| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/chromium/quic_stream_factory.h" | 5 #include "net/quic/chromium/quic_stream_factory.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <ostream> | 8 #include <ostream> |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| (...skipping 5373 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5384 origin1_ = HostPortPair::FromURL(url); | 5384 origin1_ = HostPortPair::FromURL(url); |
| 5385 | 5385 |
| 5386 // Not used for requests, but this provides a test case where the certificate | 5386 // Not used for requests, but this provides a test case where the certificate |
| 5387 // is valid for the hostname of the alternative service. | 5387 // is valid for the hostname of the alternative service. |
| 5388 origin2_ = HostPortPair("mail.example.org", 433); | 5388 origin2_ = HostPortPair("mail.example.org", 433); |
| 5389 | 5389 |
| 5390 HostPortPair destination = GetDestination(); | 5390 HostPortPair destination = GetDestination(); |
| 5391 | 5391 |
| 5392 scoped_refptr<X509Certificate> cert( | 5392 scoped_refptr<X509Certificate> cert( |
| 5393 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); | 5393 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); |
| 5394 bool unused; | 5394 ASSERT_FALSE(cert->VerifyNameMatch(origin1_.host(), false)); |
| 5395 ASSERT_FALSE(cert->VerifyNameMatch(origin1_.host(), &unused)); | 5395 ASSERT_TRUE(cert->VerifyNameMatch(origin2_.host(), false)); |
| 5396 ASSERT_TRUE(cert->VerifyNameMatch(origin2_.host(), &unused)); | |
| 5397 | 5396 |
| 5398 ProofVerifyDetailsChromium verify_details; | 5397 ProofVerifyDetailsChromium verify_details; |
| 5399 verify_details.cert_verify_result.verified_cert = cert; | 5398 verify_details.cert_verify_result.verified_cert = cert; |
| 5400 verify_details.cert_verify_result.is_issued_by_known_root = true; | 5399 verify_details.cert_verify_result.is_issued_by_known_root = true; |
| 5401 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 5400 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 5402 | 5401 |
| 5403 AddHangingSocketData(); | 5402 AddHangingSocketData(); |
| 5404 | 5403 |
| 5405 QuicStreamRequest request(factory_.get()); | 5404 QuicStreamRequest request(factory_.get()); |
| 5406 EXPECT_EQ(ERR_IO_PENDING, request.Request(destination, privacy_mode_, | 5405 EXPECT_EQ(ERR_IO_PENDING, request.Request(destination, privacy_mode_, |
| (...skipping 11 matching lines...) Expand all Loading... |
| 5418 | 5417 |
| 5419 GURL url1("https://www.example.org/"); | 5418 GURL url1("https://www.example.org/"); |
| 5420 GURL url2("https://mail.example.org/"); | 5419 GURL url2("https://mail.example.org/"); |
| 5421 origin1_ = HostPortPair::FromURL(url1); | 5420 origin1_ = HostPortPair::FromURL(url1); |
| 5422 origin2_ = HostPortPair::FromURL(url2); | 5421 origin2_ = HostPortPair::FromURL(url2); |
| 5423 | 5422 |
| 5424 HostPortPair destination = GetDestination(); | 5423 HostPortPair destination = GetDestination(); |
| 5425 | 5424 |
| 5426 scoped_refptr<X509Certificate> cert( | 5425 scoped_refptr<X509Certificate> cert( |
| 5427 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); | 5426 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); |
| 5428 bool unused; | 5427 ASSERT_TRUE(cert->VerifyNameMatch(origin1_.host(), false)); |
| 5429 ASSERT_TRUE(cert->VerifyNameMatch(origin1_.host(), &unused)); | 5428 ASSERT_TRUE(cert->VerifyNameMatch(origin2_.host(), false)); |
| 5430 ASSERT_TRUE(cert->VerifyNameMatch(origin2_.host(), &unused)); | 5429 ASSERT_FALSE(cert->VerifyNameMatch(kDifferentHostname, false)); |
| 5431 ASSERT_FALSE(cert->VerifyNameMatch(kDifferentHostname, &unused)); | |
| 5432 | 5430 |
| 5433 ProofVerifyDetailsChromium verify_details; | 5431 ProofVerifyDetailsChromium verify_details; |
| 5434 verify_details.cert_verify_result.verified_cert = cert; | 5432 verify_details.cert_verify_result.verified_cert = cert; |
| 5435 verify_details.cert_verify_result.is_issued_by_known_root = true; | 5433 verify_details.cert_verify_result.is_issued_by_known_root = true; |
| 5436 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); | 5434 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details); |
| 5437 | 5435 |
| 5438 MockRead reads[] = {MockRead(SYNCHRONOUS, ERR_IO_PENDING, 0)}; | 5436 MockRead reads[] = {MockRead(SYNCHRONOUS, ERR_IO_PENDING, 0)}; |
| 5439 std::unique_ptr<QuicEncryptedPacket> settings_packet( | 5437 std::unique_ptr<QuicEncryptedPacket> settings_packet( |
| 5440 client_maker_.MakeSettingsPacket(1, SETTINGS_MAX_HEADER_LIST_SIZE, | 5438 client_maker_.MakeSettingsPacket(1, SETTINGS_MAX_HEADER_LIST_SIZE, |
| 5441 kDefaultMaxUncompressedHeaderSize, true, | 5439 kDefaultMaxUncompressedHeaderSize, true, |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5484 | 5482 |
| 5485 GURL url1("https://www.example.org/"); | 5483 GURL url1("https://www.example.org/"); |
| 5486 GURL url2("https://mail.example.org/"); | 5484 GURL url2("https://mail.example.org/"); |
| 5487 origin1_ = HostPortPair::FromURL(url1); | 5485 origin1_ = HostPortPair::FromURL(url1); |
| 5488 origin2_ = HostPortPair::FromURL(url2); | 5486 origin2_ = HostPortPair::FromURL(url2); |
| 5489 | 5487 |
| 5490 HostPortPair destination = GetDestination(); | 5488 HostPortPair destination = GetDestination(); |
| 5491 | 5489 |
| 5492 scoped_refptr<X509Certificate> cert( | 5490 scoped_refptr<X509Certificate> cert( |
| 5493 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); | 5491 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); |
| 5494 bool unused; | 5492 ASSERT_TRUE(cert->VerifyNameMatch(origin1_.host(), false)); |
| 5495 ASSERT_TRUE(cert->VerifyNameMatch(origin1_.host(), &unused)); | 5493 ASSERT_TRUE(cert->VerifyNameMatch(origin2_.host(), false)); |
| 5496 ASSERT_TRUE(cert->VerifyNameMatch(origin2_.host(), &unused)); | 5494 ASSERT_FALSE(cert->VerifyNameMatch(kDifferentHostname, false)); |
| 5497 ASSERT_FALSE(cert->VerifyNameMatch(kDifferentHostname, &unused)); | |
| 5498 | 5495 |
| 5499 ProofVerifyDetailsChromium verify_details1; | 5496 ProofVerifyDetailsChromium verify_details1; |
| 5500 verify_details1.cert_verify_result.verified_cert = cert; | 5497 verify_details1.cert_verify_result.verified_cert = cert; |
| 5501 verify_details1.cert_verify_result.is_issued_by_known_root = true; | 5498 verify_details1.cert_verify_result.is_issued_by_known_root = true; |
| 5502 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details1); | 5499 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details1); |
| 5503 | 5500 |
| 5504 ProofVerifyDetailsChromium verify_details2; | 5501 ProofVerifyDetailsChromium verify_details2; |
| 5505 verify_details2.cert_verify_result.verified_cert = cert; | 5502 verify_details2.cert_verify_result.verified_cert = cert; |
| 5506 verify_details2.cert_verify_result.is_issued_by_known_root = true; | 5503 verify_details2.cert_verify_result.is_issued_by_known_root = true; |
| 5507 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details2); | 5504 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details2); |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5565 | 5562 |
| 5566 GURL url1("https://news.example.org/"); | 5563 GURL url1("https://news.example.org/"); |
| 5567 GURL url2("https://mail.example.com/"); | 5564 GURL url2("https://mail.example.com/"); |
| 5568 origin1_ = HostPortPair::FromURL(url1); | 5565 origin1_ = HostPortPair::FromURL(url1); |
| 5569 origin2_ = HostPortPair::FromURL(url2); | 5566 origin2_ = HostPortPair::FromURL(url2); |
| 5570 | 5567 |
| 5571 HostPortPair destination = GetDestination(); | 5568 HostPortPair destination = GetDestination(); |
| 5572 | 5569 |
| 5573 scoped_refptr<X509Certificate> cert1( | 5570 scoped_refptr<X509Certificate> cert1( |
| 5574 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); | 5571 ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem")); |
| 5575 bool unused; | 5572 ASSERT_TRUE(cert1->VerifyNameMatch(origin1_.host(), false)); |
| 5576 ASSERT_TRUE(cert1->VerifyNameMatch(origin1_.host(), &unused)); | 5573 ASSERT_FALSE(cert1->VerifyNameMatch(origin2_.host(), false)); |
| 5577 ASSERT_FALSE(cert1->VerifyNameMatch(origin2_.host(), &unused)); | 5574 ASSERT_FALSE(cert1->VerifyNameMatch(kDifferentHostname, false)); |
| 5578 ASSERT_FALSE(cert1->VerifyNameMatch(kDifferentHostname, &unused)); | |
| 5579 | 5575 |
| 5580 ProofVerifyDetailsChromium verify_details1; | 5576 ProofVerifyDetailsChromium verify_details1; |
| 5581 verify_details1.cert_verify_result.verified_cert = cert1; | 5577 verify_details1.cert_verify_result.verified_cert = cert1; |
| 5582 verify_details1.cert_verify_result.is_issued_by_known_root = true; | 5578 verify_details1.cert_verify_result.is_issued_by_known_root = true; |
| 5583 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details1); | 5579 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details1); |
| 5584 | 5580 |
| 5585 scoped_refptr<X509Certificate> cert2( | 5581 scoped_refptr<X509Certificate> cert2( |
| 5586 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem")); | 5582 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem")); |
| 5587 ASSERT_TRUE(cert2->VerifyNameMatch(origin2_.host(), &unused)); | 5583 ASSERT_TRUE(cert2->VerifyNameMatch(origin2_.host(), false)); |
| 5588 ASSERT_FALSE(cert2->VerifyNameMatch(kDifferentHostname, &unused)); | 5584 ASSERT_FALSE(cert2->VerifyNameMatch(kDifferentHostname, false)); |
| 5589 | 5585 |
| 5590 ProofVerifyDetailsChromium verify_details2; | 5586 ProofVerifyDetailsChromium verify_details2; |
| 5591 verify_details2.cert_verify_result.verified_cert = cert2; | 5587 verify_details2.cert_verify_result.verified_cert = cert2; |
| 5592 verify_details2.cert_verify_result.is_issued_by_known_root = true; | 5588 verify_details2.cert_verify_result.is_issued_by_known_root = true; |
| 5593 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details2); | 5589 crypto_client_stream_factory_.AddProofVerifyDetails(&verify_details2); |
| 5594 | 5590 |
| 5595 MockRead reads[] = {MockRead(SYNCHRONOUS, ERR_IO_PENDING, 0)}; | 5591 MockRead reads[] = {MockRead(SYNCHRONOUS, ERR_IO_PENDING, 0)}; |
| 5596 std::unique_ptr<QuicEncryptedPacket> settings_packet( | 5592 std::unique_ptr<QuicEncryptedPacket> settings_packet( |
| 5597 client_maker_.MakeSettingsPacket(1, SETTINGS_MAX_HEADER_LIST_SIZE, | 5593 client_maker_.MakeSettingsPacket(1, SETTINGS_MAX_HEADER_LIST_SIZE, |
| 5598 kDefaultMaxUncompressedHeaderSize, true, | 5594 kDefaultMaxUncompressedHeaderSize, true, |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5685 // Clear all cached states. | 5681 // Clear all cached states. |
| 5686 factory_->ClearCachedStatesInCryptoConfig( | 5682 factory_->ClearCachedStatesInCryptoConfig( |
| 5687 base::Callback<bool(const GURL&)>()); | 5683 base::Callback<bool(const GURL&)>()); |
| 5688 EXPECT_TRUE(test_cases[0].state->certs().empty()); | 5684 EXPECT_TRUE(test_cases[0].state->certs().empty()); |
| 5689 EXPECT_TRUE(test_cases[1].state->certs().empty()); | 5685 EXPECT_TRUE(test_cases[1].state->certs().empty()); |
| 5690 EXPECT_TRUE(test_cases[2].state->certs().empty()); | 5686 EXPECT_TRUE(test_cases[2].state->certs().empty()); |
| 5691 } | 5687 } |
| 5692 | 5688 |
| 5693 } // namespace test | 5689 } // namespace test |
| 5694 } // namespace net | 5690 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2735733003:
Disable commonName matching for certificates (Closed)
