| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_error_handler.h" | 5 #include "chrome/browser/ssl/ssl_error_handler.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/macros.h" | 8 #include "base/macros.h" |
| 9 #include "base/memory/ptr_util.h" | 9 #include "base/memory/ptr_util.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| (...skipping 688 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 699 ASSERT_TRUE(test_server()->ShutdownAndWaitUntilComplete()); | 699 ASSERT_TRUE(test_server()->ShutdownAndWaitUntilComplete()); |
| 700 } | 700 } |
| 701 | 701 |
| 702 #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) | 702 #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 703 | 703 |
| 704 // Tests that a certificate marked as a known captive portal certificate causes | 704 // Tests that a certificate marked as a known captive portal certificate causes |
| 705 // the captive portal interstitial to be shown. | 705 // the captive portal interstitial to be shown. |
| 706 TEST_F(SSLErrorHandlerNameMismatchTest, CaptivePortalCertificateList_Enabled) { | 706 TEST_F(SSLErrorHandlerNameMismatchTest, CaptivePortalCertificateList_Enabled) { |
| 707 base::test::ScopedFeatureList scoped_feature_list; | 707 base::test::ScopedFeatureList scoped_feature_list; |
| 708 scoped_feature_list.InitFromCommandLine( | 708 scoped_feature_list.InitFromCommandLine( |
| 709 "CaptivePortalCertificateList" /* enabled */, "" /* disabled */); | 709 "CaptivePortalCertificateList" /* enabled */, |
| 710 | 710 std::string() /* disabled */); |
| 711 base::HistogramTester histograms; | |
| 712 | 711 |
| 713 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); | 712 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); |
| 714 EXPECT_EQ(1u, ssl_info().public_key_hashes.size()); | 713 EXPECT_EQ(1u, ssl_info().public_key_hashes.size()); |
| 715 | 714 |
| 716 chrome_browser_ssl::SSLErrorAssistantConfig config_proto; | 715 auto config_proto = |
| 717 config_proto.add_captive_portal_cert()->set_sha256_hash( | 716 base::MakeUnique<chrome_browser_ssl::SSLErrorAssistantConfig>(); |
| 717 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 718 "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); | 718 "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); |
| 719 config_proto.add_captive_portal_cert()->set_sha256_hash( | 719 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 720 ssl_info().public_key_hashes[0].ToString()); | 720 ssl_info().public_key_hashes[0].ToString()); |
| 721 config_proto.add_captive_portal_cert()->set_sha256_hash( | 721 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 722 "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"); | 722 "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"); |
| 723 SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto); | 723 SSLErrorHandler::SetErrorAssistantProto(std::move(config_proto)); |
| 724 | 724 |
| 725 base::HistogramTester histograms; |
| 725 error_handler()->StartHandlingError(); | 726 error_handler()->StartHandlingError(); |
| 726 | 727 |
| 727 // Timer shouldn't start for a known captive portal certificate. | 728 // Timer shouldn't start for a known captive portal certificate. |
| 728 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); | 729 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); |
| 729 EXPECT_FALSE(delegate()->captive_portal_checked()); | 730 EXPECT_FALSE(delegate()->captive_portal_checked()); |
| 730 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); | 731 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); |
| 731 EXPECT_TRUE(delegate()->captive_portal_interstitial_shown()); | 732 EXPECT_TRUE(delegate()->captive_portal_interstitial_shown()); |
| 732 EXPECT_FALSE(delegate()->suggested_url_checked()); | 733 EXPECT_FALSE(delegate()->suggested_url_checked()); |
| 733 | 734 |
| 734 // A buggy SSL error handler might have incorrectly started the timer. Run to | 735 // A buggy SSL error handler might have incorrectly started the timer. Run |
| 735 // completion to ensure the timer is expired. | 736 // to completion to ensure the timer is expired. |
| 736 base::RunLoop().RunUntilIdle(); | 737 base::RunLoop().RunUntilIdle(); |
| 737 | 738 |
| 738 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); | 739 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); |
| 739 EXPECT_FALSE(delegate()->captive_portal_checked()); | 740 EXPECT_FALSE(delegate()->captive_portal_checked()); |
| 740 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); | 741 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); |
| 741 EXPECT_TRUE(delegate()->captive_portal_interstitial_shown()); | 742 EXPECT_TRUE(delegate()->captive_portal_interstitial_shown()); |
| 742 EXPECT_FALSE(delegate()->suggested_url_checked()); | 743 EXPECT_FALSE(delegate()->suggested_url_checked()); |
| 743 | 744 |
| 744 // Check that the histogram for the captive portal cert was recorded. | 745 // Check that the histogram for the captive portal cert was recorded. |
| 745 histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 3); | 746 histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 3); |
| 746 histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(), | 747 histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(), |
| 747 SSLErrorHandler::HANDLE_ALL, 1); | 748 SSLErrorHandler::HANDLE_ALL, 1); |
| 748 histograms.ExpectBucketCount( | 749 histograms.ExpectBucketCount( |
| 749 SSLErrorHandler::GetHistogramNameForTesting(), | 750 SSLErrorHandler::GetHistogramNameForTesting(), |
| 750 SSLErrorHandler::SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE, 1); | 751 SSLErrorHandler::SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE, 1); |
| 751 histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(), | 752 histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(), |
| 752 SSLErrorHandler::CAPTIVE_PORTAL_CERT_FOUND, 1); | 753 SSLErrorHandler::CAPTIVE_PORTAL_CERT_FOUND, 1); |
| 753 } | 754 } |
| 754 | 755 |
| 755 // Tests that a certificate marked as a known captive portal certificate does | 756 // Tests that a certificate marked as a known captive portal certificate does |
| 756 // not cause the captive portal interstitial to be shown, if the feature is | 757 // not cause the captive portal interstitial to be shown, if the feature is |
| 757 // disabled. | 758 // disabled. |
| 758 TEST_F(SSLErrorHandlerNameMismatchTest, CaptivePortalCertificateList_Disabled) { | 759 TEST_F(SSLErrorHandlerNameMismatchTest, CaptivePortalCertificateList_Disabled) { |
| 759 base::test::ScopedFeatureList scoped_feature_list; | 760 base::test::ScopedFeatureList scoped_feature_list; |
| 760 scoped_feature_list.InitFromCommandLine( | 761 scoped_feature_list.InitFromCommandLine( |
| 761 "" /* enabled */, "CaptivePortalCertificateList" /* disabled */); | 762 std::string() /* enabled */, |
| 763 "CaptivePortalCertificateList" /* disabled */); |
| 762 | 764 |
| 763 base::HistogramTester histograms; | 765 base::HistogramTester histograms; |
| 764 | 766 |
| 765 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); | 767 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); |
| 766 EXPECT_EQ(1u, ssl_info().public_key_hashes.size()); | 768 EXPECT_EQ(1u, ssl_info().public_key_hashes.size()); |
| 767 | 769 |
| 768 chrome_browser_ssl::SSLErrorAssistantConfig config_proto; | 770 auto config_proto = |
| 769 config_proto.add_captive_portal_cert()->set_sha256_hash( | 771 base::MakeUnique<chrome_browser_ssl::SSLErrorAssistantConfig>(); |
| 772 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 770 "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); | 773 "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); |
| 771 config_proto.add_captive_portal_cert()->set_sha256_hash( | 774 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 772 ssl_info().public_key_hashes[0].ToString()); | 775 ssl_info().public_key_hashes[0].ToString()); |
| 773 config_proto.add_captive_portal_cert()->set_sha256_hash( | 776 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 774 "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"); | 777 "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"); |
| 775 SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto); | 778 SSLErrorHandler::SetErrorAssistantProto(std::move(config_proto)); |
| 776 | 779 |
| 777 error_handler()->StartHandlingError(); | 780 error_handler()->StartHandlingError(); |
| 778 | 781 |
| 779 // Timer shouldn't start for a known captive portal certificate. | 782 // Timer should start since captive portal certificate list feature is |
| 783 // disabled. |
| 780 EXPECT_TRUE(error_handler()->IsTimerRunningForTesting()); | 784 EXPECT_TRUE(error_handler()->IsTimerRunningForTesting()); |
| 781 EXPECT_TRUE(delegate()->captive_portal_checked()); | 785 EXPECT_TRUE(delegate()->captive_portal_checked()); |
| 782 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); | 786 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); |
| 783 EXPECT_FALSE(delegate()->captive_portal_interstitial_shown()); | 787 EXPECT_FALSE(delegate()->captive_portal_interstitial_shown()); |
| 784 EXPECT_FALSE(delegate()->suggested_url_checked()); | 788 EXPECT_FALSE(delegate()->suggested_url_checked()); |
| 785 | 789 |
| 786 // A buggy SSL error handler might have incorrectly started the timer. Run to | 790 // A buggy SSL error handler might have incorrectly started the timer. Run to |
| 787 // completion to ensure the timer is expired. | 791 // completion to ensure the timer is expired. |
| 788 base::RunLoop().RunUntilIdle(); | 792 base::RunLoop().RunUntilIdle(); |
| 789 | 793 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 802 SSLErrorHandler::SHOW_SSL_INTERSTITIAL_OVERRIDABLE, 1); | 806 SSLErrorHandler::SHOW_SSL_INTERSTITIAL_OVERRIDABLE, 1); |
| 803 } | 807 } |
| 804 | 808 |
| 805 // Tests that an error other than name mismatch does not cause a captive portal | 809 // Tests that an error other than name mismatch does not cause a captive portal |
| 806 // interstitial to be shown, even if the certificate is marked as a known | 810 // interstitial to be shown, even if the certificate is marked as a known |
| 807 // captive portal certificate. | 811 // captive portal certificate. |
| 808 TEST_F(SSLErrorHandlerAuthorityInvalidTest, | 812 TEST_F(SSLErrorHandlerAuthorityInvalidTest, |
| 809 CaptivePortalCertificateList_ShouldShowGenericInterstitial) { | 813 CaptivePortalCertificateList_ShouldShowGenericInterstitial) { |
| 810 base::test::ScopedFeatureList scoped_feature_list; | 814 base::test::ScopedFeatureList scoped_feature_list; |
| 811 scoped_feature_list.InitFromCommandLine( | 815 scoped_feature_list.InitFromCommandLine( |
| 812 "CaptivePortalCertificateList" /* enabled */, "" /* disabled */); | 816 "CaptivePortalCertificateList" /* enabled */, |
| 817 std::string() /* disabled */); |
| 813 | 818 |
| 814 base::HistogramTester histograms; | 819 base::HistogramTester histograms; |
| 815 | 820 |
| 816 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); | 821 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); |
| 817 EXPECT_EQ(1u, ssl_info().public_key_hashes.size()); | 822 EXPECT_EQ(1u, ssl_info().public_key_hashes.size()); |
| 818 | 823 |
| 819 chrome_browser_ssl::SSLErrorAssistantConfig config_proto; | 824 auto config_proto = |
| 820 config_proto.add_captive_portal_cert()->set_sha256_hash( | 825 base::MakeUnique<chrome_browser_ssl::SSLErrorAssistantConfig>(); |
| 826 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 821 "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); | 827 "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); |
| 822 config_proto.add_captive_portal_cert()->set_sha256_hash( | 828 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 823 ssl_info().public_key_hashes[0].ToString()); | 829 ssl_info().public_key_hashes[0].ToString()); |
| 824 config_proto.add_captive_portal_cert()->set_sha256_hash( | 830 config_proto->add_captive_portal_cert()->set_sha256_hash( |
| 825 "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"); | 831 "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"); |
| 826 SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto); | 832 SSLErrorHandler::SetErrorAssistantProto(std::move(config_proto)); |
| 827 | 833 |
| 828 error_handler()->StartHandlingError(); | 834 error_handler()->StartHandlingError(); |
| 829 | 835 |
| 830 // Timer should start for captive portal detection. | 836 // Timer should start for captive portal detection. |
| 831 EXPECT_TRUE(error_handler()->IsTimerRunningForTesting()); | 837 EXPECT_TRUE(error_handler()->IsTimerRunningForTesting()); |
| 832 EXPECT_TRUE(delegate()->captive_portal_checked()); | 838 EXPECT_TRUE(delegate()->captive_portal_checked()); |
| 833 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); | 839 EXPECT_FALSE(delegate()->ssl_interstitial_shown()); |
| 834 EXPECT_FALSE(delegate()->captive_portal_interstitial_shown()); | 840 EXPECT_FALSE(delegate()->captive_portal_interstitial_shown()); |
| 835 EXPECT_FALSE(delegate()->suggested_url_checked()); | 841 EXPECT_FALSE(delegate()->suggested_url_checked()); |
| 836 | 842 |
| 837 base::RunLoop().RunUntilIdle(); | 843 base::RunLoop().RunUntilIdle(); |
| 838 | 844 |
| 839 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); | 845 EXPECT_FALSE(error_handler()->IsTimerRunningForTesting()); |
| 840 EXPECT_TRUE(delegate()->captive_portal_checked()); | 846 EXPECT_TRUE(delegate()->captive_portal_checked()); |
| 841 EXPECT_TRUE(delegate()->ssl_interstitial_shown()); | 847 EXPECT_TRUE(delegate()->ssl_interstitial_shown()); |
| 842 EXPECT_FALSE(delegate()->captive_portal_interstitial_shown()); | 848 EXPECT_FALSE(delegate()->captive_portal_interstitial_shown()); |
| 843 EXPECT_FALSE(delegate()->suggested_url_checked()); | 849 EXPECT_FALSE(delegate()->suggested_url_checked()); |
| 844 | 850 |
| 845 // Check that the histogram for the captive portal cert was recorded. | 851 // Check that the histogram for the captive portal cert was recorded. |
| 846 histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 2); | 852 histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 2); |
| 847 histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(), | 853 histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(), |
| 848 SSLErrorHandler::HANDLE_ALL, 1); | 854 SSLErrorHandler::HANDLE_ALL, 1); |
| 849 histograms.ExpectBucketCount( | 855 histograms.ExpectBucketCount( |
| 850 SSLErrorHandler::GetHistogramNameForTesting(), | 856 SSLErrorHandler::GetHistogramNameForTesting(), |
| 851 SSLErrorHandler::SHOW_SSL_INTERSTITIAL_OVERRIDABLE, 1); | 857 SSLErrorHandler::SHOW_SSL_INTERSTITIAL_OVERRIDABLE, 1); |
| 852 } | 858 } |
| 853 | 859 |
| 854 #endif // BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) | 860 #endif // BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2581903002:
Add SSL error assistant component to dynamically update captive portal list (Closed)
