD | NEW |