Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(157)

Side by Side Diff: net/socket/ssl_server_socket_unittest.cc

Issue 2411033003: Drop buffers in idle SSLClientSockets (and SSLServerSockets). (Closed)
Patch Set: rsleevi comments Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_server_socket_impl.cc ('k') | net/ssl/openssl_ssl_util.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This test suite uses SSLClientSocket to test the implementation of 5 // This test suite uses SSLClientSocket to test the implementation of
6 // SSLServerSocket. In order to establish connections between the sockets 6 // SSLServerSocket. In order to establish connections between the sockets
7 // we need two additional classes: 7 // we need two additional classes:
8 // 1. FakeSocket 8 // 1. FakeSocket
9 // Connects SSL socket to FakeDataChannel. This class is just a stub. 9 // Connects SSL socket to FakeDataChannel. This class is just a stub.
10 // 10 //
(...skipping 767 matching lines...) Expand 10 before | Expand all | Expand 10 after
778 778
779 // Check that the authority name that arrived in the CertificateRequest 779 // Check that the authority name that arrived in the CertificateRequest
780 // handshake message is as expected. 780 // handshake message is as expected.
781 scoped_refptr<X509Certificate> client_cert = 781 scoped_refptr<X509Certificate> client_cert =
782 ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName); 782 ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
783 ASSERT_TRUE(client_cert); 783 ASSERT_TRUE(client_cert);
784 EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info->cert_authorities)); 784 EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info->cert_authorities));
785 785
786 client_socket_->Disconnect(); 786 client_socket_->Disconnect();
787 787
788 EXPECT_THAT(handshake_callback.GetResult(server_ret), IsError(ERR_FAILED)); 788 EXPECT_THAT(handshake_callback.GetResult(server_ret),
789 IsError(ERR_CONNECTION_CLOSED));
789 } 790 }
790 791
791 TEST_F(SSLServerSocketTest, HandshakeWithClientCertRequiredNotSuppliedCached) { 792 TEST_F(SSLServerSocketTest, HandshakeWithClientCertRequiredNotSuppliedCached) {
792 ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer()); 793 ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
793 ASSERT_NO_FATAL_FAILURE(CreateContext()); 794 ASSERT_NO_FATAL_FAILURE(CreateContext());
794 ASSERT_NO_FATAL_FAILURE(CreateSockets()); 795 ASSERT_NO_FATAL_FAILURE(CreateSockets());
795 // Use the default setting for the client socket, which is to not send 796 // Use the default setting for the client socket, which is to not send
796 // a client certificate. This will cause the client to receive an 797 // a client certificate. This will cause the client to receive an
797 // ERR_SSL_CLIENT_AUTH_CERT_NEEDED error, and allow for inspecting the 798 // ERR_SSL_CLIENT_AUTH_CERT_NEEDED error, and allow for inspecting the
798 // requested cert_authorities from the CertificateRequest sent by the 799 // requested cert_authorities from the CertificateRequest sent by the
(...skipping 12 matching lines...) Expand all
811 812
812 // Check that the authority name that arrived in the CertificateRequest 813 // Check that the authority name that arrived in the CertificateRequest
813 // handshake message is as expected. 814 // handshake message is as expected.
814 scoped_refptr<X509Certificate> client_cert = 815 scoped_refptr<X509Certificate> client_cert =
815 ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName); 816 ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
816 ASSERT_TRUE(client_cert); 817 ASSERT_TRUE(client_cert);
817 EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info->cert_authorities)); 818 EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info->cert_authorities));
818 819
819 client_socket_->Disconnect(); 820 client_socket_->Disconnect();
820 821
821 EXPECT_THAT(handshake_callback.GetResult(server_ret), IsError(ERR_FAILED)); 822 EXPECT_THAT(handshake_callback.GetResult(server_ret),
823 IsError(ERR_CONNECTION_CLOSED));
822 server_socket_->Disconnect(); 824 server_socket_->Disconnect();
823 825
824 // Below, check that the cache didn't store the result of a failed handshake. 826 // Below, check that the cache didn't store the result of a failed handshake.
825 ASSERT_NO_FATAL_FAILURE(CreateSockets()); 827 ASSERT_NO_FATAL_FAILURE(CreateSockets());
826 TestCompletionCallback handshake_callback2; 828 TestCompletionCallback handshake_callback2;
827 int server_ret2 = server_socket_->Handshake(handshake_callback2.callback()); 829 int server_ret2 = server_socket_->Handshake(handshake_callback2.callback());
828 830
829 TestCompletionCallback connect_callback2; 831 TestCompletionCallback connect_callback2;
830 EXPECT_EQ(ERR_SSL_CLIENT_AUTH_CERT_NEEDED, 832 EXPECT_EQ(ERR_SSL_CLIENT_AUTH_CERT_NEEDED,
831 connect_callback2.GetResult( 833 connect_callback2.GetResult(
832 client_socket_->Connect(connect_callback2.callback()))); 834 client_socket_->Connect(connect_callback2.callback())));
833 835
834 scoped_refptr<SSLCertRequestInfo> request_info2 = new SSLCertRequestInfo(); 836 scoped_refptr<SSLCertRequestInfo> request_info2 = new SSLCertRequestInfo();
835 client_socket_->GetSSLCertRequestInfo(request_info2.get()); 837 client_socket_->GetSSLCertRequestInfo(request_info2.get());
836 838
837 // Check that the authority name that arrived in the CertificateRequest 839 // Check that the authority name that arrived in the CertificateRequest
838 // handshake message is as expected. 840 // handshake message is as expected.
839 EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info2->cert_authorities)); 841 EXPECT_TRUE(client_cert->IsIssuedByEncoded(request_info2->cert_authorities));
840 842
841 client_socket_->Disconnect(); 843 client_socket_->Disconnect();
842 844
843 EXPECT_THAT(handshake_callback2.GetResult(server_ret2), IsError(ERR_FAILED)); 845 EXPECT_THAT(handshake_callback2.GetResult(server_ret2),
846 IsError(ERR_CONNECTION_CLOSED));
844 } 847 }
845 848
846 TEST_F(SSLServerSocketTest, HandshakeWithWrongClientCertSupplied) { 849 TEST_F(SSLServerSocketTest, HandshakeWithWrongClientCertSupplied) {
847 scoped_refptr<X509Certificate> client_cert = 850 scoped_refptr<X509Certificate> client_cert =
848 ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName); 851 ImportCertFromFile(GetTestCertsDirectory(), kClientCertFileName);
849 ASSERT_TRUE(client_cert); 852 ASSERT_TRUE(client_cert);
850 853
851 ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForClient( 854 ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForClient(
852 kWrongClientCertFileName, kWrongClientPrivateKeyFileName)); 855 kWrongClientCertFileName, kWrongClientPrivateKeyFileName));
853 ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer()); 856 ASSERT_NO_FATAL_FAILURE(ConfigureClientCertsForServer());
(...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after
1112 int server_ret = server_socket_->Handshake(handshake_callback.callback()); 1115 int server_ret = server_socket_->Handshake(handshake_callback.callback());
1113 1116
1114 client_ret = connect_callback.GetResult(client_ret); 1117 client_ret = connect_callback.GetResult(client_ret);
1115 server_ret = handshake_callback.GetResult(server_ret); 1118 server_ret = handshake_callback.GetResult(server_ret);
1116 1119
1117 ASSERT_THAT(client_ret, IsError(ERR_SSL_VERSION_OR_CIPHER_MISMATCH)); 1120 ASSERT_THAT(client_ret, IsError(ERR_SSL_VERSION_OR_CIPHER_MISMATCH));
1118 ASSERT_THAT(server_ret, IsError(ERR_SSL_VERSION_OR_CIPHER_MISMATCH)); 1121 ASSERT_THAT(server_ret, IsError(ERR_SSL_VERSION_OR_CIPHER_MISMATCH));
1119 } 1122 }
1120 1123
1121 } // namespace net 1124 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_server_socket_impl.cc ('k') | net/ssl/openssl_ssl_util.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698