| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/quic_client_session.h" | 5 #include "net/quic/quic_client_session.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/base64.h" |
| 9 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| 10 #include "base/rand_util.h" | 11 #include "base/rand_util.h" |
| 11 #include "net/base/capturing_net_log.h" | 12 #include "net/base/capturing_net_log.h" |
| 12 #include "net/base/test_completion_callback.h" | 13 #include "net/base/test_completion_callback.h" |
| 13 #include "net/base/test_data_directory.h" | 14 #include "net/base/test_data_directory.h" |
| 14 #include "net/cert/cert_verify_result.h" | 15 #include "net/cert/cert_verify_result.h" |
| 16 #include "net/http/transport_security_state.h" |
| 15 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" | 17 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" |
| 16 #include "net/quic/crypto/crypto_protocol.h" | 18 #include "net/quic/crypto/crypto_protocol.h" |
| 17 #include "net/quic/crypto/proof_verifier_chromium.h" | 19 #include "net/quic/crypto/proof_verifier_chromium.h" |
| 18 #include "net/quic/crypto/quic_decrypter.h" | 20 #include "net/quic/crypto/quic_decrypter.h" |
| 19 #include "net/quic/crypto/quic_encrypter.h" | 21 #include "net/quic/crypto/quic_encrypter.h" |
| 20 #include "net/quic/crypto/quic_server_info.h" | 22 #include "net/quic/crypto/quic_server_info.h" |
| 21 #include "net/quic/quic_default_packet_writer.h" | 23 #include "net/quic/quic_default_packet_writer.h" |
| 22 #include "net/quic/test_tools/crypto_test_utils.h" | 24 #include "net/quic/test_tools/crypto_test_utils.h" |
| 23 #include "net/quic/test_tools/quic_client_session_peer.h" | 25 #include "net/quic/test_tools/quic_client_session_peer.h" |
| 24 #include "net/quic/test_tools/quic_test_utils.h" | 26 #include "net/quic/test_tools/quic_test_utils.h" |
| 25 #include "net/quic/test_tools/simple_quic_framer.h" | 27 #include "net/quic/test_tools/simple_quic_framer.h" |
| 26 #include "net/socket/socket_test_util.h" | 28 #include "net/socket/socket_test_util.h" |
| 29 #include "net/spdy/spdy_test_utils.h" |
| 27 #include "net/test/cert_test_util.h" | 30 #include "net/test/cert_test_util.h" |
| 28 #include "net/udp/datagram_client_socket.h" | 31 #include "net/udp/datagram_client_socket.h" |
| 29 | 32 |
| 30 using testing::_; | 33 using testing::_; |
| 31 | 34 |
| 32 namespace net { | 35 namespace net { |
| 33 namespace test { | 36 namespace test { |
| 34 namespace { | 37 namespace { |
| 35 | 38 |
| 36 const char kServerHostname[] = "www.example.org"; | 39 const char kServerHostname[] = "www.example.org"; |
| (...skipping 29 matching lines...) Expand all Loading... |
| 66 QuicPacketHeader header_; | 69 QuicPacketHeader header_; |
| 67 }; | 70 }; |
| 68 | 71 |
| 69 class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> { | 72 class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> { |
| 70 protected: | 73 protected: |
| 71 QuicClientSessionTest() | 74 QuicClientSessionTest() |
| 72 : writer_(new TestPacketWriter(GetParam())), | 75 : writer_(new TestPacketWriter(GetParam())), |
| 73 connection_( | 76 connection_( |
| 74 new PacketSavingConnection(false, SupportedVersions(GetParam()))), | 77 new PacketSavingConnection(false, SupportedVersions(GetParam()))), |
| 75 session_(connection_, GetSocket().Pass(), writer_.Pass(), NULL, NULL, | 78 session_(connection_, GetSocket().Pass(), writer_.Pass(), NULL, NULL, |
| 79 &transport_security_state_, |
| 76 make_scoped_ptr((QuicServerInfo*)NULL), | 80 make_scoped_ptr((QuicServerInfo*)NULL), |
| 77 QuicServerId(kServerHostname, kServerPort, false, | 81 QuicServerId(kServerHostname, kServerPort, false, |
| 78 PRIVACY_MODE_DISABLED), | 82 PRIVACY_MODE_DISABLED), |
| 79 DefaultQuicConfig(), &crypto_config_, | 83 DefaultQuicConfig(), &crypto_config_, |
| 80 base::MessageLoop::current()->message_loop_proxy().get(), | 84 base::MessageLoop::current()->message_loop_proxy().get(), |
| 81 &net_log_) { | 85 &net_log_) { |
| 82 session_.InitializeSession(); | 86 session_.InitializeSession(); |
| 83 session_.config()->SetDefaults(); | 87 session_.config()->SetDefaults(); |
| 84 crypto_config_.SetDefaults(); | 88 crypto_config_.SetDefaults(); |
| 85 } | 89 } |
| (...skipping 15 matching lines...) Expand all Loading... |
| 101 CryptoTestUtils::HandshakeWithFakeServer( | 105 CryptoTestUtils::HandshakeWithFakeServer( |
| 102 connection_, session_.GetCryptoStream()); | 106 connection_, session_.GetCryptoStream()); |
| 103 ASSERT_EQ(OK, callback_.WaitForResult()); | 107 ASSERT_EQ(OK, callback_.WaitForResult()); |
| 104 } | 108 } |
| 105 | 109 |
| 106 scoped_ptr<QuicDefaultPacketWriter> writer_; | 110 scoped_ptr<QuicDefaultPacketWriter> writer_; |
| 107 PacketSavingConnection* connection_; | 111 PacketSavingConnection* connection_; |
| 108 CapturingNetLog net_log_; | 112 CapturingNetLog net_log_; |
| 109 MockClientSocketFactory socket_factory_; | 113 MockClientSocketFactory socket_factory_; |
| 110 StaticSocketDataProvider socket_data_; | 114 StaticSocketDataProvider socket_data_; |
| 115 TransportSecurityState transport_security_state_; |
| 111 QuicClientSession session_; | 116 QuicClientSession session_; |
| 112 MockClock clock_; | 117 MockClock clock_; |
| 113 MockRandom random_; | 118 MockRandom random_; |
| 114 QuicConnectionVisitorInterface* visitor_; | 119 QuicConnectionVisitorInterface* visitor_; |
| 115 TestCompletionCallback callback_; | 120 TestCompletionCallback callback_; |
| 116 QuicCryptoClientConfig crypto_config_; | 121 QuicCryptoClientConfig crypto_config_; |
| 117 }; | 122 }; |
| 118 | 123 |
| 119 INSTANTIATE_TEST_CASE_P(Tests, QuicClientSessionTest, | 124 INSTANTIATE_TEST_CASE_P(Tests, QuicClientSessionTest, |
| 120 ::testing::ValuesIn(QuicSupportedVersions())); | 125 ::testing::ValuesIn(QuicSupportedVersions())); |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 165 | 170 |
| 166 TEST_P(QuicClientSessionTest, GoAwayReceived) { | 171 TEST_P(QuicClientSessionTest, GoAwayReceived) { |
| 167 CompleteCryptoHandshake(); | 172 CompleteCryptoHandshake(); |
| 168 | 173 |
| 169 // After receiving a GoAway, I should no longer be able to create outgoing | 174 // After receiving a GoAway, I should no longer be able to create outgoing |
| 170 // streams. | 175 // streams. |
| 171 session_.OnGoAway(QuicGoAwayFrame(QUIC_PEER_GOING_AWAY, 1u, "Going away.")); | 176 session_.OnGoAway(QuicGoAwayFrame(QUIC_PEER_GOING_AWAY, 1u, "Going away.")); |
| 172 EXPECT_EQ(NULL, session_.CreateOutgoingDataStream()); | 177 EXPECT_EQ(NULL, session_.CreateOutgoingDataStream()); |
| 173 } | 178 } |
| 174 | 179 |
| 175 // TODO(rch): re-enable this. | 180 TEST_P(QuicClientSessionTest, CanPool) { |
| 176 TEST_P(QuicClientSessionTest, DISABLED_CanPool) { | |
| 177 // Load a cert that is valid for: | 181 // Load a cert that is valid for: |
| 178 // www.example.org | 182 // www.example.org |
| 179 // mail.example.org | 183 // mail.example.org |
| 180 // www.example.com | 184 // www.example.com |
| 181 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 182 | 185 |
| 183 CertVerifyResult result; | |
| 184 ProofVerifyDetailsChromium details; | 186 ProofVerifyDetailsChromium details; |
| 185 details.cert_verify_result.verified_cert = | 187 details.cert_verify_result.verified_cert = |
| 186 ImportCertFromFile(certs_dir, "spdy_pooling.pem"); | 188 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem"); |
| 187 ASSERT_TRUE(details.cert_verify_result.verified_cert); | 189 ASSERT_TRUE(details.cert_verify_result.verified_cert); |
| 188 | 190 |
| 189 session_.OnProofVerifyDetailsAvailable(details); | 191 session_.OnProofVerifyDetailsAvailable(details); |
| 190 CompleteCryptoHandshake(); | 192 CompleteCryptoHandshake(); |
| 191 | 193 |
| 192 | 194 |
| 193 EXPECT_TRUE(session_.CanPool("www.example.org")); | 195 EXPECT_TRUE(session_.CanPool("www.example.org")); |
| 194 EXPECT_TRUE(session_.CanPool("mail.example.org")); | 196 EXPECT_TRUE(session_.CanPool("mail.example.org")); |
| 195 EXPECT_TRUE(session_.CanPool("mail.example.com")); | 197 EXPECT_TRUE(session_.CanPool("mail.example.com")); |
| 196 EXPECT_FALSE(session_.CanPool("mail.google.com")); | 198 EXPECT_FALSE(session_.CanPool("mail.google.com")); |
| 197 } | 199 } |
| 198 | 200 |
| 199 // TODO(rch): re-enable this. | 201 TEST_P(QuicClientSessionTest, ConnectionPooledWithTlsChannelId) { |
| 200 TEST_P(QuicClientSessionTest, DISABLED_ConnectionPooledWithTlsChannelId) { | |
| 201 // Load a cert that is valid for: | 202 // Load a cert that is valid for: |
| 202 // www.example.org | 203 // www.example.org |
| 203 // mail.example.org | 204 // mail.example.org |
| 204 // www.example.com | 205 // www.example.com |
| 205 base::FilePath certs_dir = GetTestCertsDirectory(); | |
| 206 | 206 |
| 207 CertVerifyResult result; | |
| 208 ProofVerifyDetailsChromium details; | 207 ProofVerifyDetailsChromium details; |
| 209 details.cert_verify_result.verified_cert = | 208 details.cert_verify_result.verified_cert = |
| 210 ImportCertFromFile(certs_dir, "spdy_pooling.pem"); | 209 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem"); |
| 211 ASSERT_TRUE(details.cert_verify_result.verified_cert); | 210 ASSERT_TRUE(details.cert_verify_result.verified_cert); |
| 212 | 211 |
| 213 session_.OnProofVerifyDetailsAvailable(details); | 212 session_.OnProofVerifyDetailsAvailable(details); |
| 214 CompleteCryptoHandshake(); | 213 CompleteCryptoHandshake(); |
| 215 QuicClientSessionPeer::SetChannelIDSent(&session_, true); | 214 QuicClientSessionPeer::SetChannelIDSent(&session_, true); |
| 216 | 215 |
| 217 EXPECT_TRUE(session_.CanPool("www.example.org")); | 216 EXPECT_TRUE(session_.CanPool("www.example.org")); |
| 218 EXPECT_TRUE(session_.CanPool("mail.example.org")); | 217 EXPECT_TRUE(session_.CanPool("mail.example.org")); |
| 219 EXPECT_FALSE(session_.CanPool("mail.example.com")); | 218 EXPECT_FALSE(session_.CanPool("mail.example.com")); |
| 220 EXPECT_FALSE(session_.CanPool("mail.google.com")); | 219 EXPECT_FALSE(session_.CanPool("mail.google.com")); |
| 221 } | 220 } |
| 222 | 221 |
| 222 TEST_P(QuicClientSessionTest, ConnectionNotPooledWithDifferentPin) { |
| 223 uint8 primary_pin = 1; |
| 224 uint8 backup_pin = 2; |
| 225 uint8 bad_pin = 3; |
| 226 AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 227 backup_pin); |
| 228 |
| 229 ProofVerifyDetailsChromium details; |
| 230 details.cert_verify_result.verified_cert = |
| 231 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem"); |
| 232 details.cert_verify_result.is_issued_by_known_root = true; |
| 233 details.cert_verify_result.public_key_hashes.push_back( |
| 234 GetTestHashValue(bad_pin)); |
| 235 |
| 236 ASSERT_TRUE(details.cert_verify_result.verified_cert); |
| 237 |
| 238 session_.OnProofVerifyDetailsAvailable(details); |
| 239 CompleteCryptoHandshake(); |
| 240 QuicClientSessionPeer::SetChannelIDSent(&session_, true); |
| 241 |
| 242 EXPECT_FALSE(session_.CanPool("mail.example.org")); |
| 243 } |
| 244 |
| 245 TEST_P(QuicClientSessionTest, ConnectionPooledWithMatchingPin) { |
| 246 uint8 primary_pin = 1; |
| 247 uint8 backup_pin = 2; |
| 248 AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 249 backup_pin); |
| 250 |
| 251 ProofVerifyDetailsChromium details; |
| 252 details.cert_verify_result.verified_cert = |
| 253 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem"); |
| 254 details.cert_verify_result.is_issued_by_known_root = true; |
| 255 details.cert_verify_result.public_key_hashes.push_back( |
| 256 GetTestHashValue(primary_pin)); |
| 257 |
| 258 ASSERT_TRUE(details.cert_verify_result.verified_cert); |
| 259 |
| 260 session_.OnProofVerifyDetailsAvailable(details); |
| 261 CompleteCryptoHandshake(); |
| 262 QuicClientSessionPeer::SetChannelIDSent(&session_, true); |
| 263 |
| 264 EXPECT_TRUE(session_.CanPool("mail.example.org")); |
| 265 } |
| 266 |
| 223 } // namespace | 267 } // namespace |
| 224 } // namespace test | 268 } // namespace test |
| 225 } // namespace net | 269 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 498373002:
Refactor pooling logic into a helper method Disable pooling when there are cert errors. Disable poo… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2125