Chromium Code Reviews Chromium Code Reviews
Issue 446623004:
This CL adds unit tests for false start connections. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@sslcallback| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| (...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 351 // underlying transport until UnblockWrite() has been called. Note: if there | 351 // underlying transport until UnblockWrite() has been called. Note: if there |
| 352 // is a pending asynchronous write, it is NOT blocked. For purposes of | 352 // is a pending asynchronous write, it is NOT blocked. For purposes of |
| 353 // blocking writes, data is considered to have reached the underlying | 353 // blocking writes, data is considered to have reached the underlying |
| 354 // transport as soon as Write() is called. | 354 // transport as soon as Write() is called. |
| 355 void BlockWrite(); | 355 void BlockWrite(); |
| 356 void UnblockWrite(); | 356 void UnblockWrite(); |
| 357 | 357 |
| 358 // Waits for the blocked Write() call to be scheduled. | 358 // Waits for the blocked Write() call to be scheduled. |
| 359 void WaitForWrite(); | 359 void WaitForWrite(); |
| 360 | 360 |
| 361 // Returns the wrapped stream socket. | |
| 362 StreamSocket* transport() { return transport_.get(); } | |
| 363 | |
| 361 private: | 364 private: |
| 362 // Handles completion from the underlying transport read. | 365 // Handles completion from the underlying transport read. |
| 363 void OnReadCompleted(int result); | 366 void OnReadCompleted(int result); |
| 364 | 367 |
| 365 // True if read callbacks are blocked. | 368 // True if read callbacks are blocked. |
| 366 bool should_block_read_; | 369 bool should_block_read_; |
| 367 | 370 |
| 368 // The user callback for the pending read call. | 371 // The user callback for the pending read call. |
| 369 CompletionCallback pending_read_callback_; | 372 CompletionCallback pending_read_callback_; |
| 370 | 373 |
| (...skipping 418 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 789 sock->Disconnect(); | 792 sock->Disconnect(); |
| 790 EXPECT_FALSE(sock->IsConnected()); | 793 EXPECT_FALSE(sock->IsConnected()); |
| 791 EXPECT_TRUE( | 794 EXPECT_TRUE( |
| 792 test_server.host_port_pair().Equals(request_info->host_and_port)); | 795 test_server.host_port_pair().Equals(request_info->host_and_port)); |
| 793 | 796 |
| 794 return request_info; | 797 return request_info; |
| 795 } | 798 } |
| 796 }; | 799 }; |
| 797 | 800 |
| 798 class SSLClientSocketFalseStartTest : public SSLClientSocketTest { | 801 class SSLClientSocketFalseStartTest : public SSLClientSocketTest { |
| 802 public: | |
| 803 SSLClientSocketFalseStartTest() | |
| 804 : monitor_handshake_callback_(false), | |
| 805 fail_handshake_after_false_start_(false) {} | |
| 806 | |
| 799 protected: | 807 protected: |
| 800 // Creates an SSLClientSocket with |client_config| attached to a | 808 // Creates an SSLClientSocket with |client_config| attached to a |
| 801 // FakeBlockingStreamSocket, returning both in |*out_raw_transport| and | 809 // FakeBlockingStreamSocket, returning both in |*out_raw_transport| and |
| 802 // |*out_sock|. The FakeBlockingStreamSocket is owned by the SSLClientSocket, | 810 // |*out_sock|. The FakeBlockingStreamSocket is owned by the SSLClientSocket, |
| 803 // so |*out_raw_transport| is a raw pointer. | 811 // so |*out_raw_transport| is a raw pointer. |
| 804 // | 812 // |
| 805 // The client socket will begin a connect using |callback| but stop before the | 813 // The client socket will begin a connect using |callback| but stop before the |
| 806 // server's finished message is received. The finished message will be blocked | 814 // server's finished message is received. The finished message will be blocked |
| 807 // in |*out_raw_transport|. To complete the handshake and successfully read | 815 // in |*out_raw_transport|. To complete the handshake and successfully read |
| 808 // data, the caller must unblock reads on |*out_raw_transport|. (Note that, if | 816 // data, the caller must unblock reads on |*out_raw_transport|. (Note that, if |
| 809 // the client successfully false started, |callback.WaitForResult()| will | 817 // the client successfully false started, |callback.WaitForResult()| will |
| 810 // return OK without unblocking transport reads. But Read() will still block.) | 818 // return OK without unblocking transport reads. But Read() will still block.) |
| 811 // | 819 // |
| 812 // Must be called after StartTestServer is called. | 820 // Must be called after StartTestServer is called. |
| 813 void CreateAndConnectUntilServerFinishedReceived( | 821 void CreateAndConnectUntilServerFinishedReceived( |
| 814 const SSLConfig& client_config, | 822 const SSLConfig& client_config, |
| 815 TestCompletionCallback* callback, | 823 TestCompletionCallback* callback, |
| 816 FakeBlockingStreamSocket** out_raw_transport, | 824 FakeBlockingStreamSocket** out_raw_transport, |
| 817 scoped_ptr<SSLClientSocket>* out_sock) { | 825 scoped_ptr<SSLClientSocket>* out_sock) { |
| 818 CHECK(test_server()); | 826 CHECK(test_server()); |
| 819 | 827 |
| 820 scoped_ptr<StreamSocket> real_transport( | 828 scoped_ptr<StreamSocket> real_transport = scoped_ptr<StreamSocket>( |
|
davidben
2014/08/08 17:53:35
Nit: You should just be able to write
scoped_pt
| |
| 821 new TCPClientSocket(addr(), NULL, NetLog::Source())); | 829 new TCPClientSocket(addr(), NULL, NetLog::Source())); |
| 830 real_transport.reset( | |
| 831 new SynchronousErrorStreamSocket(real_transport.Pass())); | |
| 832 | |
| 822 scoped_ptr<FakeBlockingStreamSocket> transport( | 833 scoped_ptr<FakeBlockingStreamSocket> transport( |
| 823 new FakeBlockingStreamSocket(real_transport.Pass())); | 834 new FakeBlockingStreamSocket(real_transport.Pass())); |
| 824 int rv = callback->GetResult(transport->Connect(callback->callback())); | 835 int rv = callback->GetResult(transport->Connect(callback->callback())); |
| 825 EXPECT_EQ(OK, rv); | 836 EXPECT_EQ(OK, rv); |
| 826 | 837 |
| 827 FakeBlockingStreamSocket* raw_transport = transport.get(); | 838 FakeBlockingStreamSocket* raw_transport = transport.get(); |
| 828 scoped_ptr<SSLClientSocket> sock = | 839 scoped_ptr<SSLClientSocket> sock = |
| 829 CreateSSLClientSocket(transport.PassAs<StreamSocket>(), | 840 CreateSSLClientSocket(transport.PassAs<StreamSocket>(), |
| 830 test_server()->host_port_pair(), | 841 test_server()->host_port_pair(), |
| 831 client_config); | 842 client_config); |
| 832 | 843 |
| 844 if (monitor_handshake_callback_) { | |
| 845 sock->SetHandshakeCompletionCallback( | |
| 846 base::Bind(&SSLClientSocketTest::RecordCompletedHandshake, | |
| 847 base::Unretained(this))); | |
| 848 } | |
| 849 | |
| 833 // Connect. Stop before the client processes the first server leg | 850 // Connect. Stop before the client processes the first server leg |
| 834 // (ServerHello, etc.) | 851 // (ServerHello, etc.) |
| 835 raw_transport->BlockReadResult(); | 852 raw_transport->BlockReadResult(); |
| 836 rv = sock->Connect(callback->callback()); | 853 rv = sock->Connect(callback->callback()); |
| 837 EXPECT_EQ(ERR_IO_PENDING, rv); | 854 EXPECT_EQ(ERR_IO_PENDING, rv); |
| 838 raw_transport->WaitForReadResult(); | 855 raw_transport->WaitForReadResult(); |
| 839 | 856 |
| 840 // Release the ServerHello and wait for the client to write | 857 // Release the ServerHello and wait for the client to write |
| 841 // ClientKeyExchange, etc. (A proxy for waiting for the entirety of the | 858 // ClientKeyExchange, etc. (A proxy for waiting for the entirety of the |
| 842 // server's leg to complete, since it may span multiple reads.) | 859 // server's leg to complete, since it may span multiple reads.) |
| 843 EXPECT_FALSE(callback->have_result()); | 860 EXPECT_FALSE(callback->have_result()); |
| 844 raw_transport->BlockWrite(); | 861 raw_transport->BlockWrite(); |
| 845 raw_transport->UnblockReadResult(); | 862 raw_transport->UnblockReadResult(); |
| 846 raw_transport->WaitForWrite(); | 863 raw_transport->WaitForWrite(); |
| 847 | 864 |
| 865 if (fail_handshake_after_false_start_) { | |
| 866 SynchronousErrorStreamSocket* error_socket = | |
| 867 static_cast<SynchronousErrorStreamSocket*>( | |
| 868 raw_transport->transport()); | |
| 869 error_socket->SetNextReadError(ERR_CONNECTION_RESET); | |
| 870 } | |
| 848 // And, finally, release that and block the next server leg | 871 // And, finally, release that and block the next server leg |
| 849 // (ChangeCipherSpec, Finished). | 872 // (ChangeCipherSpec, Finished). |
| 850 raw_transport->BlockReadResult(); | 873 raw_transport->BlockReadResult(); |
| 851 raw_transport->UnblockWrite(); | 874 raw_transport->UnblockWrite(); |
| 852 | 875 |
| 853 *out_raw_transport = raw_transport; | 876 *out_raw_transport = raw_transport; |
| 854 *out_sock = sock.Pass(); | 877 *out_sock = sock.Pass(); |
| 855 } | 878 } |
| 856 | 879 |
| 857 void TestFalseStart(const SpawnedTestServer::SSLOptions& server_options, | 880 void TestFalseStart(const SpawnedTestServer::SSLOptions& server_options, |
| 858 const SSLConfig& client_config, | 881 const SSLConfig& client_config, |
| 859 bool expect_false_start) { | 882 bool expect_false_start) { |
| 860 ASSERT_TRUE(StartTestServer(server_options)); | 883 ASSERT_TRUE(StartTestServer(server_options)); |
| 861 | 884 |
| 862 TestCompletionCallback callback; | 885 TestCompletionCallback callback; |
| 863 FakeBlockingStreamSocket* raw_transport = NULL; | 886 FakeBlockingStreamSocket* raw_transport = NULL; |
| 864 scoped_ptr<SSLClientSocket> sock; | 887 scoped_ptr<SSLClientSocket> sock; |
| 888 | |
| 865 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( | 889 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( |
| 866 client_config, &callback, &raw_transport, &sock)); | 890 client_config, &callback, &raw_transport, &sock)); |
| 867 | 891 |
| 868 if (expect_false_start) { | 892 if (expect_false_start) { |
| 869 // When False Starting, the handshake should complete before receiving the | 893 // When False Starting, the handshake should complete before receiving the |
| 870 // Change Cipher Spec and Finished messages. | 894 // Change Cipher Spec and Finished messages. |
| 871 // | 895 // |
| 872 // Note: callback.have_result() may not be true without waiting. The NSS | 896 // Note: callback.have_result() may not be true without waiting. The NSS |
| 873 // state machine sometimes lives on a separate thread, so this thread may | 897 // state machine sometimes lives on a separate thread, so this thread may |
| 874 // not yet have processed the signal that the handshake has completed. | 898 // not yet have processed the signal that the handshake has completed. |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 889 EXPECT_EQ(kRequestTextSize, rv); | 913 EXPECT_EQ(kRequestTextSize, rv); |
| 890 | 914 |
| 891 // The read will hang; it's waiting for the peer to complete the | 915 // The read will hang; it's waiting for the peer to complete the |
| 892 // handshake, and the handshake is still blocked. | 916 // handshake, and the handshake is still blocked. |
| 893 scoped_refptr<IOBuffer> buf(new IOBuffer(4096)); | 917 scoped_refptr<IOBuffer> buf(new IOBuffer(4096)); |
| 894 rv = sock->Read(buf.get(), 4096, callback.callback()); | 918 rv = sock->Read(buf.get(), 4096, callback.callback()); |
| 895 | 919 |
| 896 // After releasing reads, the connection proceeds. | 920 // After releasing reads, the connection proceeds. |
| 897 raw_transport->UnblockReadResult(); | 921 raw_transport->UnblockReadResult(); |
| 898 rv = callback.GetResult(rv); | 922 rv = callback.GetResult(rv); |
| 899 EXPECT_LT(0, rv); | 923 if (fail_handshake_after_false_start_) |
| 924 EXPECT_EQ(ERR_CONNECTION_RESET, rv); | |
| 925 else | |
| 926 EXPECT_LT(0, rv); | |
| 900 } else { | 927 } else { |
| 901 // False Start is not enabled, so the handshake will not complete because | 928 // False Start is not enabled, so the handshake will not complete because |
| 902 // the server second leg is blocked. | 929 // the server second leg is blocked. |
| 903 base::RunLoop().RunUntilIdle(); | 930 base::RunLoop().RunUntilIdle(); |
| 904 EXPECT_FALSE(callback.have_result()); | 931 EXPECT_FALSE(callback.have_result()); |
| 905 } | 932 } |
| 906 } | 933 } |
| 934 | |
| 935 // Indicates that the socket's handshake completion callback should | |
| 936 // be monitored. | |
| 937 bool monitor_handshake_callback_; | |
| 938 // Indicates that this test's handshake should fail after the client | |
| 939 // "finished" message is sent. | |
| 940 bool fail_handshake_after_false_start_; | |
| 907 }; | 941 }; |
| 908 | 942 |
| 909 class SSLClientSocketChannelIDTest : public SSLClientSocketTest { | 943 class SSLClientSocketChannelIDTest : public SSLClientSocketTest { |
| 910 protected: | 944 protected: |
| 911 void EnableChannelID() { | 945 void EnableChannelID() { |
| 912 channel_id_service_.reset( | 946 channel_id_service_.reset( |
| 913 new ChannelIDService(new DefaultChannelIDStore(NULL), | 947 new ChannelIDService(new DefaultChannelIDStore(NULL), |
| 914 base::MessageLoopProxy::current())); | 948 base::MessageLoopProxy::current())); |
| 915 context_.channel_id_service = channel_id_service_.get(); | 949 context_.channel_id_service = channel_id_service_.get(); |
| 916 } | 950 } |
| (...skipping 1846 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2763 | 2797 |
| 2764 if (sock->IsConnected()) | 2798 if (sock->IsConnected()) |
| 2765 LOG(ERROR) << "SSL Socket prematurely connected"; | 2799 LOG(ERROR) << "SSL Socket prematurely connected"; |
| 2766 | 2800 |
| 2767 rv = callback.GetResult(sock->Connect(callback.callback())); | 2801 rv = callback.GetResult(sock->Connect(callback.callback())); |
| 2768 | 2802 |
| 2769 EXPECT_EQ(OK, rv); | 2803 EXPECT_EQ(OK, rv); |
| 2770 EXPECT_TRUE(sock->IsConnected()); | 2804 EXPECT_TRUE(sock->IsConnected()); |
| 2771 EXPECT_TRUE(ran_handshake_completion_callback_); | 2805 EXPECT_TRUE(ran_handshake_completion_callback_); |
| 2772 } | 2806 } |
| 2807 | |
| 2808 TEST_F(SSLClientSocketFalseStartTest, | |
| 2809 HandshakeCallbackIsRun_WithFalseStartFailure) { | |
| 2810 // False Start requires NPN and a forward-secret cipher suite. | |
| 2811 SpawnedTestServer::SSLOptions server_options; | |
| 2812 server_options.key_exchanges = | |
| 2813 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; | |
| 2814 server_options.enable_npn = true; | |
| 2815 SSLConfig client_config; | |
| 2816 client_config.next_protos.push_back("http/1.1"); | |
| 2817 monitor_handshake_callback_ = true; | |
| 2818 fail_handshake_after_false_start_ = true; | |
| 2819 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, true)); | |
| 2820 ASSERT_TRUE(ran_handshake_completion_callback_); | |
| 2821 } | |
| 2822 | |
| 2823 TEST_F(SSLClientSocketFalseStartTest, | |
| 2824 HandshakeCallbackIsRun_WithFalseStartSuccess) { | |
| 2825 // False Start requires NPN and a forward-secret cipher suite. | |
| 2826 SpawnedTestServer::SSLOptions server_options; | |
| 2827 server_options.key_exchanges = | |
| 2828 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; | |
| 2829 server_options.enable_npn = true; | |
| 2830 SSLConfig client_config; | |
| 2831 client_config.next_protos.push_back("http/1.1"); | |
| 2832 monitor_handshake_callback_ = true; | |
| 2833 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, true)); | |
| 2834 ASSERT_TRUE(ran_handshake_completion_callback_); | |
| 2835 } | |
| 2773 #endif // defined(USE_OPENSSL) | 2836 #endif // defined(USE_OPENSSL) |
| 2774 | 2837 |
| 2775 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) { | 2838 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) { |
| 2776 // False Start requires NPN and a forward-secret cipher suite. | 2839 // False Start requires NPN and a forward-secret cipher suite. |
| 2777 SpawnedTestServer::SSLOptions server_options; | 2840 SpawnedTestServer::SSLOptions server_options; |
| 2778 server_options.key_exchanges = | 2841 server_options.key_exchanges = |
| 2779 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; | 2842 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; |
| 2780 server_options.enable_npn = true; | 2843 server_options.enable_npn = true; |
| 2781 SSLConfig client_config; | 2844 SSLConfig client_config; |
| 2782 client_config.next_protos.push_back("http/1.1"); | 2845 client_config.next_protos.push_back("http/1.1"); |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2847 server_options.enable_npn = true; | 2910 server_options.enable_npn = true; |
| 2848 ASSERT_TRUE(StartTestServer(server_options)); | 2911 ASSERT_TRUE(StartTestServer(server_options)); |
| 2849 | 2912 |
| 2850 SSLConfig client_config; | 2913 SSLConfig client_config; |
| 2851 client_config.next_protos.push_back("http/1.1"); | 2914 client_config.next_protos.push_back("http/1.1"); |
| 2852 | 2915 |
| 2853 // Start a handshake up to the server Finished message. | 2916 // Start a handshake up to the server Finished message. |
| 2854 TestCompletionCallback callback; | 2917 TestCompletionCallback callback; |
| 2855 FakeBlockingStreamSocket* raw_transport1; | 2918 FakeBlockingStreamSocket* raw_transport1; |
| 2856 scoped_ptr<SSLClientSocket> sock1; | 2919 scoped_ptr<SSLClientSocket> sock1; |
| 2920 scoped_ptr<StreamSocket> real_transport( | |
|
davidben
2014/08/08 17:53:35
Nit: This line is no longer needed.
| |
| 2921 new TCPClientSocket(addr(), NULL, NetLog::Source())); | |
| 2857 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( | 2922 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( |
| 2858 client_config, &callback, &raw_transport1, &sock1)); | 2923 client_config, &callback, &raw_transport1, &sock1)); |
| 2859 // Although raw_transport1 has the server Finished blocked, the handshake | 2924 // Although raw_transport1 has the server Finished blocked, the handshake |
| 2860 // still completes. | 2925 // still completes. |
| 2861 EXPECT_EQ(OK, callback.WaitForResult()); | 2926 EXPECT_EQ(OK, callback.WaitForResult()); |
| 2862 | 2927 |
| 2863 // Drop the old socket. This is needed because the Python test server can't | 2928 // Drop the old socket. This is needed because the Python test server can't |
| 2864 // service two sockets in parallel. | 2929 // service two sockets in parallel. |
| 2865 sock1.reset(); | 2930 sock1.reset(); |
| 2866 | 2931 |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2934 ssl_config.channel_id_enabled = true; | 2999 ssl_config.channel_id_enabled = true; |
| 2935 | 3000 |
| 2936 int rv; | 3001 int rv; |
| 2937 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 3002 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
| 2938 | 3003 |
| 2939 EXPECT_EQ(ERR_UNEXPECTED, rv); | 3004 EXPECT_EQ(ERR_UNEXPECTED, rv); |
| 2940 EXPECT_FALSE(sock_->IsConnected()); | 3005 EXPECT_FALSE(sock_->IsConnected()); |
| 2941 } | 3006 } |
| 2942 | 3007 |
| 2943 } // namespace net | 3008 } // namespace net |
| OLD | NEW |
