Add initial version of captive portal list checking.

chrome/browser/ssl/ssl_error_handler_unittest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_error_handler.h"
 
 #include "base/callback.h"
 #include "base/macros.h"
 #include "base/memory/ptr_util.h"
 #include "base/metrics/field_trial.h"
 #include "base/run_loop.h"
 #include "base/test/histogram_tester.h"
+#include "base/test/scoped_feature_list.h"
 #include "base/test/simple_test_clock.h"
 #include "base/test/simple_test_tick_clock.h"
 #include "base/time/time.h"
 #include "chrome/browser/captive_portal/captive_portal_service.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/common_name_mismatch_handler.h"
+#include "chrome/browser/ssl/ssl_error_assistant.pb.h"
 #include "chrome/common/features.h"
 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
 #include "chrome/test/base/testing_profile.h"
 #include "components/captive_portal/captive_portal_testing_utils.h"
 #include "components/network_time/network_time_test_utils.h"
 #include "components/network_time/network_time_tracker.h"
 #include "components/prefs/testing_pref_service.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_service.h"
 #include "net/base/net_errors.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/cert/x509_certificate.h"
 #include "net/http/http_response_headers.h"
 #include "net/ssl/ssl_info.h"
 #include "net/test/cert_test_util.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
 #include "net/test/embedded_test_server/http_response.h"
 #include "net/test/test_certificate_data.h"
 #include "net/test/test_data_directory.h"
 #include "net/url_request/url_request_test_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 namespace {
 
 const char kCertDateErrorHistogram[] =
     "interstitial.ssl_error_handler.cert_date_error_delay";
 
+const net::SHA256HashValue kCertPublicKeyHashValue = {{0x01, 0x02}};
+
 // Runs |quit_closure| on the UI thread once a URL request has been
 // seen. Returns a request that hangs.
 std::unique_ptr<net::test_server::HttpResponse> WaitForRequest(
     const base::Closure& quit_closure,
     const net::test_server::HttpRequest& request) {
   content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE,
                                    quit_closure);
   return base::MakeUnique<net::test_server::HungResponse>();
 }
 
@@ skipping 124 matching lines @@
   bool captive_portal_interstitial_shown_;
   bool redirected_to_suggested_url_;
   bool is_overridable_error_;
   CommonNameMismatchHandler::CheckUrlCallback suggested_url_callback_;
 
   DISALLOW_COPY_AND_ASSIGN(TestSSLErrorHandlerDelegate);
 };
 
 }  // namespace
 
-class SSLErrorHandlerNameMismatchTest : public ChromeRenderViewHostTestHarness {
+template <net::CertStatus kCertStatus>

[Ryan Sleevi, 2017/02/01 22:06:06]

I haven't really seen template parameters follow the constant naming scheme of
k*, even if they do end up compile-time constants. That feels a little weird,
but more of a nit than a hard block - it may very well be the
thing-with-precedent and I just haven't seen it.

Perhaps consider parameter-naming style?

[meacer, 2017/02/02 01:56:06]

Wasn't sure about it either so I did a code search before sending the CL, but
now that I look at it again all the places that use this style are either blink
or v8, so changing back to parameter style.

+class SSLErrorHandlerCertStatusTestBase
+    : public ChromeRenderViewHostTestHarness {
  public:
-  SSLErrorHandlerNameMismatchTest() : field_trial_list_(nullptr) {}
+  SSLErrorHandlerCertStatusTestBase() : field_trial_list_(nullptr) {}
 
   void SetUp() override {
     ChromeRenderViewHostTestHarness::SetUp();
+    SSLErrorHandler::ResetConfigForTesting();

[Ryan Sleevi, 2017/02/01 22:06:06]

Shouldn't you also be doing this in TearDown?

[meacer, 2017/02/02 01:56:06]

Done.

     SSLErrorHandler::SetInterstitialDelayForTesting(base::TimeDelta());
     ssl_info_.cert =
         net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem");
-    ssl_info_.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID;
+    ssl_info_.cert_status = kCertStatus;
+    ssl_info_.public_key_hashes.push_back(
+        net::HashValue(kCertPublicKeyHashValue));
 
     delegate_ =
         new TestSSLErrorHandlerDelegate(profile(), web_contents(), ssl_info_);
     error_handler_.reset(new TestSSLErrorHandler(
         std::unique_ptr<SSLErrorHandler::Delegate>(delegate_), web_contents(),
         profile(), net::MapCertStatusToNetError(ssl_info_.cert_status),
         ssl_info_,
         GURL(),  // request_url
         base::Callback<void(content::CertificateRequestResultType)>()));
 
     // Enable finch experiment for captive portal interstitials.
     ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial(
                     "CaptivePortalInterstitial", "Enabled"));
     // Enable finch experiment for SSL common name mismatch handling.
     ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial(
                     "SSLCommonNameMismatchHandling", "Enabled"));
   }
 
   void TearDown() override {
     EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
     error_handler_.reset(nullptr);
     ChromeRenderViewHostTestHarness::TearDown();
   }
 
   TestSSLErrorHandler* error_handler() { return error_handler_.get(); }
   TestSSLErrorHandlerDelegate* delegate() { return delegate_; }
 
+  const net::SSLInfo& ssl_info() { return ssl_info_; }
+
  private:
   net::SSLInfo ssl_info_;
   std::unique_ptr<TestSSLErrorHandler> error_handler_;
   TestSSLErrorHandlerDelegate* delegate_;
   base::FieldTrialList field_trial_list_;
 
-  DISALLOW_COPY_AND_ASSIGN(SSLErrorHandlerNameMismatchTest);
+  DISALLOW_COPY_AND_ASSIGN(SSLErrorHandlerCertStatusTestBase);
 };
 
+using SSLErrorHandlerNameMismatchTest =
+    SSLErrorHandlerCertStatusTestBase<net::CERT_STATUS_COMMON_NAME_INVALID>;
+using SSLErrorHandlerAuthorityInvalidTest =
+    SSLErrorHandlerCertStatusTestBase<net::CERT_STATUS_AUTHORITY_INVALID>;
+
 class SSLErrorHandlerDateInvalidTest : public ChromeRenderViewHostTestHarness {
  public:
   SSLErrorHandlerDateInvalidTest()
       : field_trial_test_(new network_time::FieldTrialTest()),
         clock_(new base::SimpleTestClock),
         tick_clock_(new base::SimpleTestTickClock),
         test_server_(new net::EmbeddedTestServer) {
     SetThreadBundleOptions(content::TestBrowserThreadBundle::REAL_IO_THREAD);
     network_time::NetworkTimeTracker::RegisterPrefs(pref_service_.registry());
   }
 
   void SetUp() override {
     ChromeRenderViewHostTestHarness::SetUp();
+    SSLErrorHandler::ResetConfigForTesting();

[Ryan Sleevi, 2017/02/01 22:06:06]

Shouldn't you also be doing this in TearDown?

[meacer, 2017/02/02 01:56:06]

Done.

 
     field_trial_test()->SetNetworkQueriesWithVariationsService(
         false, 0.0,
         network_time::NetworkTimeTracker::FETCHES_IN_BACKGROUND_ONLY);
     tracker_.reset(new network_time::NetworkTimeTracker(
         std::unique_ptr<base::Clock>(clock_),
         std::unique_ptr<base::TickClock>(tick_clock_), &pref_service_,
         new net::TestURLRequestContextGetter(
             content::BrowserThread::GetTaskRunnerForThread(
                 content::BrowserThread::IO))));
@@ skipping 413 matching lines @@
   // Check that the histogram for the delay was recorded.
   histograms.ExpectTotalCount(kCertDateErrorHistogram, 1);
 
   // Clear the error handler to test that, when the request completes,
   // it doesn't try to call a callback on a deleted SSLErrorHandler.
   ClearErrorHandler();
 
   // Shut down the server to cancel the pending request.
   ASSERT_TRUE(test_server()->ShutdownAndWaitUntilComplete());
 }
+
+// Tests that a certificate marked as a known captive portal certificate causes
+// the captive portal interstitial to be shown.
+TEST_F(SSLErrorHandlerNameMismatchTest, CaptivePortalCertificateList_Enabled) {
+  base::test::ScopedFeatureList scoped_feature_list;
+  scoped_feature_list.InitFromCommandLine(
+      "CaptivePortalCertificateList" /* enabled */, "" /* disabled */);
+
+  base::HistogramTester histograms;
+
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_EQ(1u, ssl_info().public_key_hashes.size());
+
+  chrome_browser_ssl::SSLErrorAssistantConfig config_proto;
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      ssl_info().public_key_hashes[0].ToString());
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
+  SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto);
+
+  error_handler()->StartHandlingError();
+
+  // Timer shouldn't start for a known captive portal certificate.
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_FALSE(delegate()->captive_portal_checked());
+  EXPECT_FALSE(delegate()->ssl_interstitial_shown());
+  EXPECT_TRUE(delegate()->captive_portal_interstitial_shown());
+  EXPECT_FALSE(delegate()->suggested_url_checked());
+
+  // A buggy SSL error handler might have incorrectly started the timer. Run to
+  // completion to ensure the timer is expired.
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_FALSE(delegate()->captive_portal_checked());
+  EXPECT_FALSE(delegate()->ssl_interstitial_shown());
+  EXPECT_TRUE(delegate()->captive_portal_interstitial_shown());
+  EXPECT_FALSE(delegate()->suggested_url_checked());
+
+  // Check that the histogram for the captive portal cert was recorded.
+  histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 3);
+  histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(),
+                               SSLErrorHandler::HANDLE_ALL, 1);
+  histograms.ExpectBucketCount(
+      SSLErrorHandler::GetHistogramNameForTesting(),
+      SSLErrorHandler::SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE, 1);
+  histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(),
+                               SSLErrorHandler::CAPTIVE_PORTAL_CERT_FOUND, 1);
+}
+
+// Tests that a certificate marked as a known captive portal certificate does
+// not cause the captive portal interstitial to be shown, if the feature is
+// disabled.
+TEST_F(SSLErrorHandlerNameMismatchTest, CaptivePortalCertificateList_Disabled) {
+  base::test::ScopedFeatureList scoped_feature_list;
+  scoped_feature_list.InitFromCommandLine(
+      "" /* enabled */, "CaptivePortalCertificateList" /* disabled */);
+
+  base::HistogramTester histograms;
+
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_EQ(1u, ssl_info().public_key_hashes.size());
+
+  chrome_browser_ssl::SSLErrorAssistantConfig config_proto;
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      ssl_info().public_key_hashes[0].ToString());
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
+  SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto);
+
+  error_handler()->StartHandlingError();
+
+  // Timer shouldn't start for a known captive portal certificate.
+  EXPECT_TRUE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_TRUE(delegate()->captive_portal_checked());
+  EXPECT_FALSE(delegate()->ssl_interstitial_shown());
+  EXPECT_FALSE(delegate()->captive_portal_interstitial_shown());
+  EXPECT_FALSE(delegate()->suggested_url_checked());
+
+  // A buggy SSL error handler might have incorrectly started the timer. Run to
+  // completion to ensure the timer is expired.
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_TRUE(delegate()->captive_portal_checked());
+  EXPECT_TRUE(delegate()->ssl_interstitial_shown());
+  EXPECT_FALSE(delegate()->captive_portal_interstitial_shown());
+  EXPECT_FALSE(delegate()->suggested_url_checked());
+
+  // Check that the histogram for the captive portal cert was recorded.
+  histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 2);
+  histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(),
+                               SSLErrorHandler::HANDLE_ALL, 1);
+  histograms.ExpectBucketCount(
+      SSLErrorHandler::GetHistogramNameForTesting(),
+      SSLErrorHandler::SHOW_SSL_INTERSTITIAL_OVERRIDABLE, 1);
+}
+
+// Tests that an error other than name mismatch does not cause a captive portal
+// interstitial to be shown, even if the certificate is marked as a known
+// captive portal certificate.
+TEST_F(SSLErrorHandlerAuthorityInvalidTest,
+       CaptivePortalCertificateList_ShouldShowGenericInterstitial) {
+  base::test::ScopedFeatureList scoped_feature_list;
+  scoped_feature_list.InitFromCommandLine(
+      "CaptivePortalCertificateList" /* enabled */, "" /* disabled */);
+
+  base::HistogramTester histograms;
+
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_EQ(1u, ssl_info().public_key_hashes.size());
+
+  chrome_browser_ssl::SSLErrorAssistantConfig config_proto;
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      ssl_info().public_key_hashes[0].ToString());
+  config_proto.add_captive_portal_cert()->set_sha256_hash(
+      "sha256/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
+  SSLErrorHandler::SetErrorAssistantProtoForTesting(config_proto);
+
+  error_handler()->StartHandlingError();
+
+  // Timer should start for captive portal detection.
+  EXPECT_TRUE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_TRUE(delegate()->captive_portal_checked());
+  EXPECT_FALSE(delegate()->ssl_interstitial_shown());
+  EXPECT_FALSE(delegate()->captive_portal_interstitial_shown());
+  EXPECT_FALSE(delegate()->suggested_url_checked());
+
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_FALSE(error_handler()->IsTimerRunningForTesting());
+  EXPECT_TRUE(delegate()->captive_portal_checked());
+  EXPECT_TRUE(delegate()->ssl_interstitial_shown());
+  EXPECT_FALSE(delegate()->captive_portal_interstitial_shown());
+  EXPECT_FALSE(delegate()->suggested_url_checked());
+
+  // Check that the histogram for the captive portal cert was recorded.
+  histograms.ExpectTotalCount(SSLErrorHandler::GetHistogramNameForTesting(), 2);
+  histograms.ExpectBucketCount(SSLErrorHandler::GetHistogramNameForTesting(),
+                               SSLErrorHandler::HANDLE_ALL, 1);
+  histograms.ExpectBucketCount(
+      SSLErrorHandler::GetHistogramNameForTesting(),
+      SSLErrorHandler::SHOW_SSL_INTERSTITIAL_OVERRIDABLE, 1);
+}