OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/spdy/spdy_session.h" | 5 #include "net/spdy/spdy_session.h" |
6 | 6 |
| 7 #include "base/base64.h" |
7 #include "base/bind.h" | 8 #include "base/bind.h" |
8 #include "base/callback.h" | 9 #include "base/callback.h" |
9 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
10 #include "base/run_loop.h" | 11 #include "base/run_loop.h" |
11 #include "base/test/statistics_delta_reader.h" | 12 #include "base/test/statistics_delta_reader.h" |
12 #include "net/base/io_buffer.h" | 13 #include "net/base/io_buffer.h" |
13 #include "net/base/ip_endpoint.h" | 14 #include "net/base/ip_endpoint.h" |
14 #include "net/base/net_log_unittest.h" | 15 #include "net/base/net_log_unittest.h" |
15 #include "net/base/request_priority.h" | 16 #include "net/base/request_priority.h" |
16 #include "net/base/test_data_directory.h" | 17 #include "net/base/test_data_directory.h" |
(...skipping 2351 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2368 spdy_stream->Cancel(); | 2369 spdy_stream->Cancel(); |
2369 | 2370 |
2370 EXPECT_EQ(NULL, spdy_stream.get()); | 2371 EXPECT_EQ(NULL, spdy_stream.get()); |
2371 EXPECT_TRUE(delegate.StreamIsClosed()); | 2372 EXPECT_TRUE(delegate.StreamIsClosed()); |
2372 | 2373 |
2373 data.RunFor(2); // Write the RST_STREAM & GOAWAY. | 2374 data.RunFor(2); // Write the RST_STREAM & GOAWAY. |
2374 base::MessageLoop::current()->RunUntilIdle(); | 2375 base::MessageLoop::current()->RunUntilIdle(); |
2375 EXPECT_TRUE(session == NULL); | 2376 EXPECT_TRUE(session == NULL); |
2376 } | 2377 } |
2377 | 2378 |
2378 TEST_P(SpdySessionTest, DISABLED_VerifyDomainAuthentication) { | 2379 TEST_P(SpdySessionTest, VerifyDomainAuthentication) { |
2379 session_deps_.host_resolver->set_synchronous_mode(true); | 2380 session_deps_.host_resolver->set_synchronous_mode(true); |
2380 | 2381 |
2381 MockConnect connect_data(SYNCHRONOUS, OK); | 2382 MockConnect connect_data(SYNCHRONOUS, OK); |
2382 | 2383 |
2383 // No actual data will be sent. | 2384 // No actual data will be sent. |
2384 MockWrite writes[] = { | 2385 MockWrite writes[] = { |
2385 MockWrite(ASYNC, 0, 1) // EOF | 2386 MockWrite(ASYNC, 0, 1) // EOF |
2386 }; | 2387 }; |
2387 | 2388 |
2388 MockRead reads[] = { | 2389 MockRead reads[] = { |
(...skipping 21 matching lines...) Expand all Loading... |
2410 | 2411 |
2411 base::WeakPtr<SpdySession> session = | 2412 base::WeakPtr<SpdySession> session = |
2412 CreateSecureSpdySession(http_session_, key_, BoundNetLog()); | 2413 CreateSecureSpdySession(http_session_, key_, BoundNetLog()); |
2413 | 2414 |
2414 EXPECT_TRUE(session->VerifyDomainAuthentication("www.example.org")); | 2415 EXPECT_TRUE(session->VerifyDomainAuthentication("www.example.org")); |
2415 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.org")); | 2416 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.org")); |
2416 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.com")); | 2417 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.com")); |
2417 EXPECT_FALSE(session->VerifyDomainAuthentication("mail.google.com")); | 2418 EXPECT_FALSE(session->VerifyDomainAuthentication("mail.google.com")); |
2418 } | 2419 } |
2419 | 2420 |
2420 // TODO(rch): re-enable this. | 2421 TEST_P(SpdySessionTest, ConnectionPooledWithTlsChannelId) { |
2421 TEST_P(SpdySessionTest, DISABLED_ConnectionPooledWithTlsChannelId) { | |
2422 session_deps_.host_resolver->set_synchronous_mode(true); | 2422 session_deps_.host_resolver->set_synchronous_mode(true); |
2423 | 2423 |
2424 MockConnect connect_data(SYNCHRONOUS, OK); | 2424 MockConnect connect_data(SYNCHRONOUS, OK); |
2425 | 2425 |
2426 // No actual data will be sent. | 2426 // No actual data will be sent. |
2427 MockWrite writes[] = { | 2427 MockWrite writes[] = { |
2428 MockWrite(ASYNC, 0, 1) // EOF | 2428 MockWrite(ASYNC, 0, 1) // EOF |
2429 }; | 2429 }; |
2430 | 2430 |
2431 MockRead reads[] = { | 2431 MockRead reads[] = { |
(...skipping 2562 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4994 MapNetErrorToGoAwayStatus(ERR_SPDY_FLOW_CONTROL_ERROR)); | 4994 MapNetErrorToGoAwayStatus(ERR_SPDY_FLOW_CONTROL_ERROR)); |
4995 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, | 4995 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, |
4996 MapNetErrorToGoAwayStatus(ERR_SPDY_PROTOCOL_ERROR)); | 4996 MapNetErrorToGoAwayStatus(ERR_SPDY_PROTOCOL_ERROR)); |
4997 CHECK_EQ(GOAWAY_COMPRESSION_ERROR, | 4997 CHECK_EQ(GOAWAY_COMPRESSION_ERROR, |
4998 MapNetErrorToGoAwayStatus(ERR_SPDY_COMPRESSION_ERROR)); | 4998 MapNetErrorToGoAwayStatus(ERR_SPDY_COMPRESSION_ERROR)); |
4999 CHECK_EQ(GOAWAY_FRAME_SIZE_ERROR, | 4999 CHECK_EQ(GOAWAY_FRAME_SIZE_ERROR, |
5000 MapNetErrorToGoAwayStatus(ERR_SPDY_FRAME_SIZE_ERROR)); | 5000 MapNetErrorToGoAwayStatus(ERR_SPDY_FRAME_SIZE_ERROR)); |
5001 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, MapNetErrorToGoAwayStatus(ERR_UNEXPECTED)); | 5001 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, MapNetErrorToGoAwayStatus(ERR_UNEXPECTED)); |
5002 } | 5002 } |
5003 | 5003 |
| 5004 TEST(CanPoolTest, CanPool) { |
| 5005 // Load a cert that is valid for: |
| 5006 // www.example.org |
| 5007 // mail.example.org |
| 5008 // www.example.com |
| 5009 |
| 5010 TransportSecurityState tss; |
| 5011 SSLInfo ssl_info; |
| 5012 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), |
| 5013 "spdy_pooling.pem"); |
| 5014 |
| 5015 EXPECT_TRUE(SpdySession::CanPool( |
| 5016 &tss, ssl_info, "www.example.org", "www.example.org")); |
| 5017 EXPECT_TRUE(SpdySession::CanPool( |
| 5018 &tss, ssl_info, "www.example.org", "mail.example.org")); |
| 5019 EXPECT_TRUE(SpdySession::CanPool( |
| 5020 &tss, ssl_info, "www.example.org", "mail.example.com")); |
| 5021 EXPECT_FALSE(SpdySession::CanPool( |
| 5022 &tss, ssl_info, "www.example.org", "mail.google.com")); |
| 5023 } |
| 5024 |
| 5025 TEST(CanPoolTest, CanNotPoolWithCertErrors) { |
| 5026 // Load a cert that is valid for: |
| 5027 // www.example.org |
| 5028 // mail.example.org |
| 5029 // www.example.com |
| 5030 |
| 5031 TransportSecurityState tss; |
| 5032 SSLInfo ssl_info; |
| 5033 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), |
| 5034 "spdy_pooling.pem"); |
| 5035 ssl_info.cert_status = CERT_STATUS_REVOKED; |
| 5036 |
| 5037 EXPECT_FALSE(SpdySession::CanPool( |
| 5038 &tss, ssl_info, "www.example.org", "mail.example.org")); |
| 5039 } |
| 5040 |
| 5041 TEST(CanPoolTest, CanNotPoolWithClientCerts) { |
| 5042 // Load a cert that is valid for: |
| 5043 // www.example.org |
| 5044 // mail.example.org |
| 5045 // www.example.com |
| 5046 |
| 5047 TransportSecurityState tss; |
| 5048 SSLInfo ssl_info; |
| 5049 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), |
| 5050 "spdy_pooling.pem"); |
| 5051 ssl_info.client_cert_sent = true; |
| 5052 |
| 5053 EXPECT_FALSE(SpdySession::CanPool( |
| 5054 &tss, ssl_info, "www.example.org", "mail.example.org")); |
| 5055 } |
| 5056 |
| 5057 TEST(CanPoolTest, CanNotPoolAcrossETLDsWithChannelID) { |
| 5058 // Load a cert that is valid for: |
| 5059 // www.example.org |
| 5060 // mail.example.org |
| 5061 // www.example.com |
| 5062 |
| 5063 TransportSecurityState tss; |
| 5064 SSLInfo ssl_info; |
| 5065 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), |
| 5066 "spdy_pooling.pem"); |
| 5067 ssl_info.channel_id_sent = true; |
| 5068 |
| 5069 EXPECT_TRUE(SpdySession::CanPool( |
| 5070 &tss, ssl_info, "www.example.org", "mail.example.org")); |
| 5071 EXPECT_FALSE(SpdySession::CanPool( |
| 5072 &tss, ssl_info, "www.example.org", "www.example.com")); |
| 5073 } |
| 5074 |
| 5075 TEST(CanPoolTest, CanNotPoolWithBadPins) { |
| 5076 uint8 primary_pin = 1; |
| 5077 uint8 backup_pin = 2; |
| 5078 uint8 bad_pin = 3; |
| 5079 TransportSecurityState tss; |
| 5080 test::AddPin(&tss, "mail.example.org", primary_pin, backup_pin); |
| 5081 |
| 5082 SSLInfo ssl_info; |
| 5083 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), |
| 5084 "spdy_pooling.pem"); |
| 5085 ssl_info.is_issued_by_known_root = true; |
| 5086 ssl_info.public_key_hashes.push_back(test::GetTestHashValue(bad_pin)); |
| 5087 |
| 5088 EXPECT_FALSE(SpdySession::CanPool( |
| 5089 &tss, ssl_info, "www.example.org", "mail.example.org")); |
| 5090 } |
| 5091 |
| 5092 TEST(CanPoolTest, CanPoolWithAcceptablePins) { |
| 5093 uint8 primary_pin = 1; |
| 5094 uint8 backup_pin = 2; |
| 5095 TransportSecurityState tss; |
| 5096 test::AddPin(&tss, "mail.example.org", primary_pin, backup_pin); |
| 5097 |
| 5098 SSLInfo ssl_info; |
| 5099 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), |
| 5100 "spdy_pooling.pem"); |
| 5101 ssl_info.is_issued_by_known_root = true; |
| 5102 ssl_info.public_key_hashes.push_back(test::GetTestHashValue(primary_pin)); |
| 5103 |
| 5104 EXPECT_TRUE(SpdySession::CanPool( |
| 5105 &tss, ssl_info, "www.example.org", "mail.example.org")); |
| 5106 } |
| 5107 |
5004 } // namespace net | 5108 } // namespace net |
OLD | NEW |