OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/spdy/spdy_session.h" | 5 #include "net/spdy/spdy_session.h" |
6 | 6 |
7 #include "base/base64.h" | |
8 #include "base/bind.h" | 7 #include "base/bind.h" |
9 #include "base/callback.h" | 8 #include "base/callback.h" |
10 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
11 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
12 #include "base/test/statistics_delta_reader.h" | 11 #include "base/test/statistics_delta_reader.h" |
13 #include "net/base/io_buffer.h" | 12 #include "net/base/io_buffer.h" |
14 #include "net/base/ip_endpoint.h" | 13 #include "net/base/ip_endpoint.h" |
15 #include "net/base/net_log_unittest.h" | 14 #include "net/base/net_log_unittest.h" |
16 #include "net/base/request_priority.h" | 15 #include "net/base/request_priority.h" |
17 #include "net/base/test_data_directory.h" | 16 #include "net/base/test_data_directory.h" |
(...skipping 2351 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2369 spdy_stream->Cancel(); | 2368 spdy_stream->Cancel(); |
2370 | 2369 |
2371 EXPECT_EQ(NULL, spdy_stream.get()); | 2370 EXPECT_EQ(NULL, spdy_stream.get()); |
2372 EXPECT_TRUE(delegate.StreamIsClosed()); | 2371 EXPECT_TRUE(delegate.StreamIsClosed()); |
2373 | 2372 |
2374 data.RunFor(2); // Write the RST_STREAM & GOAWAY. | 2373 data.RunFor(2); // Write the RST_STREAM & GOAWAY. |
2375 base::MessageLoop::current()->RunUntilIdle(); | 2374 base::MessageLoop::current()->RunUntilIdle(); |
2376 EXPECT_TRUE(session == NULL); | 2375 EXPECT_TRUE(session == NULL); |
2377 } | 2376 } |
2378 | 2377 |
2379 TEST_P(SpdySessionTest, VerifyDomainAuthentication) { | 2378 TEST_P(SpdySessionTest, DISABLED_VerifyDomainAuthentication) { |
2380 session_deps_.host_resolver->set_synchronous_mode(true); | 2379 session_deps_.host_resolver->set_synchronous_mode(true); |
2381 | 2380 |
2382 MockConnect connect_data(SYNCHRONOUS, OK); | 2381 MockConnect connect_data(SYNCHRONOUS, OK); |
2383 | 2382 |
2384 // No actual data will be sent. | 2383 // No actual data will be sent. |
2385 MockWrite writes[] = { | 2384 MockWrite writes[] = { |
2386 MockWrite(ASYNC, 0, 1) // EOF | 2385 MockWrite(ASYNC, 0, 1) // EOF |
2387 }; | 2386 }; |
2388 | 2387 |
2389 MockRead reads[] = { | 2388 MockRead reads[] = { |
(...skipping 21 matching lines...) Expand all Loading... |
2411 | 2410 |
2412 base::WeakPtr<SpdySession> session = | 2411 base::WeakPtr<SpdySession> session = |
2413 CreateSecureSpdySession(http_session_, key_, BoundNetLog()); | 2412 CreateSecureSpdySession(http_session_, key_, BoundNetLog()); |
2414 | 2413 |
2415 EXPECT_TRUE(session->VerifyDomainAuthentication("www.example.org")); | 2414 EXPECT_TRUE(session->VerifyDomainAuthentication("www.example.org")); |
2416 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.org")); | 2415 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.org")); |
2417 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.com")); | 2416 EXPECT_TRUE(session->VerifyDomainAuthentication("mail.example.com")); |
2418 EXPECT_FALSE(session->VerifyDomainAuthentication("mail.google.com")); | 2417 EXPECT_FALSE(session->VerifyDomainAuthentication("mail.google.com")); |
2419 } | 2418 } |
2420 | 2419 |
2421 TEST_P(SpdySessionTest, ConnectionPooledWithTlsChannelId) { | 2420 // TODO(rch): re-enable this. |
| 2421 TEST_P(SpdySessionTest, DISABLED_ConnectionPooledWithTlsChannelId) { |
2422 session_deps_.host_resolver->set_synchronous_mode(true); | 2422 session_deps_.host_resolver->set_synchronous_mode(true); |
2423 | 2423 |
2424 MockConnect connect_data(SYNCHRONOUS, OK); | 2424 MockConnect connect_data(SYNCHRONOUS, OK); |
2425 | 2425 |
2426 // No actual data will be sent. | 2426 // No actual data will be sent. |
2427 MockWrite writes[] = { | 2427 MockWrite writes[] = { |
2428 MockWrite(ASYNC, 0, 1) // EOF | 2428 MockWrite(ASYNC, 0, 1) // EOF |
2429 }; | 2429 }; |
2430 | 2430 |
2431 MockRead reads[] = { | 2431 MockRead reads[] = { |
(...skipping 2562 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4994 MapNetErrorToGoAwayStatus(ERR_SPDY_FLOW_CONTROL_ERROR)); | 4994 MapNetErrorToGoAwayStatus(ERR_SPDY_FLOW_CONTROL_ERROR)); |
4995 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, | 4995 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, |
4996 MapNetErrorToGoAwayStatus(ERR_SPDY_PROTOCOL_ERROR)); | 4996 MapNetErrorToGoAwayStatus(ERR_SPDY_PROTOCOL_ERROR)); |
4997 CHECK_EQ(GOAWAY_COMPRESSION_ERROR, | 4997 CHECK_EQ(GOAWAY_COMPRESSION_ERROR, |
4998 MapNetErrorToGoAwayStatus(ERR_SPDY_COMPRESSION_ERROR)); | 4998 MapNetErrorToGoAwayStatus(ERR_SPDY_COMPRESSION_ERROR)); |
4999 CHECK_EQ(GOAWAY_FRAME_SIZE_ERROR, | 4999 CHECK_EQ(GOAWAY_FRAME_SIZE_ERROR, |
5000 MapNetErrorToGoAwayStatus(ERR_SPDY_FRAME_SIZE_ERROR)); | 5000 MapNetErrorToGoAwayStatus(ERR_SPDY_FRAME_SIZE_ERROR)); |
5001 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, MapNetErrorToGoAwayStatus(ERR_UNEXPECTED)); | 5001 CHECK_EQ(GOAWAY_PROTOCOL_ERROR, MapNetErrorToGoAwayStatus(ERR_UNEXPECTED)); |
5002 } | 5002 } |
5003 | 5003 |
5004 TEST(CanPoolTest, CanPool) { | |
5005 // Load a cert that is valid for: | |
5006 // www.example.org | |
5007 // mail.example.org | |
5008 // www.example.com | |
5009 | |
5010 TransportSecurityState tss; | |
5011 SSLInfo ssl_info; | |
5012 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), | |
5013 "spdy_pooling.pem"); | |
5014 | |
5015 EXPECT_TRUE(SpdySession::CanPool( | |
5016 &tss, ssl_info, "www.example.org", "www.example.org")); | |
5017 EXPECT_TRUE(SpdySession::CanPool( | |
5018 &tss, ssl_info, "www.example.org", "mail.example.org")); | |
5019 EXPECT_TRUE(SpdySession::CanPool( | |
5020 &tss, ssl_info, "www.example.org", "mail.example.com")); | |
5021 EXPECT_FALSE(SpdySession::CanPool( | |
5022 &tss, ssl_info, "www.example.org", "mail.google.com")); | |
5023 } | |
5024 | |
5025 TEST(CanPoolTest, CanNotPoolWithCertErrors) { | |
5026 // Load a cert that is valid for: | |
5027 // www.example.org | |
5028 // mail.example.org | |
5029 // www.example.com | |
5030 | |
5031 TransportSecurityState tss; | |
5032 SSLInfo ssl_info; | |
5033 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), | |
5034 "spdy_pooling.pem"); | |
5035 ssl_info.cert_status = CERT_STATUS_REVOKED; | |
5036 | |
5037 EXPECT_FALSE(SpdySession::CanPool( | |
5038 &tss, ssl_info, "www.example.org", "mail.example.org")); | |
5039 } | |
5040 | |
5041 TEST(CanPoolTest, CanNotPoolWithClientCerts) { | |
5042 // Load a cert that is valid for: | |
5043 // www.example.org | |
5044 // mail.example.org | |
5045 // www.example.com | |
5046 | |
5047 TransportSecurityState tss; | |
5048 SSLInfo ssl_info; | |
5049 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), | |
5050 "spdy_pooling.pem"); | |
5051 ssl_info.client_cert_sent = true; | |
5052 | |
5053 EXPECT_FALSE(SpdySession::CanPool( | |
5054 &tss, ssl_info, "www.example.org", "mail.example.org")); | |
5055 } | |
5056 | |
5057 TEST(CanPoolTest, CanNotPoolAcrossETLDsWithChannelID) { | |
5058 // Load a cert that is valid for: | |
5059 // www.example.org | |
5060 // mail.example.org | |
5061 // www.example.com | |
5062 | |
5063 TransportSecurityState tss; | |
5064 SSLInfo ssl_info; | |
5065 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), | |
5066 "spdy_pooling.pem"); | |
5067 ssl_info.channel_id_sent = true; | |
5068 | |
5069 EXPECT_TRUE(SpdySession::CanPool( | |
5070 &tss, ssl_info, "www.example.org", "mail.example.org")); | |
5071 EXPECT_FALSE(SpdySession::CanPool( | |
5072 &tss, ssl_info, "www.example.org", "www.example.com")); | |
5073 } | |
5074 | |
5075 TEST(CanPoolTest, CanNotPoolWithBadPins) { | |
5076 uint8 primary_pin = 1; | |
5077 uint8 backup_pin = 2; | |
5078 uint8 bad_pin = 3; | |
5079 TransportSecurityState tss; | |
5080 test::AddPin(&tss, "mail.example.org", primary_pin, backup_pin); | |
5081 | |
5082 SSLInfo ssl_info; | |
5083 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), | |
5084 "spdy_pooling.pem"); | |
5085 ssl_info.is_issued_by_known_root = true; | |
5086 ssl_info.public_key_hashes.push_back(test::GetTestHashValue(bad_pin)); | |
5087 | |
5088 EXPECT_FALSE(SpdySession::CanPool( | |
5089 &tss, ssl_info, "www.example.org", "mail.example.org")); | |
5090 } | |
5091 | |
5092 TEST(CanPoolTest, CanPoolWithAcceptablePins) { | |
5093 uint8 primary_pin = 1; | |
5094 uint8 backup_pin = 2; | |
5095 TransportSecurityState tss; | |
5096 test::AddPin(&tss, "mail.example.org", primary_pin, backup_pin); | |
5097 | |
5098 SSLInfo ssl_info; | |
5099 ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), | |
5100 "spdy_pooling.pem"); | |
5101 ssl_info.is_issued_by_known_root = true; | |
5102 ssl_info.public_key_hashes.push_back(test::GetTestHashValue(primary_pin)); | |
5103 | |
5104 EXPECT_TRUE(SpdySession::CanPool( | |
5105 &tss, ssl_info, "www.example.org", "mail.example.org")); | |
5106 } | |
5107 | |
5108 } // namespace net | 5004 } // namespace net |
OLD | NEW |