net/quic/quic_client_session_test.cc - Issue 355293003: Restrict QUIC session pool when channel ID is present.

Side by Side Diff: net/quic/quic_client_session_test.cc

Issue 355293003: Restrict QUIC session pool when channel ID is present. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix comments Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/quic/quic_client_session.h"	5 #include "net/quic/quic_client_session.h"

6	6

7 #include <vector>	7 #include <vector>

8	8

	9 #include "base/files/file_path.h"

9 #include "base/rand_util.h"	10 #include "base/rand_util.h"

10 #include "net/base/capturing_net_log.h"	11 #include "net/base/capturing_net_log.h"

11 #include "net/base/test_completion_callback.h"	12 #include "net/base/test_completion_callback.h"

	13 #include "net/base/test_data_directory.h"

	14 #include "net/cert/cert_verify_result.h"

12 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"	15 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"

13 #include "net/quic/crypto/crypto_protocol.h"	16 #include "net/quic/crypto/crypto_protocol.h"

	17 #include "net/quic/crypto/proof_verifier_chromium.h"

14 #include "net/quic/crypto/quic_decrypter.h"	18 #include "net/quic/crypto/quic_decrypter.h"

15 #include "net/quic/crypto/quic_encrypter.h"	19 #include "net/quic/crypto/quic_encrypter.h"

16 #include "net/quic/crypto/quic_server_info.h"	20 #include "net/quic/crypto/quic_server_info.h"

17 #include "net/quic/quic_default_packet_writer.h"	21 #include "net/quic/quic_default_packet_writer.h"

18 #include "net/quic/test_tools/crypto_test_utils.h"	22 #include "net/quic/test_tools/crypto_test_utils.h"

19 #include "net/quic/test_tools/quic_client_session_peer.h"	23 #include "net/quic/test_tools/quic_client_session_peer.h"

20 #include "net/quic/test_tools/quic_test_utils.h"	24 #include "net/quic/test_tools/quic_test_utils.h"

21 #include "net/quic/test_tools/simple_quic_framer.h"	25 #include "net/quic/test_tools/simple_quic_framer.h"

22 #include "net/socket/socket_test_util.h"	26 #include "net/socket/socket_test_util.h"

	27 #include "net/test/cert_test_util.h"

23 #include "net/udp/datagram_client_socket.h"	28 #include "net/udp/datagram_client_socket.h"

24	29

25 using testing::_;	30 using testing::_;

26	31

27 namespace net {	32 namespace net {

28 namespace test {	33 namespace test {

29 namespace {	34 namespace {

30	35

31 const char kServerHostname[] = "www.example.com";	36 const char kServerHostname[] = "www.example.com";

32 const uint16 kServerPort = 80;	37 const uint16 kServerPort = 80;

(...skipping 21 matching lines...) Expand all Loading...
54 }	59 }

55	60

56 // Returns the header from the last packet written.	61 // Returns the header from the last packet written.

57 const QuicPacketHeader& header() { return header_; }	62 const QuicPacketHeader& header() { return header_; }

58	63

59 private:	64 private:

60 QuicVersion version_;	65 QuicVersion version_;

61 QuicPacketHeader header_;	66 QuicPacketHeader header_;

62 };	67 };

63	68

	69 class FakeChannelIDKey : public ChannelIDKey {

	70 public:

	71 // Sign signs \|signed_data\| using the ChannelID private key and puts the

	72 // signature into \|out_signature\|. It returns true on success.
	wtc 2014/07/01 23:00:14 Replace this comment with something like // Chan Replace this comment with something like // ChannelIDKey implementation: Ryan Hamilton 2014/07/01 23:26:19 Done. Show quoted text On 2014/07/01 23:00:14, wtc wrote: > > Replace this comment with something like > // ChannelIDKey implementation: Done.
	73 virtual bool Sign(base::StringPiece signed_data,

	74 std::string* out_signature) const OVERRIDE {

	75 return true;
	wtc 2014/07/01 23:00:15 I think it's more realistic to set out_signature I think it's more realistic to set out_signature to some string. (I know this method can even return false because it's not invoked by the test.) Ryan Hamilton 2014/07/01 23:26:20 Done. Show quoted text On 2014/07/01 23:00:15, wtc wrote: > > I think it's more realistic to set *out_signature to some string. (I know this > method can even return false because it's not invoked by the test.) Done.
	76 }

	77

	78 // SerializeKey returns the serialized ChannelID public key.
	wtc 2014/07/01 23:00:15 Delete this comment. Delete this comment. Ryan Hamilton 2014/07/01 23:26:19 Done. Show quoted text On 2014/07/01 23:00:15, wtc wrote: > > Delete this comment. Done.
	79 virtual std::string SerializeKey() const OVERRIDE {

	80 return "";

	81 }

	82 };

	83

64 class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> {	84 class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> {

65 protected:	85 protected:

66 QuicClientSessionTest()	86 QuicClientSessionTest()

67 : writer_(new TestPacketWriter(GetParam())),	87 : writer_(new TestPacketWriter(GetParam())),

68 connection_(	88 connection_(

69 new PacketSavingConnection(false, SupportedVersions(GetParam()))),	89 new PacketSavingConnection(false, SupportedVersions(GetParam()))),

70 session_(connection_, GetSocket().Pass(), writer_.Pass(), NULL, NULL,	90 session_(host_port_pair_, connection_, GetSocket().Pass(),

	91 writer_.Pass(), NULL, NULL,

71 make_scoped_ptr((QuicServerInfo*)NULL),	92 make_scoped_ptr((QuicServerInfo*)NULL),

72 QuicServerId(kServerHostname, kServerPort, false,	93 QuicServerId(kServerHostname, kServerPort, false,

73 PRIVACY_MODE_DISABLED),	94 PRIVACY_MODE_DISABLED),

74 DefaultQuicConfig(), &crypto_config_,	95 DefaultQuicConfig(), &crypto_config_,

75 base::MessageLoop::current()->message_loop_proxy().get(),	96 base::MessageLoop::current()->message_loop_proxy().get(),

76 &net_log_) {	97 &net_log_) {

77 session_.config()->SetDefaults();	98 session_.config()->SetDefaults();

78 crypto_config_.SetDefaults();	99 crypto_config_.SetDefaults();

79 }	100 }

80	101

(...skipping 10 matching lines...) Expand all Loading...
91	112

92 void CompleteCryptoHandshake() {	113 void CompleteCryptoHandshake() {

93 ASSERT_EQ(ERR_IO_PENDING,	114 ASSERT_EQ(ERR_IO_PENDING,

94 session_.CryptoConnect(false, callback_.callback()));	115 session_.CryptoConnect(false, callback_.callback()));

95 CryptoTestUtils::HandshakeWithFakeServer(	116 CryptoTestUtils::HandshakeWithFakeServer(

96 connection_, session_.GetCryptoStream());	117 connection_, session_.GetCryptoStream());

97 ASSERT_EQ(OK, callback_.WaitForResult());	118 ASSERT_EQ(OK, callback_.WaitForResult());

98 }	119 }

99	120

100 scoped_ptr<QuicDefaultPacketWriter> writer_;	121 scoped_ptr<QuicDefaultPacketWriter> writer_;

	122 const HostPortPair host_port_pair_;
	wtc 2014/07/01 23:00:14 1. IMPORTANT: we never set this member, so it is a 1. IMPORTANT: we never set this member, so it is an empty string! 2. Please rename this member "server_host_port_", if it refers to the server. Ryan Hamilton 2014/07/01 23:26:20 Ok, fixed this. Turns out I hadn't actually run th Show quoted text On 2014/07/01 23:00:14, wtc wrote: > > 1. IMPORTANT: we never set this member, so it is an empty string! > > 2. Please rename this member "server_host_port_", if it refers to the server. Ok, fixed this. Turns out I hadn't actually run the channel ID test. It failed because this was not set. Now that it's fixed, it passed. Nice catch!
101 PacketSavingConnection* connection_;	123 PacketSavingConnection* connection_;

102 CapturingNetLog net_log_;	124 CapturingNetLog net_log_;

103 MockClientSocketFactory socket_factory_;	125 MockClientSocketFactory socket_factory_;

104 StaticSocketDataProvider socket_data_;	126 StaticSocketDataProvider socket_data_;

105 QuicClientSession session_;	127 QuicClientSession session_;

106 MockClock clock_;	128 MockClock clock_;

107 MockRandom random_;	129 MockRandom random_;

108 QuicConnectionVisitorInterface* visitor_;	130 QuicConnectionVisitorInterface* visitor_;

109 TestCompletionCallback callback_;	131 TestCompletionCallback callback_;

110 QuicCryptoClientConfig crypto_config_;	132 QuicCryptoClientConfig crypto_config_;

(...skipping 48 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
159	181

160 TEST_P(QuicClientSessionTest, GoAwayReceived) {	182 TEST_P(QuicClientSessionTest, GoAwayReceived) {

161 CompleteCryptoHandshake();	183 CompleteCryptoHandshake();

162	184

163 // After receiving a GoAway, I should no longer be able to create outgoing	185 // After receiving a GoAway, I should no longer be able to create outgoing

164 // streams.	186 // streams.

165 session_.OnGoAway(QuicGoAwayFrame(QUIC_PEER_GOING_AWAY, 1u, "Going away."));	187 session_.OnGoAway(QuicGoAwayFrame(QUIC_PEER_GOING_AWAY, 1u, "Going away."));

166 EXPECT_EQ(NULL, session_.CreateOutgoingDataStream());	188 EXPECT_EQ(NULL, session_.CreateOutgoingDataStream());

167 }	189 }

168	190

	191 TEST_P(QuicClientSessionTest, CanPool) {

	192 // Load a cert that is valid for:

	193 // www.example.org

	194 // mail.example.org

	195 // www.example.com

	196 base::FilePath certs_dir = GetTestCertsDirectory();

	197

	198 CertVerifyResult result;

	199 ProofVerifyDetailsChromium details;

	200 details.cert_verify_result.verified_cert =

	201 ImportCertFromFile(certs_dir, "spdy_pooling.pem");

	202 ASSERT_NE(static_cast<X509Certificate*>(NULL),

	203 details.cert_verify_result.verified_cert);
	wtc 2014/07/01 23:00:14 Nit: why don't we just do ASSERT_TRUE(details.c Nit: why don't we just do ASSERT_TRUE(details.cert_verify_result.verified_cert); If you make this change, make the same change to the next unit test. Ryan Hamilton 2014/07/01 23:26:20 Done. Show quoted text On 2014/07/01 23:00:14, wtc wrote: > > Nit: why don't we just do > > ASSERT_TRUE(details.cert_verify_result.verified_cert); > > If you make this change, make the same change to the next unit test. Done.
	204

	205 session_.OnProofVerifyDetailsAvailable(details);

	206 CompleteCryptoHandshake();

	207

	208

	209 EXPECT_TRUE(session_.CanPool("www.example.org"));

	210 EXPECT_TRUE(session_.CanPool("mail.example.org"));

	211 EXPECT_TRUE(session_.CanPool("mail.example.com"));

	212 EXPECT_FALSE(session_.CanPool("mail.google.com"));

	213 }

	214

	215 TEST_P(QuicClientSessionTest, ConnectionPooledWithTlsChannelId) {

	216 // Load a cert that is valid for:

	217 // www.example.org

	218 // mail.example.org

	219 // www.example.com

	220 base::FilePath certs_dir = GetTestCertsDirectory();

	221

	222 CertVerifyResult result;

	223 ProofVerifyDetailsChromium details;

	224 details.cert_verify_result.verified_cert =

	225 ImportCertFromFile(certs_dir, "spdy_pooling.pem");

	226 ASSERT_NE(static_cast<X509Certificate*>(NULL),

	227 details.cert_verify_result.verified_cert);

	228

	229 session_.OnProofVerifyDetailsAvailable(details);

	230 QuicClientSessionPeer::SetChannelIDKey(&session_, new FakeChannelIDKey);

	231 CompleteCryptoHandshake();
	wtc 2014/07/01 23:00:14 It seems safer to call QuicClientSessionPeer::SetC It seems safer to call QuicClientSessionPeer::SetChannelIDKey after CompleteCryptoHandshake. Ryan Hamilton 2014/07/01 23:26:19 Done. Show quoted text On 2014/07/01 23:00:14, wtc wrote: > > It seems safer to call QuicClientSessionPeer::SetChannelIDKey after > CompleteCryptoHandshake. Done.
	232

	233 EXPECT_TRUE(session_.CanPool("www.example.org"));

	234 EXPECT_TRUE(session_.CanPool("mail.example.org"));

	235 EXPECT_FALSE(session_.CanPool("mail.example.com"));

	236 EXPECT_FALSE(session_.CanPool("mail.google.com"));

	237 }

	238

169 } // namespace	239 } // namespace

170 } // namespace test	240 } // namespace test

171 } // namespace net	241 } // namespace net

OLD	NEW

« net/quic/quic_client_session.cc ('K') | « net/quic/quic_client_session.cc ('k') | net/quic/quic_crypto_client_stream.h » ('j') | net/quic/quic_crypto_client_stream.h » ('J')