| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/core/quic_crypto_server_stream.h" | 5 #include "net/quic/core/quic_crypto_server_stream.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 52 }; | 52 }; |
| 53 | 53 |
| 54 namespace { | 54 namespace { |
| 55 | 55 |
| 56 const char kServerHostname[] = "test.example.com"; | 56 const char kServerHostname[] = "test.example.com"; |
| 57 const uint16_t kServerPort = 443; | 57 const uint16_t kServerPort = 443; |
| 58 | 58 |
| 59 class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> { | 59 class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> { |
| 60 public: | 60 public: |
| 61 QuicCryptoServerStreamTest() | 61 QuicCryptoServerStreamTest() |
| 62 : QuicCryptoServerStreamTest(CryptoTestUtils::ProofSourceForTesting()) {} | 62 : QuicCryptoServerStreamTest(crypto_test_utils::ProofSourceForTesting()) { |
| 63 } |
| 63 | 64 |
| 64 explicit QuicCryptoServerStreamTest(std::unique_ptr<ProofSource> proof_source) | 65 explicit QuicCryptoServerStreamTest(std::unique_ptr<ProofSource> proof_source) |
| 65 : server_crypto_config_(QuicCryptoServerConfig::TESTING, | 66 : server_crypto_config_(QuicCryptoServerConfig::TESTING, |
| 66 QuicRandom::GetInstance(), | 67 QuicRandom::GetInstance(), |
| 67 std::move(proof_source)), | 68 std::move(proof_source)), |
| 68 server_compressed_certs_cache_( | 69 server_compressed_certs_cache_( |
| 69 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize), | 70 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize), |
| 70 server_id_(kServerHostname, kServerPort, PRIVACY_MODE_DISABLED), | 71 server_id_(kServerHostname, kServerPort, PRIVACY_MODE_DISABLED), |
| 71 client_crypto_config_(CryptoTestUtils::ProofVerifierForTesting()) { | 72 client_crypto_config_(crypto_test_utils::ProofVerifierForTesting()) { |
| 72 FLAGS_quic_reloadable_flag_enable_quic_stateless_reject_support = false; | 73 FLAGS_quic_reloadable_flag_enable_quic_stateless_reject_support = false; |
| 73 } | 74 } |
| 74 | 75 |
| 75 void Initialize() { InitializeServer(); } | 76 void Initialize() { InitializeServer(); } |
| 76 | 77 |
| 77 ~QuicCryptoServerStreamTest() override { | 78 ~QuicCryptoServerStreamTest() override { |
| 78 // Ensure that anything that might reference |helpers_| is destroyed before | 79 // Ensure that anything that might reference |helpers_| is destroyed before |
| 79 // |helpers_| is destroyed. | 80 // |helpers_| is destroyed. |
| 80 server_session_.reset(); | 81 server_session_.reset(); |
| 81 client_session_.reset(); | 82 client_session_.reset(); |
| 82 helpers_.clear(); | 83 helpers_.clear(); |
| 83 alarm_factories_.clear(); | 84 alarm_factories_.clear(); |
| 84 } | 85 } |
| 85 | 86 |
| 86 // Initializes the crypto server stream state for testing. May be | 87 // Initializes the crypto server stream state for testing. May be |
| 87 // called multiple times. | 88 // called multiple times. |
| 88 void InitializeServer() { | 89 void InitializeServer() { |
| 89 TestQuicSpdyServerSession* server_session = nullptr; | 90 TestQuicSpdyServerSession* server_session = nullptr; |
| 90 helpers_.push_back(QuicMakeUnique<MockQuicConnectionHelper>()); | 91 helpers_.push_back(QuicMakeUnique<MockQuicConnectionHelper>()); |
| 91 alarm_factories_.push_back(QuicMakeUnique<MockAlarmFactory>()); | 92 alarm_factories_.push_back(QuicMakeUnique<MockAlarmFactory>()); |
| 92 CreateServerSessionForTest( | 93 CreateServerSessionForTest( |
| 93 server_id_, QuicTime::Delta::FromSeconds(100000), supported_versions_, | 94 server_id_, QuicTime::Delta::FromSeconds(100000), supported_versions_, |
| 94 helpers_.back().get(), alarm_factories_.back().get(), | 95 helpers_.back().get(), alarm_factories_.back().get(), |
| 95 &server_crypto_config_, &server_compressed_certs_cache_, | 96 &server_crypto_config_, &server_compressed_certs_cache_, |
| 96 &server_connection_, &server_session); | 97 &server_connection_, &server_session); |
| 97 CHECK(server_session); | 98 CHECK(server_session); |
| 98 server_session_.reset(server_session); | 99 server_session_.reset(server_session); |
| 99 CryptoTestUtils::FakeServerOptions options; | 100 crypto_test_utils::FakeServerOptions options; |
| 100 options.token_binding_params = QuicTagVector{kTB10}; | 101 options.token_binding_params = QuicTagVector{kTB10}; |
| 101 CryptoTestUtils::SetupCryptoServerConfigForTest( | 102 crypto_test_utils::SetupCryptoServerConfigForTest( |
| 102 server_connection_->clock(), server_connection_->random_generator(), | 103 server_connection_->clock(), server_connection_->random_generator(), |
| 103 &server_crypto_config_, options); | 104 &server_crypto_config_, options); |
| 104 } | 105 } |
| 105 | 106 |
| 106 QuicCryptoServerStream* server_stream() { | 107 QuicCryptoServerStream* server_stream() { |
| 107 return server_session_->GetCryptoStream(); | 108 return server_session_->GetCryptoStream(); |
| 108 } | 109 } |
| 109 | 110 |
| 110 QuicCryptoClientStream* client_stream() { | 111 QuicCryptoClientStream* client_stream() { |
| 111 return client_session_->GetCryptoStream(); | 112 return client_session_->GetCryptoStream(); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 127 } | 128 } |
| 128 | 129 |
| 129 void ConstructHandshakeMessage() { | 130 void ConstructHandshakeMessage() { |
| 130 CryptoFramer framer; | 131 CryptoFramer framer; |
| 131 message_data_.reset(framer.ConstructHandshakeMessage(message_)); | 132 message_data_.reset(framer.ConstructHandshakeMessage(message_)); |
| 132 } | 133 } |
| 133 | 134 |
| 134 int CompleteCryptoHandshake() { | 135 int CompleteCryptoHandshake() { |
| 135 CHECK(server_connection_); | 136 CHECK(server_connection_); |
| 136 CHECK(server_session_ != nullptr); | 137 CHECK(server_session_ != nullptr); |
| 137 return CryptoTestUtils::HandshakeWithFakeClient( | 138 return crypto_test_utils::HandshakeWithFakeClient( |
| 138 helpers_.back().get(), alarm_factories_.back().get(), | 139 helpers_.back().get(), alarm_factories_.back().get(), |
| 139 server_connection_, server_stream(), server_id_, client_options_); | 140 server_connection_, server_stream(), server_id_, client_options_); |
| 140 } | 141 } |
| 141 | 142 |
| 142 // Performs a single round of handshake message-exchange between the | 143 // Performs a single round of handshake message-exchange between the |
| 143 // client and server. | 144 // client and server. |
| 144 void AdvanceHandshakeWithFakeClient() { | 145 void AdvanceHandshakeWithFakeClient() { |
| 145 CHECK(server_connection_); | 146 CHECK(server_connection_); |
| 146 CHECK(client_session_ != nullptr); | 147 CHECK(client_session_ != nullptr); |
| 147 | 148 |
| 148 EXPECT_CALL(*client_session_, OnProofValid(_)).Times(testing::AnyNumber()); | 149 EXPECT_CALL(*client_session_, OnProofValid(_)).Times(testing::AnyNumber()); |
| 149 client_stream()->CryptoConnect(); | 150 client_stream()->CryptoConnect(); |
| 150 CryptoTestUtils::AdvanceHandshake(client_connection_, client_stream(), 0, | 151 crypto_test_utils::AdvanceHandshake(client_connection_, client_stream(), 0, |
| 151 server_connection_, server_stream(), 0); | 152 server_connection_, server_stream(), 0); |
| 152 } | 153 } |
| 153 | 154 |
| 154 protected: | 155 protected: |
| 155 QuicFlagSaver flags_; // Save/restore all QUIC flag values. | 156 QuicFlagSaver flags_; // Save/restore all QUIC flag values. |
| 156 | 157 |
| 157 // Every connection gets its own MockQuicConnectionHelper and | 158 // Every connection gets its own MockQuicConnectionHelper and |
| 158 // MockAlarmFactory, tracked separately from the server and client state so | 159 // MockAlarmFactory, tracked separately from the server and client state so |
| 159 // their lifetimes persist through the whole test. | 160 // their lifetimes persist through the whole test. |
| 160 std::vector<std::unique_ptr<MockQuicConnectionHelper>> helpers_; | 161 std::vector<std::unique_ptr<MockQuicConnectionHelper>> helpers_; |
| 161 std::vector<std::unique_ptr<MockAlarmFactory>> alarm_factories_; | 162 std::vector<std::unique_ptr<MockAlarmFactory>> alarm_factories_; |
| 162 | 163 |
| 163 // Server state. | 164 // Server state. |
| 164 PacketSavingConnection* server_connection_; | 165 PacketSavingConnection* server_connection_; |
| 165 std::unique_ptr<TestQuicSpdyServerSession> server_session_; | 166 std::unique_ptr<TestQuicSpdyServerSession> server_session_; |
| 166 QuicCryptoServerConfig server_crypto_config_; | 167 QuicCryptoServerConfig server_crypto_config_; |
| 167 QuicCompressedCertsCache server_compressed_certs_cache_; | 168 QuicCompressedCertsCache server_compressed_certs_cache_; |
| 168 QuicServerId server_id_; | 169 QuicServerId server_id_; |
| 169 | 170 |
| 170 // Client state. | 171 // Client state. |
| 171 PacketSavingConnection* client_connection_; | 172 PacketSavingConnection* client_connection_; |
| 172 QuicCryptoClientConfig client_crypto_config_; | 173 QuicCryptoClientConfig client_crypto_config_; |
| 173 std::unique_ptr<TestQuicSpdyClientSession> client_session_; | 174 std::unique_ptr<TestQuicSpdyClientSession> client_session_; |
| 174 | 175 |
| 175 CryptoHandshakeMessage message_; | 176 CryptoHandshakeMessage message_; |
| 176 std::unique_ptr<QuicData> message_data_; | 177 std::unique_ptr<QuicData> message_data_; |
| 177 CryptoTestUtils::FakeClientOptions client_options_; | 178 crypto_test_utils::FakeClientOptions client_options_; |
| 178 | 179 |
| 179 // Which QUIC versions the client and server support. | 180 // Which QUIC versions the client and server support. |
| 180 QuicVersionVector supported_versions_ = AllSupportedVersions(); | 181 QuicVersionVector supported_versions_ = AllSupportedVersions(); |
| 181 }; | 182 }; |
| 182 | 183 |
| 183 INSTANTIATE_TEST_CASE_P(Tests, QuicCryptoServerStreamTest, testing::Bool()); | 184 INSTANTIATE_TEST_CASE_P(Tests, QuicCryptoServerStreamTest, testing::Bool()); |
| 184 | 185 |
| 185 TEST_P(QuicCryptoServerStreamTest, NotInitiallyConected) { | 186 TEST_P(QuicCryptoServerStreamTest, NotInitiallyConected) { |
| 186 Initialize(); | 187 Initialize(); |
| 187 EXPECT_FALSE(server_stream()->encryption_established()); | 188 EXPECT_FALSE(server_stream()->encryption_established()); |
| (...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 332 // information. | 333 // information. |
| 333 AdvanceHandshakeWithFakeClient(); | 334 AdvanceHandshakeWithFakeClient(); |
| 334 | 335 |
| 335 // Now do another handshake, hopefully in 0-RTT. | 336 // Now do another handshake, hopefully in 0-RTT. |
| 336 QUIC_LOG(INFO) << "Resetting for 0-RTT handshake attempt"; | 337 QUIC_LOG(INFO) << "Resetting for 0-RTT handshake attempt"; |
| 337 InitializeFakeClient(/* supports_stateless_rejects= */ false); | 338 InitializeFakeClient(/* supports_stateless_rejects= */ false); |
| 338 InitializeServer(); | 339 InitializeServer(); |
| 339 | 340 |
| 340 client_stream()->CryptoConnect(); | 341 client_stream()->CryptoConnect(); |
| 341 | 342 |
| 342 CryptoTestUtils::CommunicateHandshakeMessages( | 343 crypto_test_utils::CommunicateHandshakeMessages( |
| 343 client_connection_, client_stream(), server_connection_, server_stream()); | 344 client_connection_, client_stream(), server_connection_, server_stream()); |
| 344 | 345 |
| 345 EXPECT_EQ(1, client_stream()->num_sent_client_hellos()); | 346 EXPECT_EQ(1, client_stream()->num_sent_client_hellos()); |
| 346 } | 347 } |
| 347 | 348 |
| 348 TEST_P(QuicCryptoServerStreamTest, FailByPolicy) { | 349 TEST_P(QuicCryptoServerStreamTest, FailByPolicy) { |
| 349 Initialize(); | 350 Initialize(); |
| 350 InitializeFakeClient(/* supports_stateless_rejects= */ false); | 351 InitializeFakeClient(/* supports_stateless_rejects= */ false); |
| 351 | 352 |
| 352 EXPECT_CALL(*server_session_->helper(), CanAcceptClientHello(_, _, _)) | 353 EXPECT_CALL(*server_session_->helper(), CanAcceptClientHello(_, _, _)) |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 410 // An attempt to send a SCUP before completing handshake should fail. | 411 // An attempt to send a SCUP before completing handshake should fail. |
| 411 Initialize(); | 412 Initialize(); |
| 412 | 413 |
| 413 server_stream()->SendServerConfigUpdate(nullptr); | 414 server_stream()->SendServerConfigUpdate(nullptr); |
| 414 EXPECT_EQ(0, server_stream()->NumServerConfigUpdateMessagesSent()); | 415 EXPECT_EQ(0, server_stream()->NumServerConfigUpdateMessagesSent()); |
| 415 } | 416 } |
| 416 | 417 |
| 417 TEST_P(QuicCryptoServerStreamTest, SendSCUPAfterHandshakeComplete) { | 418 TEST_P(QuicCryptoServerStreamTest, SendSCUPAfterHandshakeComplete) { |
| 418 // Do not send MAX_HEADER_LIST_SIZE SETTING frame. | 419 // Do not send MAX_HEADER_LIST_SIZE SETTING frame. |
| 419 // TODO(fayang): This SETTING frame cannot be decrypted and | 420 // TODO(fayang): This SETTING frame cannot be decrypted and |
| 420 // CryptoTestUtils::MovePackets stops processing parsing following packets. | 421 // crypto_test_utils::MovePackets stops processing parsing following packets. |
| 421 // Actually, crypto stream test should use QuicSession instead of | 422 // Actually, crypto stream test should use QuicSession instead of |
| 422 // QuicSpdySession (b/32366134). | 423 // QuicSpdySession (b/32366134). |
| 423 FLAGS_quic_reloadable_flag_quic_send_max_header_list_size = false; | 424 FLAGS_quic_reloadable_flag_quic_send_max_header_list_size = false; |
| 424 Initialize(); | 425 Initialize(); |
| 425 | 426 |
| 426 InitializeFakeClient(/* supports_stateless_rejects= */ false); | 427 InitializeFakeClient(/* supports_stateless_rejects= */ false); |
| 427 | 428 |
| 428 // Do a first handshake in order to prime the client config with the server's | 429 // Do a first handshake in order to prime the client config with the server's |
| 429 // information. | 430 // information. |
| 430 AdvanceHandshakeWithFakeClient(); | 431 AdvanceHandshakeWithFakeClient(); |
| 431 | 432 |
| 432 // Now do another handshake, with the blocking SHLO connection option. | 433 // Now do another handshake, with the blocking SHLO connection option. |
| 433 InitializeServer(); | 434 InitializeServer(); |
| 434 InitializeFakeClient(/* supports_stateless_rejects= */ false); | 435 InitializeFakeClient(/* supports_stateless_rejects= */ false); |
| 435 AdvanceHandshakeWithFakeClient(); | 436 AdvanceHandshakeWithFakeClient(); |
| 436 | 437 |
| 437 // Send a SCUP message and ensure that the client was able to verify it. | 438 // Send a SCUP message and ensure that the client was able to verify it. |
| 438 EXPECT_CALL(*client_connection_, CloseConnection(_, _, _)).Times(0); | 439 EXPECT_CALL(*client_connection_, CloseConnection(_, _, _)).Times(0); |
| 439 server_stream()->SendServerConfigUpdate(nullptr); | 440 server_stream()->SendServerConfigUpdate(nullptr); |
| 440 CryptoTestUtils::AdvanceHandshake(client_connection_, client_stream(), 1, | 441 crypto_test_utils::AdvanceHandshake(client_connection_, client_stream(), 1, |
| 441 server_connection_, server_stream(), 1); | 442 server_connection_, server_stream(), 1); |
| 442 | 443 |
| 443 EXPECT_EQ(1, server_stream()->NumServerConfigUpdateMessagesSent()); | 444 EXPECT_EQ(1, server_stream()->NumServerConfigUpdateMessagesSent()); |
| 444 EXPECT_EQ(1, client_stream()->num_scup_messages_received()); | 445 EXPECT_EQ(1, client_stream()->num_scup_messages_received()); |
| 445 } | 446 } |
| 446 | 447 |
| 447 TEST_P(QuicCryptoServerStreamTest, DoesPeerSupportStatelessRejects) { | 448 TEST_P(QuicCryptoServerStreamTest, DoesPeerSupportStatelessRejects) { |
| 448 Initialize(); | 449 Initialize(); |
| 449 | 450 |
| 450 ConstructHandshakeMessage(); | 451 ConstructHandshakeMessage(); |
| 451 QuicConfig stateless_reject_config = DefaultQuicConfigStatelessRejects(); | 452 QuicConfig stateless_reject_config = DefaultQuicConfigStatelessRejects(); |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 500 | 501 |
| 501 // Regression test for b/31521252, in which a crash would happen here. | 502 // Regression test for b/31521252, in which a crash would happen here. |
| 502 AdvanceHandshakeWithFakeClient(); | 503 AdvanceHandshakeWithFakeClient(); |
| 503 EXPECT_FALSE(server_stream()->encryption_established()); | 504 EXPECT_FALSE(server_stream()->encryption_established()); |
| 504 EXPECT_FALSE(server_stream()->handshake_confirmed()); | 505 EXPECT_FALSE(server_stream()->handshake_confirmed()); |
| 505 } | 506 } |
| 506 | 507 |
| 507 } // namespace | 508 } // namespace |
| 508 } // namespace test | 509 } // namespace test |
| 509 } // namespace net | 510 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2681793002:
Landing Recent QUIC changes until 5:30 PM, Feb 3, 2017 UTC-5 (Closed)
