OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
10 #include "net/base/address_list.h" | 10 #include "net/base/address_list.h" |
(...skipping 569 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
580 base::Time delete_end, | 580 base::Time delete_end, |
581 const base::Closure& completion_callback) | 581 const base::Closure& completion_callback) |
582 OVERRIDE {} | 582 OVERRIDE {} |
583 virtual void DeleteAll(const base::Closure& completion_callback) OVERRIDE {} | 583 virtual void DeleteAll(const base::Closure& completion_callback) OVERRIDE {} |
584 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) | 584 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) |
585 OVERRIDE {} | 585 OVERRIDE {} |
586 virtual int GetCertCount() OVERRIDE { return 0; } | 586 virtual int GetCertCount() OVERRIDE { return 0; } |
587 virtual void SetForceKeepSessionState() OVERRIDE {} | 587 virtual void SetForceKeepSessionState() OVERRIDE {} |
588 }; | 588 }; |
589 | 589 |
590 // A ServerBoundCertStore that asynchronously returns an error when asked for a | |
591 // certificate. | |
592 class AsyncFailingServerBoundCertStore : public ServerBoundCertStore { | |
593 virtual int GetServerBoundCert(const std::string& server_identifier, | |
594 base::Time* expiration_time, | |
595 std::string* private_key_result, | |
596 std::string* cert_result, | |
597 const GetCertCallback& callback) OVERRIDE { | |
598 base::MessageLoop::current()->PostTask( | |
599 FROM_HERE, base::Bind(callback, ERR_UNEXPECTED, | |
600 server_identifier, base::Time(), "", "")); | |
601 return ERR_IO_PENDING; | |
602 } | |
603 virtual void SetServerBoundCert(const std::string& server_identifier, | |
604 base::Time creation_time, | |
605 base::Time expiration_time, | |
606 const std::string& private_key, | |
607 const std::string& cert) OVERRIDE {} | |
608 virtual void DeleteServerBoundCert(const std::string& server_identifier, | |
609 const base::Closure& completion_callback) | |
610 OVERRIDE {} | |
611 virtual void DeleteAllCreatedBetween(base::Time delete_begin, | |
612 base::Time delete_end, | |
613 const base::Closure& completion_callback) | |
614 OVERRIDE {} | |
615 virtual void DeleteAll(const base::Closure& completion_callback) OVERRIDE {} | |
616 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) | |
617 OVERRIDE {} | |
618 virtual int GetCertCount() OVERRIDE { return 0; } | |
619 virtual void SetForceKeepSessionState() OVERRIDE {} | |
620 }; | |
621 | |
590 class SSLClientSocketTest : public PlatformTest { | 622 class SSLClientSocketTest : public PlatformTest { |
591 public: | 623 public: |
592 SSLClientSocketTest() | 624 SSLClientSocketTest() |
593 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), | 625 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), |
594 cert_verifier_(new MockCertVerifier), | 626 cert_verifier_(new MockCertVerifier), |
595 transport_security_state_(new TransportSecurityState) { | 627 transport_security_state_(new TransportSecurityState) { |
596 cert_verifier_->set_default_result(OK); | 628 cert_verifier_->set_default_result(OK); |
597 context_.cert_verifier = cert_verifier_.get(); | 629 context_.cert_verifier = cert_verifier_.get(); |
598 context_.transport_security_state = transport_security_state_.get(); | 630 context_.transport_security_state = transport_security_state_.get(); |
599 } | 631 } |
(...skipping 244 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
844 base::MessageLoopProxy::current())); | 876 base::MessageLoopProxy::current())); |
845 context_.server_bound_cert_service = cert_service_.get(); | 877 context_.server_bound_cert_service = cert_service_.get(); |
846 } | 878 } |
847 | 879 |
848 void EnableFailingChannelID() { | 880 void EnableFailingChannelID() { |
849 cert_service_.reset(new ServerBoundCertService( | 881 cert_service_.reset(new ServerBoundCertService( |
850 new FailingServerBoundCertStore(), base::MessageLoopProxy::current())); | 882 new FailingServerBoundCertStore(), base::MessageLoopProxy::current())); |
851 context_.server_bound_cert_service = cert_service_.get(); | 883 context_.server_bound_cert_service = cert_service_.get(); |
852 } | 884 } |
853 | 885 |
886 void EnableAsyncFailingChannelID() { | |
887 cert_service_.reset(new ServerBoundCertService( | |
888 new AsyncFailingServerBoundCertStore(), | |
889 base::MessageLoopProxy::current())); | |
890 context_.server_bound_cert_service = cert_service_.get(); | |
891 } | |
892 | |
854 private: | 893 private: |
855 scoped_ptr<ServerBoundCertService> cert_service_; | 894 scoped_ptr<ServerBoundCertService> cert_service_; |
856 }; | 895 }; |
857 | 896 |
858 //----------------------------------------------------------------------------- | 897 //----------------------------------------------------------------------------- |
859 | 898 |
860 // LogContainsSSLConnectEndEvent returns true if the given index in the given | 899 // LogContainsSSLConnectEndEvent returns true if the given index in the given |
861 // log is an SSL connect end event. The NSS sockets will cork in an attempt to | 900 // log is an SSL connect end event. The NSS sockets will cork in an attempt to |
862 // merge the first application data record with the Finished message when false | 901 // merge the first application data record with the Finished message when false |
863 // starting. However, in order to avoid the server timing out the handshake, | 902 // starting. However, in order to avoid the server timing out the handshake, |
(...skipping 1745 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2609 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2648 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2610 | 2649 |
2611 EXPECT_EQ(OK, rv); | 2650 EXPECT_EQ(OK, rv); |
2612 EXPECT_TRUE(sock_->IsConnected()); | 2651 EXPECT_TRUE(sock_->IsConnected()); |
2613 EXPECT_TRUE(sock_->WasChannelIDSent()); | 2652 EXPECT_TRUE(sock_->WasChannelIDSent()); |
2614 | 2653 |
2615 sock_->Disconnect(); | 2654 sock_->Disconnect(); |
2616 EXPECT_FALSE(sock_->IsConnected()); | 2655 EXPECT_FALSE(sock_->IsConnected()); |
2617 } | 2656 } |
2618 | 2657 |
2619 // Connect to a server using channel id but without sending a key. It should | 2658 // Connect to a server using channel id but failing to query the store. It |
wtc
2014/06/19 22:00:11
Nit: "failing to query the store" sounds like we d
davidben
2014/06/19 22:36:38
Done.
| |
2620 // fail. | 2659 // should fail. |
2621 TEST_F(SSLClientSocketChannelIDTest, FailingChannelID) { | 2660 TEST_F(SSLClientSocketChannelIDTest, FailingChannelID) { |
2622 SpawnedTestServer::SSLOptions ssl_options; | 2661 SpawnedTestServer::SSLOptions ssl_options; |
2623 | 2662 |
2624 ASSERT_TRUE(ConnectToTestServer(ssl_options)); | 2663 ASSERT_TRUE(ConnectToTestServer(ssl_options)); |
2625 | 2664 |
2626 EnableFailingChannelID(); | 2665 EnableFailingChannelID(); |
2627 SSLConfig ssl_config = kDefaultSSLConfig; | 2666 SSLConfig ssl_config = kDefaultSSLConfig; |
2628 ssl_config.channel_id_enabled = true; | 2667 ssl_config.channel_id_enabled = true; |
2629 | 2668 |
2630 int rv; | 2669 int rv; |
2631 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2670 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2632 | 2671 |
2633 // TODO(haavardm@opera.com): Due to differences in threading, Linux returns | 2672 // TODO(haavardm@opera.com): Due to differences in threading, Linux returns |
2634 // ERR_UNEXPECTED while Mac and Windows return ERR_PROTOCOL_ERROR. Accept all | 2673 // ERR_UNEXPECTED while Mac and Windows return ERR_PROTOCOL_ERROR. Accept all |
2635 // error codes for now. | 2674 // error codes for now. |
2636 // http://crbug.com/373670 | 2675 // http://crbug.com/373670 |
2637 EXPECT_NE(OK, rv); | 2676 EXPECT_NE(OK, rv); |
2638 EXPECT_FALSE(sock_->IsConnected()); | 2677 EXPECT_FALSE(sock_->IsConnected()); |
2639 } | 2678 } |
2640 | 2679 |
2680 // Connect to a server using channel id but asynchronously failing to query the | |
2681 // store. It should fail. | |
2682 TEST_F(SSLClientSocketChannelIDTest, FailingChannelIDAsync) { | |
2683 SpawnedTestServer::SSLOptions ssl_options; | |
2684 | |
2685 ASSERT_TRUE(ConnectToTestServer(ssl_options)); | |
2686 | |
2687 EnableAsyncFailingChannelID(); | |
2688 SSLConfig ssl_config = kDefaultSSLConfig; | |
2689 ssl_config.channel_id_enabled = true; | |
2690 | |
2691 int rv; | |
2692 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | |
2693 | |
2694 EXPECT_EQ(ERR_UNEXPECTED, rv); | |
2695 EXPECT_FALSE(sock_->IsConnected()); | |
2696 } | |
2697 | |
2641 } // namespace net | 2698 } // namespace net |
OLD | NEW |