| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/quic_stream_factory.h" | 5 #include "net/quic/quic_stream_factory.h" |
| 6 | 6 |
| 7 #include "base/run_loop.h" | 7 #include "base/run_loop.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "net/base/test_data_directory.h" | 9 #include "net/base/test_data_directory.h" |
| 10 #include "net/cert/cert_verifier.h" | 10 #include "net/cert/cert_verifier.h" |
| 11 #include "net/dns/mock_host_resolver.h" | 11 #include "net/dns/mock_host_resolver.h" |
| 12 #include "net/http/http_response_headers.h" | 12 #include "net/http/http_response_headers.h" |
| 13 #include "net/http/http_response_info.h" | 13 #include "net/http/http_response_info.h" |
| 14 #include "net/http/http_util.h" | 14 #include "net/http/http_util.h" |
| 15 #include "net/http/transport_security_state.h" | 15 #include "net/http/transport_security_state.h" |
| 16 #include "net/quic/crypto/crypto_handshake.h" | 16 #include "net/quic/crypto/crypto_handshake.h" |
| 17 #include "net/quic/crypto/proof_verifier_chromium.h" | 17 #include "net/quic/crypto/proof_verifier_chromium.h" |
| 18 #include "net/quic/crypto/quic_decrypter.h" | 18 #include "net/quic/crypto/quic_decrypter.h" |
| 19 #include "net/quic/crypto/quic_encrypter.h" | 19 #include "net/quic/crypto/quic_encrypter.h" |
| 20 #include "net/quic/quic_http_stream.h" | 20 #include "net/quic/quic_http_stream.h" |
| 21 #include "net/quic/quic_server_id.h" | 21 #include "net/quic/quic_server_id.h" |
| 22 #include "net/quic/test_tools/mock_clock.h" | 22 #include "net/quic/test_tools/mock_clock.h" |
| 23 #include "net/quic/test_tools/mock_crypto_client_stream_factory.h" | 23 #include "net/quic/test_tools/mock_crypto_client_stream_factory.h" |
| 24 #include "net/quic/test_tools/mock_random.h" | 24 #include "net/quic/test_tools/mock_random.h" |
| 25 #include "net/quic/test_tools/quic_test_packet_maker.h" | 25 #include "net/quic/test_tools/quic_test_packet_maker.h" |
| 26 #include "net/quic/test_tools/quic_test_utils.h" | 26 #include "net/quic/test_tools/quic_test_utils.h" |
| 27 #include "net/socket/socket_test_util.h" | 27 #include "net/socket/socket_test_util.h" |
| 28 #include "net/spdy/spdy_test_utils.h" |
| 28 #include "net/ssl/channel_id_service.h" | 29 #include "net/ssl/channel_id_service.h" |
| 29 #include "net/ssl/default_channel_id_store.h" | 30 #include "net/ssl/default_channel_id_store.h" |
| 30 #include "net/test/cert_test_util.h" | 31 #include "net/test/cert_test_util.h" |
| 31 #include "testing/gtest/include/gtest/gtest.h" | 32 #include "testing/gtest/include/gtest/gtest.h" |
| 32 | 33 |
| 33 using base::StringPiece; | 34 using base::StringPiece; |
| 34 using std::string; | 35 using std::string; |
| 35 using std::vector; | 36 using std::vector; |
| 36 | 37 |
| 37 namespace net { | 38 namespace net { |
| (...skipping 314 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 352 &factory_, host_port_pair_, is_https_), | 353 &factory_, host_port_pair_, is_https_), |
| 353 QuicStreamFactoryPeer::GetActiveSession( | 354 QuicStreamFactoryPeer::GetActiveSession( |
| 354 &factory_, host_port_pair_, !is_https_)); | 355 &factory_, host_port_pair_, !is_https_)); |
| 355 | 356 |
| 356 EXPECT_TRUE(socket_data1.at_read_eof()); | 357 EXPECT_TRUE(socket_data1.at_read_eof()); |
| 357 EXPECT_TRUE(socket_data1.at_write_eof()); | 358 EXPECT_TRUE(socket_data1.at_write_eof()); |
| 358 EXPECT_TRUE(socket_data2.at_read_eof()); | 359 EXPECT_TRUE(socket_data2.at_read_eof()); |
| 359 EXPECT_TRUE(socket_data2.at_write_eof()); | 360 EXPECT_TRUE(socket_data2.at_write_eof()); |
| 360 } | 361 } |
| 361 | 362 |
| 362 // TODO(rch): re-enable this. | 363 TEST_P(QuicStreamFactoryTest, Pooling) { |
| 363 TEST_P(QuicStreamFactoryTest, DISABLED_Pooling) { | |
| 364 MockRead reads[] = { | 364 MockRead reads[] = { |
| 365 MockRead(ASYNC, OK, 0) // EOF | 365 MockRead(ASYNC, OK, 0) // EOF |
| 366 }; | 366 }; |
| 367 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); | 367 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); |
| 368 socket_factory_.AddSocketDataProvider(&socket_data); | 368 socket_factory_.AddSocketDataProvider(&socket_data); |
| 369 socket_data.StopAfter(1); | 369 socket_data.StopAfter(1); |
| 370 | 370 |
| 371 HostPortPair server2("mail.google.com", kDefaultServerPort); | 371 HostPortPair server2("mail.google.com", kDefaultServerPort); |
| 372 host_resolver_.set_synchronous_mode(true); | 372 host_resolver_.set_synchronous_mode(true); |
| 373 host_resolver_.rules()->AddIPLiteralRule( | 373 host_resolver_.rules()->AddIPLiteralRule( |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 469 | 469 |
| 470 EXPECT_TRUE(QuicStreamFactoryPeer::HasActiveSession( | 470 EXPECT_TRUE(QuicStreamFactoryPeer::HasActiveSession( |
| 471 &factory_, server2, is_https_)); | 471 &factory_, server2, is_https_)); |
| 472 | 472 |
| 473 EXPECT_TRUE(socket_data1.at_read_eof()); | 473 EXPECT_TRUE(socket_data1.at_read_eof()); |
| 474 EXPECT_TRUE(socket_data1.at_write_eof()); | 474 EXPECT_TRUE(socket_data1.at_write_eof()); |
| 475 EXPECT_TRUE(socket_data2.at_read_eof()); | 475 EXPECT_TRUE(socket_data2.at_read_eof()); |
| 476 EXPECT_TRUE(socket_data2.at_write_eof()); | 476 EXPECT_TRUE(socket_data2.at_write_eof()); |
| 477 } | 477 } |
| 478 | 478 |
| 479 // TODO(rch): re-enable this. | 479 TEST_P(QuicStreamFactoryTest, HttpsPooling) { |
| 480 TEST_P(QuicStreamFactoryTest, DISABLED_HttpsPooling) { | |
| 481 MockRead reads[] = { | 480 MockRead reads[] = { |
| 482 MockRead(ASYNC, OK, 0) // EOF | 481 MockRead(ASYNC, OK, 0) // EOF |
| 483 }; | 482 }; |
| 484 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); | 483 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); |
| 485 socket_factory_.AddSocketDataProvider(&socket_data); | 484 socket_factory_.AddSocketDataProvider(&socket_data); |
| 486 socket_data.StopAfter(1); | 485 socket_data.StopAfter(1); |
| 487 | 486 |
| 488 HostPortPair server1("www.example.org", 443); | 487 HostPortPair server1("www.example.org", 443); |
| 489 HostPortPair server2("mail.example.org", 443); | 488 HostPortPair server2("mail.example.org", 443); |
| 490 | 489 |
| 491 // Load a cert that is valid for: | 490 // Load a cert that is valid for: |
| 492 // www.example.org (server1) | 491 // www.example.org (server1) |
| 493 // mail.example.org (server2) | 492 // mail.example.org (server2) |
| 494 // www.example.com | 493 // www.example.com |
| 495 base::FilePath certs_dir = GetTestCertsDirectory(); | 494 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 496 scoped_refptr<X509Certificate> test_cert( | 495 scoped_refptr<X509Certificate> test_cert( |
| 497 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); | 496 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); |
| 498 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); | 497 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); |
| 499 ProofVerifyDetailsChromium verify_details; | 498 ProofVerifyDetailsChromium verify_details; |
| 500 verify_details.cert_verify_result.verified_cert = test_cert; | 499 verify_details.cert_verify_result.verified_cert = test_cert; |
| 500 verify_details.cert_verify_result.is_issued_by_known_root = true; |
| 501 crypto_client_stream_factory_.set_proof_verify_details(&verify_details); | 501 crypto_client_stream_factory_.set_proof_verify_details(&verify_details); |
| 502 | 502 |
| 503 host_resolver_.set_synchronous_mode(true); | 503 host_resolver_.set_synchronous_mode(true); |
| 504 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); | 504 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 505 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); | 505 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 506 | 506 |
| 507 QuicStreamRequest request(&factory_); | 507 QuicStreamRequest request(&factory_); |
| 508 is_https_ = true; | 508 is_https_ = true; |
| 509 EXPECT_EQ(OK, | 509 EXPECT_EQ(OK, |
| 510 request.Request(server1, | 510 request.Request(server1, |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 597 &factory_, server1, is_https_), | 597 &factory_, server1, is_https_), |
| 598 QuicStreamFactoryPeer::GetActiveSession( | 598 QuicStreamFactoryPeer::GetActiveSession( |
| 599 &factory_, server2, is_https_)); | 599 &factory_, server2, is_https_)); |
| 600 | 600 |
| 601 EXPECT_TRUE(socket_data1.at_read_eof()); | 601 EXPECT_TRUE(socket_data1.at_read_eof()); |
| 602 EXPECT_TRUE(socket_data1.at_write_eof()); | 602 EXPECT_TRUE(socket_data1.at_write_eof()); |
| 603 EXPECT_TRUE(socket_data2.at_read_eof()); | 603 EXPECT_TRUE(socket_data2.at_read_eof()); |
| 604 EXPECT_TRUE(socket_data2.at_write_eof()); | 604 EXPECT_TRUE(socket_data2.at_write_eof()); |
| 605 } | 605 } |
| 606 | 606 |
| 607 TEST_P(QuicStreamFactoryTest, HttpsPoolingWithMatchingPins) { |
| 608 MockRead reads[] = { |
| 609 MockRead(ASYNC, OK, 0) // EOF |
| 610 }; |
| 611 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); |
| 612 socket_factory_.AddSocketDataProvider(&socket_data); |
| 613 socket_data.StopAfter(1); |
| 614 |
| 615 HostPortPair server1("www.example.org", 443); |
| 616 HostPortPair server2("mail.example.org", 443); |
| 617 uint8 primary_pin = 1; |
| 618 uint8 backup_pin = 2; |
| 619 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 620 backup_pin); |
| 621 |
| 622 // Load a cert that is valid for: |
| 623 // www.example.org (server1) |
| 624 // mail.example.org (server2) |
| 625 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 626 scoped_refptr<X509Certificate> test_cert( |
| 627 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); |
| 628 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); |
| 629 ProofVerifyDetailsChromium verify_details; |
| 630 verify_details.cert_verify_result.verified_cert = test_cert; |
| 631 verify_details.cert_verify_result.is_issued_by_known_root = true; |
| 632 verify_details.cert_verify_result.public_key_hashes.push_back( |
| 633 test::GetTestHashValue(primary_pin)); |
| 634 crypto_client_stream_factory_.set_proof_verify_details(&verify_details); |
| 635 |
| 636 |
| 637 host_resolver_.set_synchronous_mode(true); |
| 638 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 639 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 640 |
| 641 QuicStreamRequest request(&factory_); |
| 642 is_https_ = true; |
| 643 EXPECT_EQ(OK, |
| 644 request.Request(server1, |
| 645 is_https_, |
| 646 privacy_mode_, |
| 647 "GET", |
| 648 net_log_, |
| 649 callback_.callback())); |
| 650 scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); |
| 651 EXPECT_TRUE(stream.get()); |
| 652 |
| 653 TestCompletionCallback callback; |
| 654 QuicStreamRequest request2(&factory_); |
| 655 EXPECT_EQ(OK, |
| 656 request2.Request(server2, |
| 657 is_https_, |
| 658 privacy_mode_, |
| 659 "GET", |
| 660 net_log_, |
| 661 callback_.callback())); |
| 662 scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); |
| 663 EXPECT_TRUE(stream2.get()); |
| 664 |
| 665 EXPECT_EQ(QuicStreamFactoryPeer::GetActiveSession( |
| 666 &factory_, server1, is_https_), |
| 667 QuicStreamFactoryPeer::GetActiveSession( |
| 668 &factory_, server2, is_https_)); |
| 669 |
| 670 EXPECT_TRUE(socket_data.at_read_eof()); |
| 671 EXPECT_TRUE(socket_data.at_write_eof()); |
| 672 } |
| 673 |
| 674 TEST_P(QuicStreamFactoryTest, NoHttpsPoolingWithDifferentPins) { |
| 675 MockRead reads[] = { |
| 676 MockRead(ASYNC, OK, 0) // EOF |
| 677 }; |
| 678 DeterministicSocketData socket_data1(reads, arraysize(reads), NULL, 0); |
| 679 DeterministicSocketData socket_data2(reads, arraysize(reads), NULL, 0); |
| 680 socket_factory_.AddSocketDataProvider(&socket_data1); |
| 681 socket_factory_.AddSocketDataProvider(&socket_data2); |
| 682 socket_data1.StopAfter(1); |
| 683 socket_data2.StopAfter(1); |
| 684 |
| 685 HostPortPair server1("www.example.org", 443); |
| 686 HostPortPair server2("mail.example.org", 443); |
| 687 uint8 primary_pin = 1; |
| 688 uint8 backup_pin = 2; |
| 689 uint8 bad_pin = 3; |
| 690 test::AddPin(&transport_security_state_, "mail.example.org", primary_pin, |
| 691 backup_pin); |
| 692 |
| 693 // Load a cert that is valid for: |
| 694 // www.example.org (server1) |
| 695 // mail.example.org (server2) |
| 696 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 697 scoped_refptr<X509Certificate> test_cert( |
| 698 ImportCertFromFile(certs_dir, "spdy_pooling.pem")); |
| 699 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); |
| 700 ProofVerifyDetailsChromium verify_details; |
| 701 verify_details.cert_verify_result.verified_cert = test_cert; |
| 702 verify_details.cert_verify_result.is_issued_by_known_root = true; |
| 703 verify_details.cert_verify_result.public_key_hashes.push_back( |
| 704 test::GetTestHashValue(bad_pin)); |
| 705 crypto_client_stream_factory_.set_proof_verify_details(&verify_details); |
| 706 |
| 707 |
| 708 host_resolver_.set_synchronous_mode(true); |
| 709 host_resolver_.rules()->AddIPLiteralRule(server1.host(), "192.168.0.1", ""); |
| 710 host_resolver_.rules()->AddIPLiteralRule(server2.host(), "192.168.0.1", ""); |
| 711 |
| 712 QuicStreamRequest request(&factory_); |
| 713 is_https_ = true; |
| 714 EXPECT_EQ(OK, |
| 715 request.Request(server1, |
| 716 is_https_, |
| 717 privacy_mode_, |
| 718 "GET", |
| 719 net_log_, |
| 720 callback_.callback())); |
| 721 scoped_ptr<QuicHttpStream> stream = request.ReleaseStream(); |
| 722 EXPECT_TRUE(stream.get()); |
| 723 |
| 724 TestCompletionCallback callback; |
| 725 QuicStreamRequest request2(&factory_); |
| 726 EXPECT_EQ(OK, |
| 727 request2.Request(server2, |
| 728 is_https_, |
| 729 privacy_mode_, |
| 730 "GET", |
| 731 net_log_, |
| 732 callback_.callback())); |
| 733 scoped_ptr<QuicHttpStream> stream2 = request2.ReleaseStream(); |
| 734 EXPECT_TRUE(stream2.get()); |
| 735 |
| 736 EXPECT_NE(QuicStreamFactoryPeer::GetActiveSession( |
| 737 &factory_, server1, is_https_), |
| 738 QuicStreamFactoryPeer::GetActiveSession( |
| 739 &factory_, server2, is_https_)); |
| 740 |
| 741 EXPECT_TRUE(socket_data1.at_read_eof()); |
| 742 EXPECT_TRUE(socket_data1.at_write_eof()); |
| 743 EXPECT_TRUE(socket_data2.at_read_eof()); |
| 744 EXPECT_TRUE(socket_data2.at_write_eof()); |
| 745 } |
| 746 |
| 607 TEST_P(QuicStreamFactoryTest, Goaway) { | 747 TEST_P(QuicStreamFactoryTest, Goaway) { |
| 608 MockRead reads[] = { | 748 MockRead reads[] = { |
| 609 MockRead(ASYNC, OK, 0) // EOF | 749 MockRead(ASYNC, OK, 0) // EOF |
| 610 }; | 750 }; |
| 611 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); | 751 DeterministicSocketData socket_data(reads, arraysize(reads), NULL, 0); |
| 612 socket_data.StopAfter(1); | 752 socket_data.StopAfter(1); |
| 613 socket_factory_.AddSocketDataProvider(&socket_data); | 753 socket_factory_.AddSocketDataProvider(&socket_data); |
| 614 DeterministicSocketData socket_data2(reads, arraysize(reads), NULL, 0); | 754 DeterministicSocketData socket_data2(reads, arraysize(reads), NULL, 0); |
| 615 socket_data2.StopAfter(1); | 755 socket_data2.StopAfter(1); |
| 616 socket_factory_.AddSocketDataProvider(&socket_data2); | 756 socket_factory_.AddSocketDataProvider(&socket_data2); |
| (...skipping 533 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1150 QuicCryptoClientConfig::CachedState* cached2 = | 1290 QuicCryptoClientConfig::CachedState* cached2 = |
| 1151 crypto_config->LookupOrCreate(server_id2); | 1291 crypto_config->LookupOrCreate(server_id2); |
| 1152 EXPECT_NE(cached1->source_address_token(), cached2->source_address_token()); | 1292 EXPECT_NE(cached1->source_address_token(), cached2->source_address_token()); |
| 1153 EXPECT_TRUE(cached2->source_address_token().empty()); | 1293 EXPECT_TRUE(cached2->source_address_token().empty()); |
| 1154 EXPECT_FALSE(cached2->proof_valid()); | 1294 EXPECT_FALSE(cached2->proof_valid()); |
| 1155 } | 1295 } |
| 1156 } | 1296 } |
| 1157 | 1297 |
| 1158 } // namespace test | 1298 } // namespace test |
| 1159 } // namespace net | 1299 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 498373002:
Refactor pooling logic into a helper method Disable pooling when there are cert errors. Disable poo… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2125