| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/chromium/quic_stream_factory.h" | 5 #include "net/quic/chromium/quic_stream_factory.h" |
| 6 | 6 |
| 7 #include <ostream> | 7 #include <ostream> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/callback.h" | 11 #include "base/callback.h" |
| 12 #include "base/run_loop.h" | 12 #include "base/run_loop.h" |
| 13 #include "base/strings/string_util.h" | 13 #include "base/strings/string_util.h" |
| 14 #include "base/threading/thread_task_runner_handle.h" | 14 #include "base/threading/thread_task_runner_handle.h" |
| 15 #include "net/base/test_proxy_delegate.h" |
| 15 #include "net/cert/cert_verifier.h" | 16 #include "net/cert/cert_verifier.h" |
| 16 #include "net/cert/ct_policy_enforcer.h" | 17 #include "net/cert/ct_policy_enforcer.h" |
| 17 #include "net/cert/multi_log_ct_verifier.h" | 18 #include "net/cert/multi_log_ct_verifier.h" |
| 18 #include "net/dns/mock_host_resolver.h" | 19 #include "net/dns/mock_host_resolver.h" |
| 19 #include "net/http/http_response_headers.h" | 20 #include "net/http/http_response_headers.h" |
| 20 #include "net/http/http_response_info.h" | 21 #include "net/http/http_response_info.h" |
| 21 #include "net/http/http_server_properties_impl.h" | 22 #include "net/http/http_server_properties_impl.h" |
| 22 #include "net/http/http_util.h" | 23 #include "net/http/http_util.h" |
| 23 #include "net/http/transport_security_state.h" | 24 #include "net/http/transport_security_state.h" |
| 24 #include "net/quic/chromium/crypto/proof_verifier_chromium.h" | 25 #include "net/quic/chromium/crypto/proof_verifier_chromium.h" |
| (...skipping 242 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 267 // If |factory_| was initialized, then it took over ownership of |clock_|. | 268 // If |factory_| was initialized, then it took over ownership of |clock_|. |
| 268 // If |factory_| was not initialized, then |clock_| needs to be destroyed. | 269 // If |factory_| was not initialized, then |clock_| needs to be destroyed. |
| 269 if (!factory_) | 270 if (!factory_) |
| 270 delete clock_; | 271 delete clock_; |
| 271 } | 272 } |
| 272 | 273 |
| 273 void Initialize() { | 274 void Initialize() { |
| 274 DCHECK(!factory_); | 275 DCHECK(!factory_); |
| 275 factory_.reset(new QuicStreamFactory( | 276 factory_.reset(new QuicStreamFactory( |
| 276 net_log_.net_log(), &host_resolver_, ssl_config_service_.get(), | 277 net_log_.net_log(), &host_resolver_, ssl_config_service_.get(), |
| 277 &socket_factory_, &http_server_properties_, cert_verifier_.get(), | 278 &socket_factory_, &http_server_properties_, &test_proxy_delegate_, |
| 278 &ct_policy_enforcer_, channel_id_service_.get(), | 279 cert_verifier_.get(), &ct_policy_enforcer_, channel_id_service_.get(), |
| 279 &transport_security_state_, cert_transparency_verifier_.get(), | 280 &transport_security_state_, cert_transparency_verifier_.get(), |
| 280 /*SocketPerformanceWatcherFactory*/ nullptr, | 281 /*SocketPerformanceWatcherFactory*/ nullptr, |
| 281 &crypto_client_stream_factory_, &random_generator_, clock_, | 282 &crypto_client_stream_factory_, &random_generator_, clock_, |
| 282 kDefaultMaxPacketSize, string(), SupportedVersions(version_), | 283 kDefaultMaxPacketSize, string(), SupportedVersions(version_), |
| 283 enable_port_selection_, always_require_handshake_confirmation_, | 284 enable_port_selection_, always_require_handshake_confirmation_, |
| 284 disable_connection_pooling_, load_server_info_timeout_srtt_multiplier_, | 285 disable_connection_pooling_, load_server_info_timeout_srtt_multiplier_, |
| 285 enable_connection_racing_, enable_non_blocking_io_, disable_disk_cache_, | 286 enable_connection_racing_, enable_non_blocking_io_, disable_disk_cache_, |
| 286 prefer_aes_, receive_buffer_size_, delay_tcp_race_, | 287 prefer_aes_, receive_buffer_size_, delay_tcp_race_, |
| 287 /*max_server_configs_stored_in_properties*/ 0, | 288 /*max_server_configs_stored_in_properties*/ 0, |
| 288 close_sessions_on_ip_change_, | 289 close_sessions_on_ip_change_, |
| (...skipping 235 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 524 scoped_refptr<SSLConfigService> ssl_config_service_; | 525 scoped_refptr<SSLConfigService> ssl_config_service_; |
| 525 MockClientSocketFactory socket_factory_; | 526 MockClientSocketFactory socket_factory_; |
| 526 MockCryptoClientStreamFactory crypto_client_stream_factory_; | 527 MockCryptoClientStreamFactory crypto_client_stream_factory_; |
| 527 MockRandom random_generator_; | 528 MockRandom random_generator_; |
| 528 MockClock* clock_; // Owned by |factory_| once created. | 529 MockClock* clock_; // Owned by |factory_| once created. |
| 529 scoped_refptr<TestTaskRunner> runner_; | 530 scoped_refptr<TestTaskRunner> runner_; |
| 530 QuicVersion version_; | 531 QuicVersion version_; |
| 531 QuicTestPacketMaker client_maker_; | 532 QuicTestPacketMaker client_maker_; |
| 532 QuicTestPacketMaker server_maker_; | 533 QuicTestPacketMaker server_maker_; |
| 533 HttpServerPropertiesImpl http_server_properties_; | 534 HttpServerPropertiesImpl http_server_properties_; |
| 535 TestProxyDelegate test_proxy_delegate_; |
| 534 std::unique_ptr<CertVerifier> cert_verifier_; | 536 std::unique_ptr<CertVerifier> cert_verifier_; |
| 535 std::unique_ptr<ChannelIDService> channel_id_service_; | 537 std::unique_ptr<ChannelIDService> channel_id_service_; |
| 536 TransportSecurityState transport_security_state_; | 538 TransportSecurityState transport_security_state_; |
| 537 std::unique_ptr<CTVerifier> cert_transparency_verifier_; | 539 std::unique_ptr<CTVerifier> cert_transparency_verifier_; |
| 538 CTPolicyEnforcer ct_policy_enforcer_; | 540 CTPolicyEnforcer ct_policy_enforcer_; |
| 539 std::unique_ptr<ScopedMockNetworkChangeNotifier> | 541 std::unique_ptr<ScopedMockNetworkChangeNotifier> |
| 540 scoped_mock_network_change_notifier_; | 542 scoped_mock_network_change_notifier_; |
| 541 std::unique_ptr<QuicStreamFactory> factory_; | 543 std::unique_ptr<QuicStreamFactory> factory_; |
| 542 HostPortPair host_port_pair_; | 544 HostPortPair host_port_pair_; |
| 543 GURL url_; | 545 GURL url_; |
| (...skipping 3878 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4422 | 4424 |
| 4423 HostPortPair host_port_pair2(kServer2HostName, kDefaultServerPort); | 4425 HostPortPair host_port_pair2(kServer2HostName, kDefaultServerPort); |
| 4424 url::SchemeHostPort server2("https", kServer2HostName, kDefaultServerPort); | 4426 url::SchemeHostPort server2("https", kServer2HostName, kDefaultServerPort); |
| 4425 const AlternativeService alternative_service2(QUIC, host_port_pair2.host(), | 4427 const AlternativeService alternative_service2(QUIC, host_port_pair2.host(), |
| 4426 host_port_pair2.port()); | 4428 host_port_pair2.port()); |
| 4427 AlternativeServiceInfoVector alternative_service_info_vector2; | 4429 AlternativeServiceInfoVector alternative_service_info_vector2; |
| 4428 alternative_service_info_vector2.push_back( | 4430 alternative_service_info_vector2.push_back( |
| 4429 AlternativeServiceInfo(alternative_service2, expiration)); | 4431 AlternativeServiceInfo(alternative_service2, expiration)); |
| 4430 http_server_properties_.SetAlternativeServices( | 4432 http_server_properties_.SetAlternativeServices( |
| 4431 server2, alternative_service_info_vector2); | 4433 server2, alternative_service_info_vector2); |
| 4434 // Verify that the properties of both QUIC servers are stored in the |
| 4435 // HTTP properties map. |
| 4436 EXPECT_EQ(2U, http_server_properties_.alternative_service_map().size()); |
| 4432 | 4437 |
| 4433 http_server_properties_.SetMaxServerConfigsStoredInProperties( | 4438 http_server_properties_.SetMaxServerConfigsStoredInProperties( |
| 4434 kMaxQuicServersToPersist); | 4439 kMaxQuicServersToPersist); |
| 4435 | 4440 |
| 4436 QuicServerId quic_server_id(kDefaultServerHostName, 80, | 4441 QuicServerId quic_server_id(kDefaultServerHostName, 80, |
| 4437 PRIVACY_MODE_DISABLED); | 4442 PRIVACY_MODE_DISABLED); |
| 4438 QuicServerInfoFactory* quic_server_info_factory = | 4443 QuicServerInfoFactory* quic_server_info_factory = |
| 4439 new PropertiesBasedQuicServerInfoFactory(&http_server_properties_); | 4444 new PropertiesBasedQuicServerInfoFactory(&http_server_properties_); |
| 4440 factory_->set_quic_server_info_factory(quic_server_info_factory); | 4445 factory_->set_quic_server_info_factory(quic_server_info_factory); |
| 4441 | 4446 |
| (...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4556 EXPECT_TRUE(cached2->GetServerConfig()); | 4561 EXPECT_TRUE(cached2->GetServerConfig()); |
| 4557 EXPECT_EQ(server_config2, cached2->server_config()); | 4562 EXPECT_EQ(server_config2, cached2->server_config()); |
| 4558 EXPECT_EQ(source_address_token2, cached2->source_address_token()); | 4563 EXPECT_EQ(source_address_token2, cached2->source_address_token()); |
| 4559 EXPECT_EQ(cert_sct2, cached2->cert_sct()); | 4564 EXPECT_EQ(cert_sct2, cached2->cert_sct()); |
| 4560 EXPECT_EQ(chlo_hash2, cached2->chlo_hash()); | 4565 EXPECT_EQ(chlo_hash2, cached2->chlo_hash()); |
| 4561 EXPECT_EQ(signature2, cached2->signature()); | 4566 EXPECT_EQ(signature2, cached2->signature()); |
| 4562 ASSERT_EQ(1U, cached->certs().size()); | 4567 ASSERT_EQ(1U, cached->certs().size()); |
| 4563 EXPECT_EQ(test_cert2, cached2->certs()[0]); | 4568 EXPECT_EQ(test_cert2, cached2->certs()[0]); |
| 4564 } | 4569 } |
| 4565 | 4570 |
| 4571 // Verifies that the alternative proxy server provided by the proxy delegate |
| 4572 // is added to the list of supported QUIC proxy servers. |
| 4573 TEST_P(QuicStreamFactoryTest, MaybeInitializeAlternativeProxyServer) { |
| 4574 idle_connection_timeout_seconds_ = 500; |
| 4575 Initialize(); |
| 4576 ProofVerifyDetailsChromium verify_details = DefaultProofVerifyDetails(); |
| 4577 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 4578 const QuicConfig* config = QuicStreamFactoryPeer::GetConfig(factory_.get()); |
| 4579 EXPECT_EQ(500, config->IdleConnectionStateLifetime().ToSeconds()); |
| 4580 |
| 4581 QuicStreamFactoryPeer::SetTaskRunner(factory_.get(), runner_.get()); |
| 4582 |
| 4583 const AlternativeService alternative_service1(QUIC, host_port_pair_.host(), |
| 4584 host_port_pair_.port()); |
| 4585 AlternativeServiceInfoVector alternative_service_info_vector; |
| 4586 base::Time expiration = base::Time::Now() + base::TimeDelta::FromDays(1); |
| 4587 alternative_service_info_vector.push_back( |
| 4588 AlternativeServiceInfo(alternative_service1, expiration)); |
| 4589 http_server_properties_.SetAlternativeServices( |
| 4590 url::SchemeHostPort(url_), alternative_service_info_vector); |
| 4591 |
| 4592 HostPortPair host_port_pair2(kServer2HostName, kDefaultServerPort); |
| 4593 url::SchemeHostPort server2("https", kServer2HostName, kDefaultServerPort); |
| 4594 const AlternativeService alternative_service2(QUIC, host_port_pair2.host(), |
| 4595 host_port_pair2.port()); |
| 4596 AlternativeServiceInfoVector alternative_service_info_vector2; |
| 4597 alternative_service_info_vector2.push_back( |
| 4598 AlternativeServiceInfo(alternative_service2, expiration)); |
| 4599 // Verify that the properties of only one QUIC server is stored in the |
| 4600 // HTTP properties map. |
| 4601 EXPECT_EQ(1U, http_server_properties_.alternative_service_map().size()); |
| 4602 |
| 4603 http_server_properties_.SetMaxServerConfigsStoredInProperties( |
| 4604 kMaxQuicServersToPersist); |
| 4605 |
| 4606 QuicServerId quic_server_id(kDefaultServerHostName, 80, |
| 4607 PRIVACY_MODE_DISABLED); |
| 4608 QuicServerInfoFactory* quic_server_info_factory = |
| 4609 new PropertiesBasedQuicServerInfoFactory(&http_server_properties_); |
| 4610 factory_->set_quic_server_info_factory(quic_server_info_factory); |
| 4611 |
| 4612 std::unique_ptr<QuicServerInfo> quic_server_info( |
| 4613 quic_server_info_factory->GetForServer(quic_server_id)); |
| 4614 |
| 4615 // Update quic_server_info's server_config and persist it. |
| 4616 QuicServerInfo::State* state = quic_server_info->mutable_state(); |
| 4617 // Minimum SCFG that passes config validation checks. |
| 4618 const char scfg[] = {// SCFG |
| 4619 0x53, 0x43, 0x46, 0x47, |
| 4620 // num entries |
| 4621 0x01, 0x00, |
| 4622 // padding |
| 4623 0x00, 0x00, |
| 4624 // EXPY |
| 4625 0x45, 0x58, 0x50, 0x59, |
| 4626 // EXPY end offset |
| 4627 0x08, 0x00, 0x00, 0x00, |
| 4628 // Value |
| 4629 '1', '2', '3', '4', '5', '6', '7', '8'}; |
| 4630 |
| 4631 // Create temporary strings becasue Persist() clears string data in |state|. |
| 4632 string server_config(reinterpret_cast<const char*>(&scfg), sizeof(scfg)); |
| 4633 string source_address_token("test_source_address_token"); |
| 4634 string cert_sct("test_cert_sct"); |
| 4635 string chlo_hash("test_chlo_hash"); |
| 4636 string signature("test_signature"); |
| 4637 string test_cert("test_cert"); |
| 4638 vector<string> certs; |
| 4639 certs.push_back(test_cert); |
| 4640 state->server_config = server_config; |
| 4641 state->source_address_token = source_address_token; |
| 4642 state->cert_sct = cert_sct; |
| 4643 state->chlo_hash = chlo_hash; |
| 4644 state->server_config_sig = signature; |
| 4645 state->certs = certs; |
| 4646 |
| 4647 quic_server_info->Persist(); |
| 4648 |
| 4649 QuicServerId quic_server_id2(kServer2HostName, 80, PRIVACY_MODE_DISABLED); |
| 4650 std::unique_ptr<QuicServerInfo> quic_server_info2( |
| 4651 quic_server_info_factory->GetForServer(quic_server_id2)); |
| 4652 |
| 4653 // Update quic_server_info2's server_config and persist it. |
| 4654 QuicServerInfo::State* state2 = quic_server_info2->mutable_state(); |
| 4655 |
| 4656 // Minimum SCFG that passes config validation checks. |
| 4657 const char scfg2[] = {// SCFG |
| 4658 0x53, 0x43, 0x46, 0x47, |
| 4659 // num entries |
| 4660 0x01, 0x00, |
| 4661 // padding |
| 4662 0x00, 0x00, |
| 4663 // EXPY |
| 4664 0x45, 0x58, 0x50, 0x59, |
| 4665 // EXPY end offset |
| 4666 0x08, 0x00, 0x00, 0x00, |
| 4667 // Value |
| 4668 '8', '7', '3', '4', '5', '6', '2', '1'}; |
| 4669 |
| 4670 // Create temporary strings becasue Persist() clears string data in |state2|. |
| 4671 string server_config2(reinterpret_cast<const char*>(&scfg2), sizeof(scfg2)); |
| 4672 string source_address_token2("test_source_address_token2"); |
| 4673 string cert_sct2("test_cert_sct2"); |
| 4674 string chlo_hash2("test_chlo_hash2"); |
| 4675 string signature2("test_signature2"); |
| 4676 string test_cert2("test_cert2"); |
| 4677 vector<string> certs2; |
| 4678 certs2.push_back(test_cert2); |
| 4679 state2->server_config = server_config2; |
| 4680 state2->source_address_token = source_address_token2; |
| 4681 state2->cert_sct = cert_sct2; |
| 4682 state2->chlo_hash = chlo_hash2; |
| 4683 state2->server_config_sig = signature2; |
| 4684 state2->certs = certs2; |
| 4685 |
| 4686 quic_server_info2->Persist(); |
| 4687 test_proxy_delegate_.set_alternative_proxy_server(net::ProxyServer( |
| 4688 net::ProxyServer::SCHEME_QUIC, |
| 4689 net::HostPortPair(kServer2HostName, kDefaultServerPort))); |
| 4690 |
| 4691 QuicStreamFactoryPeer::MaybeInitialize(factory_.get()); |
| 4692 EXPECT_TRUE(QuicStreamFactoryPeer::HasInitializedData(factory_.get())); |
| 4693 |
| 4694 // Verify the MRU order is maintained. |
| 4695 const QuicServerInfoMap& quic_server_info_map = |
| 4696 http_server_properties_.quic_server_info_map(); |
| 4697 EXPECT_EQ(2u, quic_server_info_map.size()); |
| 4698 QuicServerInfoMap::const_iterator quic_server_info_map_it = |
| 4699 quic_server_info_map.begin(); |
| 4700 EXPECT_EQ(quic_server_info_map_it->first, quic_server_id2); |
| 4701 ++quic_server_info_map_it; |
| 4702 EXPECT_EQ(quic_server_info_map_it->first, quic_server_id); |
| 4703 |
| 4704 EXPECT_TRUE(QuicStreamFactoryPeer::SupportsQuicAtStartUp(factory_.get(), |
| 4705 host_port_pair_)); |
| 4706 EXPECT_FALSE(QuicStreamFactoryPeer::CryptoConfigCacheIsEmpty(factory_.get(), |
| 4707 quic_server_id)); |
| 4708 QuicCryptoClientConfig* crypto_config = |
| 4709 QuicStreamFactoryPeer::GetCryptoConfig(factory_.get()); |
| 4710 QuicCryptoClientConfig::CachedState* cached = |
| 4711 crypto_config->LookupOrCreate(quic_server_id); |
| 4712 EXPECT_FALSE(cached->server_config().empty()); |
| 4713 EXPECT_TRUE(cached->GetServerConfig()); |
| 4714 EXPECT_EQ(server_config, cached->server_config()); |
| 4715 EXPECT_EQ(source_address_token, cached->source_address_token()); |
| 4716 EXPECT_EQ(cert_sct, cached->cert_sct()); |
| 4717 EXPECT_EQ(chlo_hash, cached->chlo_hash()); |
| 4718 EXPECT_EQ(signature, cached->signature()); |
| 4719 ASSERT_EQ(1U, cached->certs().size()); |
| 4720 EXPECT_EQ(test_cert, cached->certs()[0]); |
| 4721 |
| 4722 EXPECT_TRUE(QuicStreamFactoryPeer::SupportsQuicAtStartUp(factory_.get(), |
| 4723 host_port_pair2)); |
| 4724 EXPECT_FALSE(QuicStreamFactoryPeer::CryptoConfigCacheIsEmpty( |
| 4725 factory_.get(), quic_server_id2)); |
| 4726 QuicCryptoClientConfig::CachedState* cached2 = |
| 4727 crypto_config->LookupOrCreate(quic_server_id2); |
| 4728 EXPECT_FALSE(cached2->server_config().empty()); |
| 4729 EXPECT_TRUE(cached2->GetServerConfig()); |
| 4730 EXPECT_EQ(server_config2, cached2->server_config()); |
| 4731 EXPECT_EQ(source_address_token2, cached2->source_address_token()); |
| 4732 EXPECT_EQ(cert_sct2, cached2->cert_sct()); |
| 4733 EXPECT_EQ(chlo_hash2, cached2->chlo_hash()); |
| 4734 EXPECT_EQ(signature2, cached2->signature()); |
| 4735 ASSERT_EQ(1U, cached->certs().size()); |
| 4736 EXPECT_EQ(test_cert2, cached2->certs()[0]); |
| 4737 } |
| 4738 |
| 4566 TEST_P(QuicStreamFactoryTest, StartCertVerifyJob) { | 4739 TEST_P(QuicStreamFactoryTest, StartCertVerifyJob) { |
| 4567 Initialize(); | 4740 Initialize(); |
| 4568 | 4741 |
| 4569 MockQuicData socket_data; | 4742 MockQuicData socket_data; |
| 4570 socket_data.AddRead(SYNCHRONOUS, ERR_IO_PENDING); | 4743 socket_data.AddRead(SYNCHRONOUS, ERR_IO_PENDING); |
| 4571 socket_data.AddSocketDataToFactory(&socket_factory_); | 4744 socket_data.AddSocketDataToFactory(&socket_factory_); |
| 4572 | 4745 |
| 4573 // Save current state of |race_cert_verification|. | 4746 // Save current state of |race_cert_verification|. |
| 4574 bool race_cert_verification = | 4747 bool race_cert_verification = |
| 4575 QuicStreamFactoryPeer::GetRaceCertVerification(factory_.get()); | 4748 QuicStreamFactoryPeer::GetRaceCertVerification(factory_.get()); |
| (...skipping 646 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5222 // Clear all cached states. | 5395 // Clear all cached states. |
| 5223 factory_->ClearCachedStatesInCryptoConfig( | 5396 factory_->ClearCachedStatesInCryptoConfig( |
| 5224 base::Callback<bool(const GURL&)>()); | 5397 base::Callback<bool(const GURL&)>()); |
| 5225 EXPECT_TRUE(test_cases[0].state->certs().empty()); | 5398 EXPECT_TRUE(test_cases[0].state->certs().empty()); |
| 5226 EXPECT_TRUE(test_cases[1].state->certs().empty()); | 5399 EXPECT_TRUE(test_cases[1].state->certs().empty()); |
| 5227 EXPECT_TRUE(test_cases[2].state->certs().empty()); | 5400 EXPECT_TRUE(test_cases[2].state->certs().empty()); |
| 5228 } | 5401 } |
| 5229 | 5402 |
| 5230 } // namespace test | 5403 } // namespace test |
| 5231 } // namespace net | 5404 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2442633002:
Add a QUIC proxy server to the list of QUIC servers supported at start up (Closed)
