OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
(...skipping 602 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
613 base::Time delete_end, | 613 base::Time delete_end, |
614 const base::Closure& completion_callback) | 614 const base::Closure& completion_callback) |
615 OVERRIDE {} | 615 OVERRIDE {} |
616 virtual void DeleteAll(const base::Closure& completion_callback) OVERRIDE {} | 616 virtual void DeleteAll(const base::Closure& completion_callback) OVERRIDE {} |
617 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) | 617 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) |
618 OVERRIDE {} | 618 OVERRIDE {} |
619 virtual int GetCertCount() OVERRIDE { return 0; } | 619 virtual int GetCertCount() OVERRIDE { return 0; } |
620 virtual void SetForceKeepSessionState() OVERRIDE {} | 620 virtual void SetForceKeepSessionState() OVERRIDE {} |
621 }; | 621 }; |
622 | 622 |
| 623 // A ServerBoundCertStore that asynchronously returns an error when asked for a |
| 624 // certificate. |
| 625 class AsyncFailingServerBoundCertStore : public ServerBoundCertStore { |
| 626 virtual int GetServerBoundCert(const std::string& server_identifier, |
| 627 base::Time* expiration_time, |
| 628 std::string* private_key_result, |
| 629 std::string* cert_result, |
| 630 const GetCertCallback& callback) OVERRIDE { |
| 631 base::MessageLoop::current()->PostTask( |
| 632 FROM_HERE, base::Bind(callback, ERR_UNEXPECTED, |
| 633 server_identifier, base::Time(), "", "")); |
| 634 return ERR_IO_PENDING; |
| 635 } |
| 636 virtual void SetServerBoundCert(const std::string& server_identifier, |
| 637 base::Time creation_time, |
| 638 base::Time expiration_time, |
| 639 const std::string& private_key, |
| 640 const std::string& cert) OVERRIDE {} |
| 641 virtual void DeleteServerBoundCert(const std::string& server_identifier, |
| 642 const base::Closure& completion_callback) |
| 643 OVERRIDE {} |
| 644 virtual void DeleteAllCreatedBetween(base::Time delete_begin, |
| 645 base::Time delete_end, |
| 646 const base::Closure& completion_callback) |
| 647 OVERRIDE {} |
| 648 virtual void DeleteAll(const base::Closure& completion_callback) OVERRIDE {} |
| 649 virtual void GetAllServerBoundCerts(const GetCertListCallback& callback) |
| 650 OVERRIDE {} |
| 651 virtual int GetCertCount() OVERRIDE { return 0; } |
| 652 virtual void SetForceKeepSessionState() OVERRIDE {} |
| 653 }; |
| 654 |
623 class SSLClientSocketTest : public PlatformTest { | 655 class SSLClientSocketTest : public PlatformTest { |
624 public: | 656 public: |
625 SSLClientSocketTest() | 657 SSLClientSocketTest() |
626 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), | 658 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), |
627 cert_verifier_(new MockCertVerifier), | 659 cert_verifier_(new MockCertVerifier), |
628 transport_security_state_(new TransportSecurityState) { | 660 transport_security_state_(new TransportSecurityState) { |
629 cert_verifier_->set_default_result(OK); | 661 cert_verifier_->set_default_result(OK); |
630 context_.cert_verifier = cert_verifier_.get(); | 662 context_.cert_verifier = cert_verifier_.get(); |
631 context_.transport_security_state = transport_security_state_.get(); | 663 context_.transport_security_state = transport_security_state_.get(); |
632 } | 664 } |
(...skipping 244 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
877 base::MessageLoopProxy::current())); | 909 base::MessageLoopProxy::current())); |
878 context_.server_bound_cert_service = cert_service_.get(); | 910 context_.server_bound_cert_service = cert_service_.get(); |
879 } | 911 } |
880 | 912 |
881 void EnableFailingChannelID() { | 913 void EnableFailingChannelID() { |
882 cert_service_.reset(new ServerBoundCertService( | 914 cert_service_.reset(new ServerBoundCertService( |
883 new FailingServerBoundCertStore(), base::MessageLoopProxy::current())); | 915 new FailingServerBoundCertStore(), base::MessageLoopProxy::current())); |
884 context_.server_bound_cert_service = cert_service_.get(); | 916 context_.server_bound_cert_service = cert_service_.get(); |
885 } | 917 } |
886 | 918 |
| 919 void EnableAsyncFailingChannelID() { |
| 920 cert_service_.reset(new ServerBoundCertService( |
| 921 new AsyncFailingServerBoundCertStore(), |
| 922 base::MessageLoopProxy::current())); |
| 923 context_.server_bound_cert_service = cert_service_.get(); |
| 924 } |
| 925 |
887 private: | 926 private: |
888 scoped_ptr<ServerBoundCertService> cert_service_; | 927 scoped_ptr<ServerBoundCertService> cert_service_; |
889 }; | 928 }; |
890 | 929 |
891 //----------------------------------------------------------------------------- | 930 //----------------------------------------------------------------------------- |
892 | 931 |
893 // LogContainsSSLConnectEndEvent returns true if the given index in the given | 932 // LogContainsSSLConnectEndEvent returns true if the given index in the given |
894 // log is an SSL connect end event. The NSS sockets will cork in an attempt to | 933 // log is an SSL connect end event. The NSS sockets will cork in an attempt to |
895 // merge the first application data record with the Finished message when false | 934 // merge the first application data record with the Finished message when false |
896 // starting. However, in order to avoid the server timing out the handshake, | 935 // starting. However, in order to avoid the server timing out the handshake, |
(...skipping 1814 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2711 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2750 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2712 | 2751 |
2713 EXPECT_EQ(OK, rv); | 2752 EXPECT_EQ(OK, rv); |
2714 EXPECT_TRUE(sock_->IsConnected()); | 2753 EXPECT_TRUE(sock_->IsConnected()); |
2715 EXPECT_TRUE(sock_->WasChannelIDSent()); | 2754 EXPECT_TRUE(sock_->WasChannelIDSent()); |
2716 | 2755 |
2717 sock_->Disconnect(); | 2756 sock_->Disconnect(); |
2718 EXPECT_FALSE(sock_->IsConnected()); | 2757 EXPECT_FALSE(sock_->IsConnected()); |
2719 } | 2758 } |
2720 | 2759 |
2721 // Connect to a server using channel id but without sending a key. It should | 2760 // Connect to a server using Channel ID but failing to look up the Channel |
2722 // fail. | 2761 // ID. It should fail. |
2723 TEST_F(SSLClientSocketChannelIDTest, FailingChannelID) { | 2762 TEST_F(SSLClientSocketChannelIDTest, FailingChannelID) { |
2724 SpawnedTestServer::SSLOptions ssl_options; | 2763 SpawnedTestServer::SSLOptions ssl_options; |
2725 | 2764 |
2726 ASSERT_TRUE(ConnectToTestServer(ssl_options)); | 2765 ASSERT_TRUE(ConnectToTestServer(ssl_options)); |
2727 | 2766 |
2728 EnableFailingChannelID(); | 2767 EnableFailingChannelID(); |
2729 SSLConfig ssl_config = kDefaultSSLConfig; | 2768 SSLConfig ssl_config = kDefaultSSLConfig; |
2730 ssl_config.channel_id_enabled = true; | 2769 ssl_config.channel_id_enabled = true; |
2731 | 2770 |
2732 int rv; | 2771 int rv; |
2733 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2772 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2734 | 2773 |
2735 // TODO(haavardm@opera.com): Due to differences in threading, Linux returns | 2774 // TODO(haavardm@opera.com): Due to differences in threading, Linux returns |
2736 // ERR_UNEXPECTED while Mac and Windows return ERR_PROTOCOL_ERROR. Accept all | 2775 // ERR_UNEXPECTED while Mac and Windows return ERR_PROTOCOL_ERROR. Accept all |
2737 // error codes for now. | 2776 // error codes for now. |
2738 // http://crbug.com/373670 | 2777 // http://crbug.com/373670 |
2739 EXPECT_NE(OK, rv); | 2778 EXPECT_NE(OK, rv); |
2740 EXPECT_FALSE(sock_->IsConnected()); | 2779 EXPECT_FALSE(sock_->IsConnected()); |
2741 } | 2780 } |
2742 | 2781 |
| 2782 // Connect to a server using Channel ID but asynchronously failing to look up |
| 2783 // the Channel ID. It should fail. |
| 2784 TEST_F(SSLClientSocketChannelIDTest, FailingChannelIDAsync) { |
| 2785 SpawnedTestServer::SSLOptions ssl_options; |
| 2786 |
| 2787 ASSERT_TRUE(ConnectToTestServer(ssl_options)); |
| 2788 |
| 2789 EnableAsyncFailingChannelID(); |
| 2790 SSLConfig ssl_config = kDefaultSSLConfig; |
| 2791 ssl_config.channel_id_enabled = true; |
| 2792 |
| 2793 int rv; |
| 2794 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
| 2795 |
| 2796 EXPECT_EQ(ERR_UNEXPECTED, rv); |
| 2797 EXPECT_FALSE(sock_->IsConnected()); |
| 2798 } |
| 2799 |
2743 } // namespace net | 2800 } // namespace net |
OLD | NEW |