| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/quic_crypto_server_stream.h" | 5 #include "net/quic/quic_crypto_server_stream.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 65 session_.config()->SetDefaults(); | 65 session_.config()->SetDefaults(); |
| 66 session_.SetCryptoStream(&stream_); | 66 session_.SetCryptoStream(&stream_); |
| 67 // We advance the clock initially because the default time is zero and the | 67 // We advance the clock initially because the default time is zero and the |
| 68 // strike register worries that we've just overflowed a uint32 time. | 68 // strike register worries that we've just overflowed a uint32 time. |
| 69 connection_->AdvanceTime(QuicTime::Delta::FromSeconds(100000)); | 69 connection_->AdvanceTime(QuicTime::Delta::FromSeconds(100000)); |
| 70 // TODO(rtenneti): Enable testing of ProofSource. | 70 // TODO(rtenneti): Enable testing of ProofSource. |
| 71 // crypto_config_.SetProofSource(CryptoTestUtils::ProofSourceForTesting()); | 71 // crypto_config_.SetProofSource(CryptoTestUtils::ProofSourceForTesting()); |
| 72 crypto_config_.set_strike_register_no_startup_period(); | 72 crypto_config_.set_strike_register_no_startup_period(); |
| 73 | 73 |
| 74 CryptoTestUtils::SetupCryptoServerConfigForTest( | 74 CryptoTestUtils::SetupCryptoServerConfigForTest( |
| 75 connection_->clock(), connection_->random_generator(), | 75 connection_->clock(), |
| 76 session_.config(), &crypto_config_); | 76 connection_->random_generator(), |
| 77 session_.config(), |
| 78 &crypto_config_); |
| 77 | 79 |
| 78 if (AsyncStrikeRegisterVerification()) { | 80 if (AsyncStrikeRegisterVerification()) { |
| 79 string orbit = | 81 string orbit = |
| 80 QuicCryptoServerConfigPeer::GetPrimaryOrbit(crypto_config_); | 82 QuicCryptoServerConfigPeer::GetPrimaryOrbit(crypto_config_); |
| 81 strike_register_client_ = new DelayedVerifyStrikeRegisterClient( | 83 strike_register_client_ = new DelayedVerifyStrikeRegisterClient( |
| 82 10000, // strike_register_max_entries | 84 10000, // strike_register_max_entries |
| 83 static_cast<uint32>(connection_->clock()->WallNow().ToUNIXSeconds()), | 85 static_cast<uint32>(connection_->clock()->WallNow().ToUNIXSeconds()), |
| 84 60, // strike_register_window_secs | 86 60, // strike_register_window_secs |
| 85 reinterpret_cast<const uint8 *>(orbit.data()), | 87 reinterpret_cast<const uint8*>(orbit.data()), |
| 86 StrikeRegister::NO_STARTUP_PERIOD_NEEDED); | 88 StrikeRegister::NO_STARTUP_PERIOD_NEEDED); |
| 87 strike_register_client_->StartDelayingVerification(); | 89 strike_register_client_->StartDelayingVerification(); |
| 88 crypto_config_.SetStrikeRegisterClient(strike_register_client_); | 90 crypto_config_.SetStrikeRegisterClient(strike_register_client_); |
| 89 } | 91 } |
| 90 } | 92 } |
| 91 | 93 |
| 92 bool AsyncStrikeRegisterVerification() { | 94 bool AsyncStrikeRegisterVerification() { return GetParam(); } |
| 93 return GetParam(); | |
| 94 } | |
| 95 | 95 |
| 96 void ConstructHandshakeMessage() { | 96 void ConstructHandshakeMessage() { |
| 97 CryptoFramer framer; | 97 CryptoFramer framer; |
| 98 message_data_.reset(framer.ConstructHandshakeMessage(message_)); | 98 message_data_.reset(framer.ConstructHandshakeMessage(message_)); |
| 99 } | 99 } |
| 100 | 100 |
| 101 int CompleteCryptoHandshake() { | 101 int CompleteCryptoHandshake() { |
| 102 return CryptoTestUtils::HandshakeWithFakeClient(connection_, &stream_, | 102 return CryptoTestUtils::HandshakeWithFakeClient( |
| 103 client_options_); | 103 connection_, &stream_, client_options_); |
| 104 } | 104 } |
| 105 | 105 |
| 106 protected: | 106 protected: |
| 107 PacketSavingConnection* connection_; | 107 PacketSavingConnection* connection_; |
| 108 TestClientSession session_; | 108 TestClientSession session_; |
| 109 QuicConfig config_; | 109 QuicConfig config_; |
| 110 QuicCryptoServerConfig crypto_config_; | 110 QuicCryptoServerConfig crypto_config_; |
| 111 QuicCryptoServerStream stream_; | 111 QuicCryptoServerStream stream_; |
| 112 CryptoHandshakeMessage message_; | 112 CryptoHandshakeMessage message_; |
| 113 scoped_ptr<QuicData> message_data_; | 113 scoped_ptr<QuicData> message_data_; |
| (...skipping 24 matching lines...) Expand all Loading... |
| 138 client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000)); | 138 client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000)); |
| 139 server_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000)); | 139 server_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000)); |
| 140 | 140 |
| 141 QuicConfig client_config; | 141 QuicConfig client_config; |
| 142 client_config.SetDefaults(); | 142 client_config.SetDefaults(); |
| 143 scoped_ptr<TestClientSession> client_session( | 143 scoped_ptr<TestClientSession> client_session( |
| 144 new TestClientSession(client_conn, client_config)); | 144 new TestClientSession(client_conn, client_config)); |
| 145 QuicCryptoClientConfig client_crypto_config; | 145 QuicCryptoClientConfig client_crypto_config; |
| 146 client_crypto_config.SetDefaults(); | 146 client_crypto_config.SetDefaults(); |
| 147 | 147 |
| 148 QuicServerId server_id(kServerHostname, kServerPort, false, | 148 QuicServerId server_id( |
| 149 PRIVACY_MODE_DISABLED); | 149 kServerHostname, kServerPort, false, PRIVACY_MODE_DISABLED); |
| 150 scoped_ptr<QuicCryptoClientStream> client(new QuicCryptoClientStream( | 150 scoped_ptr<QuicCryptoClientStream> client(new QuicCryptoClientStream( |
| 151 server_id, client_session.get(), NULL, &client_crypto_config)); | 151 server_id, client_session.get(), NULL, &client_crypto_config)); |
| 152 client_session->SetCryptoStream(client.get()); | 152 client_session->SetCryptoStream(client.get()); |
| 153 | 153 |
| 154 // Do a first handshake in order to prime the client config with the server's | 154 // Do a first handshake in order to prime the client config with the server's |
| 155 // information. | 155 // information. |
| 156 CHECK(client->CryptoConnect()); | 156 CHECK(client->CryptoConnect()); |
| 157 CHECK_EQ(1u, client_conn->packets_.size()); | 157 CHECK_EQ(1u, client_conn->packets_.size()); |
| 158 | 158 |
| 159 scoped_ptr<TestSession> server_session(new TestSession(server_conn, config_)); | 159 scoped_ptr<TestSession> server_session(new TestSession(server_conn, config_)); |
| (...skipping 17 matching lines...) Expand all Loading... |
| 177 | 177 |
| 178 // This causes the client's nonce to be different and thus stops the | 178 // This causes the client's nonce to be different and thus stops the |
| 179 // strike-register from rejecting the repeated nonce. | 179 // strike-register from rejecting the repeated nonce. |
| 180 reinterpret_cast<MockRandom*>(client_conn->random_generator())->ChangeValue(); | 180 reinterpret_cast<MockRandom*>(client_conn->random_generator())->ChangeValue(); |
| 181 client_session.reset(new TestClientSession(client_conn, client_config)); | 181 client_session.reset(new TestClientSession(client_conn, client_config)); |
| 182 server_session.reset(new TestSession(server_conn, config_)); | 182 server_session.reset(new TestSession(server_conn, config_)); |
| 183 client.reset(new QuicCryptoClientStream( | 183 client.reset(new QuicCryptoClientStream( |
| 184 server_id, client_session.get(), NULL, &client_crypto_config)); | 184 server_id, client_session.get(), NULL, &client_crypto_config)); |
| 185 client_session->SetCryptoStream(client.get()); | 185 client_session->SetCryptoStream(client.get()); |
| 186 | 186 |
| 187 server.reset(new QuicCryptoServerStream(crypto_config_, | 187 server.reset( |
| 188 server_session.get())); | 188 new QuicCryptoServerStream(crypto_config_, server_session.get())); |
| 189 server_session->SetCryptoStream(server.get()); | 189 server_session->SetCryptoStream(server.get()); |
| 190 | 190 |
| 191 CHECK(client->CryptoConnect()); | 191 CHECK(client->CryptoConnect()); |
| 192 | 192 |
| 193 if (AsyncStrikeRegisterVerification()) { | 193 if (AsyncStrikeRegisterVerification()) { |
| 194 EXPECT_FALSE(client->handshake_confirmed()); | 194 EXPECT_FALSE(client->handshake_confirmed()); |
| 195 EXPECT_FALSE(server->handshake_confirmed()); | 195 EXPECT_FALSE(server->handshake_confirmed()); |
| 196 | 196 |
| 197 // Advance the handshake. Expect that the server will be stuck | 197 // Advance the handshake. Expect that the server will be stuck |
| 198 // waiting for client nonce verification to complete. | 198 // waiting for client nonce verification to complete. |
| 199 pair<size_t, size_t> messages_moved = CryptoTestUtils::AdvanceHandshake( | 199 pair<size_t, size_t> messages_moved = CryptoTestUtils::AdvanceHandshake( |
| 200 client_conn, client.get(), 0, server_conn, server.get(), 0); | 200 client_conn, client.get(), 0, server_conn, server.get(), 0); |
| 201 EXPECT_EQ(1u, messages_moved.first); | 201 EXPECT_EQ(1u, messages_moved.first); |
| 202 EXPECT_EQ(0u, messages_moved.second); | 202 EXPECT_EQ(0u, messages_moved.second); |
| 203 EXPECT_EQ(1, strike_register_client_->PendingVerifications()); | 203 EXPECT_EQ(1, strike_register_client_->PendingVerifications()); |
| 204 EXPECT_FALSE(client->handshake_confirmed()); | 204 EXPECT_FALSE(client->handshake_confirmed()); |
| 205 EXPECT_FALSE(server->handshake_confirmed()); | 205 EXPECT_FALSE(server->handshake_confirmed()); |
| 206 | 206 |
| 207 // The server handshake completes once the nonce verification completes. | 207 // The server handshake completes once the nonce verification completes. |
| 208 strike_register_client_->RunPendingVerifications(); | 208 strike_register_client_->RunPendingVerifications(); |
| 209 EXPECT_FALSE(client->handshake_confirmed()); | 209 EXPECT_FALSE(client->handshake_confirmed()); |
| 210 EXPECT_TRUE(server->handshake_confirmed()); | 210 EXPECT_TRUE(server->handshake_confirmed()); |
| 211 | 211 |
| 212 messages_moved = CryptoTestUtils::AdvanceHandshake( | 212 messages_moved = CryptoTestUtils::AdvanceHandshake(client_conn, |
| 213 client_conn, client.get(), messages_moved.first, | 213 client.get(), |
| 214 server_conn, server.get(), messages_moved.second); | 214 messages_moved.first, |
| 215 server_conn, |
| 216 server.get(), |
| 217 messages_moved.second); |
| 215 EXPECT_EQ(1u, messages_moved.first); | 218 EXPECT_EQ(1u, messages_moved.first); |
| 216 EXPECT_EQ(1u, messages_moved.second); | 219 EXPECT_EQ(1u, messages_moved.second); |
| 217 EXPECT_TRUE(client->handshake_confirmed()); | 220 EXPECT_TRUE(client->handshake_confirmed()); |
| 218 EXPECT_TRUE(server->handshake_confirmed()); | 221 EXPECT_TRUE(server->handshake_confirmed()); |
| 219 } else { | 222 } else { |
| 220 CryptoTestUtils::CommunicateHandshakeMessages( | 223 CryptoTestUtils::CommunicateHandshakeMessages( |
| 221 client_conn, client.get(), server_conn, server.get()); | 224 client_conn, client.get(), server_conn, server.get()); |
| 222 } | 225 } |
| 223 | 226 |
| 224 EXPECT_EQ(1, client->num_sent_client_hellos()); | 227 EXPECT_EQ(1, client->num_sent_client_hellos()); |
| 225 } | 228 } |
| 226 | 229 |
| 227 TEST_P(QuicCryptoServerStreamTest, MessageAfterHandshake) { | 230 TEST_P(QuicCryptoServerStreamTest, MessageAfterHandshake) { |
| 228 CompleteCryptoHandshake(); | 231 CompleteCryptoHandshake(); |
| 229 EXPECT_CALL(*connection_, SendConnectionClose( | 232 EXPECT_CALL( |
| 230 QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE)); | 233 *connection_, |
| 234 SendConnectionClose(QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE)); |
| 231 message_.set_tag(kCHLO); | 235 message_.set_tag(kCHLO); |
| 232 ConstructHandshakeMessage(); | 236 ConstructHandshakeMessage(); |
| 233 stream_.ProcessRawData(message_data_->data(), message_data_->length()); | 237 stream_.ProcessRawData(message_data_->data(), message_data_->length()); |
| 234 } | 238 } |
| 235 | 239 |
| 236 TEST_P(QuicCryptoServerStreamTest, BadMessageType) { | 240 TEST_P(QuicCryptoServerStreamTest, BadMessageType) { |
| 237 message_.set_tag(kSHLO); | 241 message_.set_tag(kSHLO); |
| 238 ConstructHandshakeMessage(); | 242 ConstructHandshakeMessage(); |
| 239 EXPECT_CALL(*connection_, SendConnectionClose( | 243 EXPECT_CALL(*connection_, |
| 240 QUIC_INVALID_CRYPTO_MESSAGE_TYPE)); | 244 SendConnectionClose(QUIC_INVALID_CRYPTO_MESSAGE_TYPE)); |
| 241 stream_.ProcessRawData(message_data_->data(), message_data_->length()); | 245 stream_.ProcessRawData(message_data_->data(), message_data_->length()); |
| 242 } | 246 } |
| 243 | 247 |
| 244 TEST_P(QuicCryptoServerStreamTest, WithoutCertificates) { | 248 TEST_P(QuicCryptoServerStreamTest, WithoutCertificates) { |
| 245 crypto_config_.SetProofSource(NULL); | 249 crypto_config_.SetProofSource(NULL); |
| 246 client_options_.dont_verify_certs = true; | 250 client_options_.dont_verify_certs = true; |
| 247 | 251 |
| 248 // Only 2 client hellos need to be sent in the no-certs case: one to get the | 252 // Only 2 client hellos need to be sent in the no-certs case: one to get the |
| 249 // source-address token and the second to finish. | 253 // source-address token and the second to finish. |
| 250 EXPECT_EQ(2, CompleteCryptoHandshake()); | 254 EXPECT_EQ(2, CompleteCryptoHandshake()); |
| 251 EXPECT_TRUE(stream_.encryption_established()); | 255 EXPECT_TRUE(stream_.encryption_established()); |
| 252 EXPECT_TRUE(stream_.handshake_confirmed()); | 256 EXPECT_TRUE(stream_.handshake_confirmed()); |
| 253 } | 257 } |
| 254 | 258 |
| 255 TEST_P(QuicCryptoServerStreamTest, ChannelID) { | 259 TEST_P(QuicCryptoServerStreamTest, ChannelID) { |
| 256 client_options_.channel_id_enabled = true; | 260 client_options_.channel_id_enabled = true; |
| 257 // CompleteCryptoHandshake verifies | 261 // CompleteCryptoHandshake verifies |
| 258 // stream_.crypto_negotiated_params().channel_id is correct. | 262 // stream_.crypto_negotiated_params().channel_id is correct. |
| 259 EXPECT_EQ(2, CompleteCryptoHandshake()); | 263 EXPECT_EQ(2, CompleteCryptoHandshake()); |
| 260 EXPECT_TRUE(stream_.encryption_established()); | 264 EXPECT_TRUE(stream_.encryption_established()); |
| 261 EXPECT_TRUE(stream_.handshake_confirmed()); | 265 EXPECT_TRUE(stream_.handshake_confirmed()); |
| 262 } | 266 } |
| 263 | 267 |
| 264 } // namespace | 268 } // namespace |
| 265 } // namespace test | 269 } // namespace test |
| 266 } // namespace net | 270 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
