OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
6 | 6 |
7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
8 #include <windows.h> | 8 #include <windows.h> |
9 #include <shlobj.h> | 9 #include <shlobj.h> |
10 #endif | 10 #endif |
(...skipping 6918 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6929 EXPECT_EQ("insert", parts[0]); | 6929 EXPECT_EQ("insert", parts[0]); |
6930 session_id = parts[1]; | 6930 session_id = parts[1]; |
6931 } else { | 6931 } else { |
6932 EXPECT_EQ("lookup", parts[0]); | 6932 EXPECT_EQ("lookup", parts[0]); |
6933 EXPECT_EQ(session_id, parts[1]); | 6933 EXPECT_EQ(session_id, parts[1]); |
6934 } | 6934 } |
6935 } | 6935 } |
6936 } | 6936 } |
6937 } | 6937 } |
6938 | 6938 |
| 6939 // AssertTwoDistinctSessionsInserted checks that |session_info|, which must be |
| 6940 // the result of fetching "ssl-session-cache" from the test server, indicates |
| 6941 // that exactly two different sessions were inserted, with no lookups etc. |
| 6942 static void AssertTwoDistinctSessionsInserted(const string& session_info) { |
| 6943 std::vector<std::string> lines; |
| 6944 base::SplitString(session_info, '\n', &lines); |
| 6945 ASSERT_EQ(3u, lines.size()) << session_info; |
| 6946 |
| 6947 std::string session_id; |
| 6948 for (size_t i = 0; i < 2; i++) { |
| 6949 std::vector<std::string> parts; |
| 6950 base::SplitString(lines[i], '\t', &parts); |
| 6951 ASSERT_EQ(2u, parts.size()); |
| 6952 EXPECT_EQ("insert", parts[0]); |
| 6953 if (i == 0) { |
| 6954 session_id = parts[1]; |
| 6955 } else { |
| 6956 EXPECT_NE(session_id, parts[1]); |
| 6957 } |
| 6958 } |
| 6959 } |
| 6960 |
6939 TEST_F(HTTPSRequestTest, SSLSessionCacheShardTest) { | 6961 TEST_F(HTTPSRequestTest, SSLSessionCacheShardTest) { |
6940 // Test that sessions aren't resumed when the value of ssl_session_cache_shard | 6962 // Test that sessions aren't resumed when the value of ssl_session_cache_shard |
6941 // differs. | 6963 // differs. |
6942 SpawnedTestServer::SSLOptions ssl_options; | 6964 SpawnedTestServer::SSLOptions ssl_options; |
6943 ssl_options.record_resume = true; | 6965 ssl_options.record_resume = true; |
6944 SpawnedTestServer test_server( | 6966 SpawnedTestServer test_server( |
6945 SpawnedTestServer::TYPE_HTTPS, | 6967 SpawnedTestServer::TYPE_HTTPS, |
6946 ssl_options, | 6968 ssl_options, |
6947 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | 6969 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
6948 ASSERT_TRUE(test_server.Start()); | 6970 ASSERT_TRUE(test_server.Start()); |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6992 base::RunLoop().Run(); | 7014 base::RunLoop().Run(); |
6993 | 7015 |
6994 // The response will look like; | 7016 // The response will look like; |
6995 // insert abc | 7017 // insert abc |
6996 // insert xyz | 7018 // insert xyz |
6997 // | 7019 // |
6998 // With a newline at the end which makes the split think that there are | 7020 // With a newline at the end which makes the split think that there are |
6999 // three lines. | 7021 // three lines. |
7000 | 7022 |
7001 EXPECT_EQ(1, d.response_started_count()); | 7023 EXPECT_EQ(1, d.response_started_count()); |
7002 std::vector<std::string> lines; | 7024 AssertTwoDistinctSessionsInserted(d.data_received()); |
7003 base::SplitString(d.data_received(), '\n', &lines); | |
7004 ASSERT_EQ(3u, lines.size()); | |
7005 | |
7006 std::string session_id; | |
7007 for (size_t i = 0; i < 2; i++) { | |
7008 std::vector<std::string> parts; | |
7009 base::SplitString(lines[i], '\t', &parts); | |
7010 ASSERT_EQ(2u, parts.size()); | |
7011 EXPECT_EQ("insert", parts[0]); | |
7012 if (i == 0) { | |
7013 session_id = parts[1]; | |
7014 } else { | |
7015 EXPECT_NE(session_id, parts[1]); | |
7016 } | |
7017 } | |
7018 } | 7025 } |
7019 } | 7026 } |
7020 | 7027 |
7021 #if defined(OS_WIN) | 7028 #if defined(OS_WIN) |
7022 | 7029 |
7023 namespace { | 7030 namespace { |
7024 | 7031 |
7025 bool IsECDSACipherSuite(uint16_t cipher_suite) { | 7032 bool IsECDSACipherSuite(uint16_t cipher_suite) { |
7026 const char* key_exchange; | 7033 const char* key_exchange; |
7027 const char* cipher; | 7034 const char* cipher; |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7062 for (size_t i = 0; i < lines.size(); i++) { | 7069 for (size_t i = 0; i < lines.size(); i++) { |
7063 int cipher_suite; | 7070 int cipher_suite; |
7064 ASSERT_TRUE(base::StringToInt(lines[i], &cipher_suite)); | 7071 ASSERT_TRUE(base::StringToInt(lines[i], &cipher_suite)); |
7065 EXPECT_FALSE(IsECDSACipherSuite(cipher_suite)) | 7072 EXPECT_FALSE(IsECDSACipherSuite(cipher_suite)) |
7066 << "ClientHello advertised " << cipher_suite; | 7073 << "ClientHello advertised " << cipher_suite; |
7067 } | 7074 } |
7068 } | 7075 } |
7069 | 7076 |
7070 #endif // OS_WIN | 7077 #endif // OS_WIN |
7071 | 7078 |
| 7079 class TestSSLConfigService : public SSLConfigService { |
| 7080 public: |
| 7081 TestSSLConfigService(bool ev_enabled, |
| 7082 bool online_rev_checking, |
| 7083 bool rev_checking_required_local_anchors) |
| 7084 : ev_enabled_(ev_enabled), |
| 7085 online_rev_checking_(online_rev_checking), |
| 7086 rev_checking_required_local_anchors_( |
| 7087 rev_checking_required_local_anchors), |
| 7088 fallback_min_version_(0) {} |
| 7089 |
| 7090 void set_fallback_min_version(uint16 version) { |
| 7091 fallback_min_version_ = version; |
| 7092 } |
| 7093 |
| 7094 // SSLConfigService: |
| 7095 virtual void GetSSLConfig(SSLConfig* config) override { |
| 7096 *config = SSLConfig(); |
| 7097 config->rev_checking_enabled = online_rev_checking_; |
| 7098 config->verify_ev_cert = ev_enabled_; |
| 7099 config->rev_checking_required_local_anchors = |
| 7100 rev_checking_required_local_anchors_; |
| 7101 if (fallback_min_version_) { |
| 7102 config->version_fallback_min = fallback_min_version_; |
| 7103 } |
| 7104 } |
| 7105 |
| 7106 protected: |
| 7107 virtual ~TestSSLConfigService() {} |
| 7108 |
| 7109 private: |
| 7110 const bool ev_enabled_; |
| 7111 const bool online_rev_checking_; |
| 7112 const bool rev_checking_required_local_anchors_; |
| 7113 uint16 fallback_min_version_; |
| 7114 }; |
| 7115 |
| 7116 class FallbackTestURLRequestContext : public TestURLRequestContext { |
| 7117 public: |
| 7118 explicit FallbackTestURLRequestContext(bool delay_initialization) |
| 7119 : TestURLRequestContext(delay_initialization) {} |
| 7120 |
| 7121 void set_fallback_min_version(uint16 version) { |
| 7122 TestSSLConfigService *ssl_config_service = |
| 7123 new TestSSLConfigService(true /* check for EV */, |
| 7124 false /* online revocation checking */, |
| 7125 false /* require rev. checking for local |
| 7126 anchors */); |
| 7127 ssl_config_service->set_fallback_min_version(version); |
| 7128 set_ssl_config_service(ssl_config_service); |
| 7129 } |
| 7130 }; |
| 7131 |
7072 class HTTPSFallbackTest : public testing::Test { | 7132 class HTTPSFallbackTest : public testing::Test { |
7073 public: | 7133 public: |
7074 HTTPSFallbackTest() : context_(true) { | 7134 HTTPSFallbackTest() : context_(true) {} |
7075 context_.Init(); | |
7076 delegate_.set_allow_certificate_errors(true); | |
7077 } | |
7078 virtual ~HTTPSFallbackTest() {} | 7135 virtual ~HTTPSFallbackTest() {} |
7079 | 7136 |
7080 protected: | 7137 protected: |
7081 void DoFallbackTest(const SpawnedTestServer::SSLOptions& ssl_options) { | 7138 void DoFallbackTest(const SpawnedTestServer::SSLOptions& ssl_options) { |
7082 DCHECK(!request_); | 7139 DCHECK(!request_); |
| 7140 context_.Init(); |
| 7141 delegate_.set_allow_certificate_errors(true); |
| 7142 |
7083 SpawnedTestServer test_server( | 7143 SpawnedTestServer test_server( |
7084 SpawnedTestServer::TYPE_HTTPS, | 7144 SpawnedTestServer::TYPE_HTTPS, |
7085 ssl_options, | 7145 ssl_options, |
7086 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | 7146 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
7087 ASSERT_TRUE(test_server.Start()); | 7147 ASSERT_TRUE(test_server.Start()); |
7088 | 7148 |
7089 request_ = context_.CreateRequest( | 7149 request_ = context_.CreateRequest( |
7090 test_server.GetURL(std::string()), DEFAULT_PRIORITY, &delegate_, NULL); | 7150 test_server.GetURL(std::string()), DEFAULT_PRIORITY, &delegate_, NULL); |
7091 request_->Start(); | 7151 request_->Start(); |
7092 | 7152 |
7093 base::RunLoop().Run(); | 7153 base::RunLoop().Run(); |
7094 } | 7154 } |
7095 | 7155 |
| 7156 void set_fallback_min_version(uint16 version) { |
| 7157 context_.set_fallback_min_version(version); |
| 7158 } |
| 7159 |
7096 void ExpectConnection(int version) { | 7160 void ExpectConnection(int version) { |
7097 EXPECT_EQ(1, delegate_.response_started_count()); | 7161 EXPECT_EQ(1, delegate_.response_started_count()); |
7098 EXPECT_NE(0, delegate_.bytes_received()); | 7162 EXPECT_NE(0, delegate_.bytes_received()); |
7099 EXPECT_EQ(version, SSLConnectionStatusToVersion( | 7163 EXPECT_EQ(version, SSLConnectionStatusToVersion( |
7100 request_->ssl_info().connection_status)); | 7164 request_->ssl_info().connection_status)); |
7101 EXPECT_TRUE(request_->ssl_info().connection_status & | 7165 EXPECT_TRUE(request_->ssl_info().connection_status & |
7102 SSL_CONNECTION_VERSION_FALLBACK); | 7166 SSL_CONNECTION_VERSION_FALLBACK); |
7103 } | 7167 } |
7104 | 7168 |
7105 void ExpectFailure(int error) { | 7169 void ExpectFailure(int error) { |
7106 EXPECT_EQ(1, delegate_.response_started_count()); | 7170 EXPECT_EQ(1, delegate_.response_started_count()); |
7107 EXPECT_FALSE(request_->status().is_success()); | 7171 EXPECT_FALSE(request_->status().is_success()); |
7108 EXPECT_EQ(URLRequestStatus::FAILED, request_->status().status()); | 7172 EXPECT_EQ(URLRequestStatus::FAILED, request_->status().status()); |
7109 EXPECT_EQ(error, request_->status().error()); | 7173 EXPECT_EQ(error, request_->status().error()); |
7110 } | 7174 } |
7111 | 7175 |
7112 private: | 7176 private: |
7113 TestDelegate delegate_; | 7177 TestDelegate delegate_; |
7114 TestURLRequestContext context_; | 7178 FallbackTestURLRequestContext context_; |
7115 scoped_ptr<URLRequest> request_; | 7179 scoped_ptr<URLRequest> request_; |
7116 }; | 7180 }; |
7117 | 7181 |
7118 // Tests TLSv1.1 -> TLSv1 fallback. Verifies that we don't fall back more | 7182 // Tests TLSv1.1 -> TLSv1 fallback. Verifies that we don't fall back more |
7119 // than necessary. | 7183 // than necessary. |
7120 TEST_F(HTTPSFallbackTest, TLSv1Fallback) { | 7184 TEST_F(HTTPSFallbackTest, TLSv1Fallback) { |
7121 SpawnedTestServer::SSLOptions ssl_options( | 7185 SpawnedTestServer::SSLOptions ssl_options( |
7122 SpawnedTestServer::SSLOptions::CERT_OK); | 7186 SpawnedTestServer::SSLOptions::CERT_OK); |
7123 ssl_options.tls_intolerant = | 7187 ssl_options.tls_intolerant = |
7124 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; | 7188 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7180 // Have the server process TLS_FALLBACK_SCSV so that version fallback | 7244 // Have the server process TLS_FALLBACK_SCSV so that version fallback |
7181 // connections are rejected. | 7245 // connections are rejected. |
7182 ssl_options.fallback_scsv_enabled = true; | 7246 ssl_options.fallback_scsv_enabled = true; |
7183 | 7247 |
7184 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7248 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7185 | 7249 |
7186 // The original error should be replayed on rejected fallback. | 7250 // The original error should be replayed on rejected fallback. |
7187 ExpectFailure(ERR_CONNECTION_CLOSED); | 7251 ExpectFailure(ERR_CONNECTION_CLOSED); |
7188 } | 7252 } |
7189 | 7253 |
7190 // Tests that the SSLv3 fallback triggers on alert. | 7254 // Tests that the SSLv3 fallback doesn't happen by default. |
7191 TEST_F(HTTPSFallbackTest, SSLv3Fallback) { | 7255 TEST_F(HTTPSFallbackTest, SSLv3Fallback) { |
7192 SpawnedTestServer::SSLOptions ssl_options( | 7256 SpawnedTestServer::SSLOptions ssl_options( |
7193 SpawnedTestServer::SSLOptions::CERT_OK); | 7257 SpawnedTestServer::SSLOptions::CERT_OK); |
7194 ssl_options.tls_intolerant = | 7258 ssl_options.tls_intolerant = |
7195 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7259 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
7196 | 7260 |
7197 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7261 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
| 7262 ExpectFailure(ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION); |
| 7263 } |
| 7264 |
| 7265 // Tests that the SSLv3 fallback works when explicitly enabled. |
| 7266 TEST_F(HTTPSFallbackTest, SSLv3FallbackEnabled) { |
| 7267 SpawnedTestServer::SSLOptions ssl_options( |
| 7268 SpawnedTestServer::SSLOptions::CERT_OK); |
| 7269 ssl_options.tls_intolerant = |
| 7270 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
| 7271 set_fallback_min_version(SSL_PROTOCOL_VERSION_SSL3); |
| 7272 |
| 7273 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7198 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); | 7274 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); |
7199 } | 7275 } |
7200 | 7276 |
7201 // Tests that the SSLv3 fallback triggers on closed connections. | 7277 // Tests that the SSLv3 fallback triggers on closed connections when explicitly |
| 7278 // enabled. |
7202 TEST_F(HTTPSFallbackTest, SSLv3FallbackClosed) { | 7279 TEST_F(HTTPSFallbackTest, SSLv3FallbackClosed) { |
7203 SpawnedTestServer::SSLOptions ssl_options( | 7280 SpawnedTestServer::SSLOptions ssl_options( |
7204 SpawnedTestServer::SSLOptions::CERT_OK); | 7281 SpawnedTestServer::SSLOptions::CERT_OK); |
7205 ssl_options.tls_intolerant = | 7282 ssl_options.tls_intolerant = |
7206 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7283 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
7207 ssl_options.tls_intolerance_type = | 7284 ssl_options.tls_intolerance_type = |
7208 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; | 7285 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; |
| 7286 set_fallback_min_version(SSL_PROTOCOL_VERSION_SSL3); |
7209 | 7287 |
7210 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7288 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7211 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); | 7289 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); |
7212 } | 7290 } |
7213 | 7291 |
| 7292 // Test that SSLv3 fallback probe connections don't cause sessions to be cached. |
| 7293 TEST_F(HTTPSRequestTest, SSLv3FallbackNoCache) { |
| 7294 SpawnedTestServer::SSLOptions ssl_options( |
| 7295 SpawnedTestServer::SSLOptions::CERT_OK); |
| 7296 ssl_options.tls_intolerant = |
| 7297 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
| 7298 ssl_options.tls_intolerance_type = |
| 7299 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; |
| 7300 ssl_options.record_resume = true; |
| 7301 |
| 7302 SpawnedTestServer test_server( |
| 7303 SpawnedTestServer::TYPE_HTTPS, |
| 7304 ssl_options, |
| 7305 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
| 7306 ASSERT_TRUE(test_server.Start()); |
| 7307 |
| 7308 SSLClientSocket::ClearSessionCache(); |
| 7309 |
| 7310 // Make a connection that does a probe fallback to SSLv3 but fails because |
| 7311 // SSLv3 fallback is disabled. We don't wish a session for this connection to |
| 7312 // be inserted locally. |
| 7313 { |
| 7314 TestDelegate delegate; |
| 7315 FallbackTestURLRequestContext context(true); |
| 7316 |
| 7317 context.Init(); |
| 7318 scoped_ptr<URLRequest> request(context.CreateRequest( |
| 7319 test_server.GetURL(std::string()), DEFAULT_PRIORITY, &delegate, NULL)); |
| 7320 request->Start(); |
| 7321 |
| 7322 base::RunLoop().Run(); |
| 7323 |
| 7324 EXPECT_EQ(1, delegate.response_started_count()); |
| 7325 EXPECT_FALSE(request->status().is_success()); |
| 7326 EXPECT_EQ(URLRequestStatus::FAILED, request->status().status()); |
| 7327 EXPECT_EQ(ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION, |
| 7328 request->status().error()); |
| 7329 } |
| 7330 |
| 7331 // Now allow SSLv3 connections and request the session cache log. |
| 7332 { |
| 7333 TestDelegate delegate; |
| 7334 FallbackTestURLRequestContext context(true); |
| 7335 context.set_fallback_min_version(SSL_PROTOCOL_VERSION_SSL3); |
| 7336 |
| 7337 context.Init(); |
| 7338 scoped_ptr<URLRequest> request( |
| 7339 context.CreateRequest(test_server.GetURL("ssl-session-cache"), |
| 7340 DEFAULT_PRIORITY, |
| 7341 &delegate, |
| 7342 NULL)); |
| 7343 request->Start(); |
| 7344 |
| 7345 base::RunLoop().Run(); |
| 7346 |
| 7347 EXPECT_EQ(1, delegate.response_started_count()); |
| 7348 EXPECT_NE(0, delegate.bytes_received()); |
| 7349 EXPECT_EQ(SSL_CONNECTION_VERSION_SSL3, SSLConnectionStatusToVersion( |
| 7350 request->ssl_info().connection_status)); |
| 7351 EXPECT_TRUE(request->ssl_info().connection_status & |
| 7352 SSL_CONNECTION_VERSION_FALLBACK); |
| 7353 |
| 7354 std::vector<std::string> lines; |
| 7355 // If no sessions were cached then the server should have seen two sessions |
| 7356 // inserted with no lookups. |
| 7357 AssertTwoDistinctSessionsInserted(delegate.data_received()); |
| 7358 } |
| 7359 } |
| 7360 |
7214 // This test is disabled on Android because the remote test server doesn't cause | 7361 // This test is disabled on Android because the remote test server doesn't cause |
7215 // a TCP reset. | 7362 // a TCP reset. |
7216 #if !defined(OS_ANDROID) | 7363 #if !defined(OS_ANDROID) |
7217 // Tests that a reset connection does not fallback down to SSL3. | 7364 // Tests that a reset connection does not fallback down to SSL3. |
7218 TEST_F(HTTPSFallbackTest, SSLv3NoFallbackReset) { | 7365 TEST_F(HTTPSFallbackTest, SSLv3NoFallbackReset) { |
7219 SpawnedTestServer::SSLOptions ssl_options( | 7366 SpawnedTestServer::SSLOptions ssl_options( |
7220 SpawnedTestServer::SSLOptions::CERT_OK); | 7367 SpawnedTestServer::SSLOptions::CERT_OK); |
7221 ssl_options.tls_intolerant = | 7368 ssl_options.tls_intolerant = |
7222 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7369 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
7223 ssl_options.tls_intolerance_type = | 7370 ssl_options.tls_intolerance_type = |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7296 // With a newline at the end which makes the split think that there are | 7443 // With a newline at the end which makes the split think that there are |
7297 // three lines. | 7444 // three lines. |
7298 // | 7445 // |
7299 // If a session was presented (eg: a bug), then the response would look | 7446 // If a session was presented (eg: a bug), then the response would look |
7300 // like; | 7447 // like; |
7301 // insert abc | 7448 // insert abc |
7302 // lookup abc | 7449 // lookup abc |
7303 // insert xyz | 7450 // insert xyz |
7304 | 7451 |
7305 EXPECT_EQ(1, d.response_started_count()); | 7452 EXPECT_EQ(1, d.response_started_count()); |
7306 std::vector<std::string> lines; | 7453 AssertTwoDistinctSessionsInserted(d.data_received()); |
7307 base::SplitString(d.data_received(), '\n', &lines); | |
7308 ASSERT_EQ(3u, lines.size()) << d.data_received(); | |
7309 | |
7310 std::string session_id; | |
7311 for (size_t i = 0; i < 2; i++) { | |
7312 std::vector<std::string> parts; | |
7313 base::SplitString(lines[i], '\t', &parts); | |
7314 ASSERT_EQ(2u, parts.size()); | |
7315 EXPECT_EQ("insert", parts[0]); | |
7316 if (i == 0) { | |
7317 session_id = parts[1]; | |
7318 } else { | |
7319 EXPECT_NE(session_id, parts[1]); | |
7320 } | |
7321 } | |
7322 } | 7454 } |
7323 } | 7455 } |
7324 | 7456 |
7325 class TestSSLConfigService : public SSLConfigService { | |
7326 public: | |
7327 TestSSLConfigService(bool ev_enabled, | |
7328 bool online_rev_checking, | |
7329 bool rev_checking_required_local_anchors) | |
7330 : ev_enabled_(ev_enabled), | |
7331 online_rev_checking_(online_rev_checking), | |
7332 rev_checking_required_local_anchors_( | |
7333 rev_checking_required_local_anchors) {} | |
7334 | |
7335 // SSLConfigService: | |
7336 virtual void GetSSLConfig(SSLConfig* config) override { | |
7337 *config = SSLConfig(); | |
7338 config->rev_checking_enabled = online_rev_checking_; | |
7339 config->verify_ev_cert = ev_enabled_; | |
7340 config->rev_checking_required_local_anchors = | |
7341 rev_checking_required_local_anchors_; | |
7342 } | |
7343 | |
7344 protected: | |
7345 virtual ~TestSSLConfigService() {} | |
7346 | |
7347 private: | |
7348 const bool ev_enabled_; | |
7349 const bool online_rev_checking_; | |
7350 const bool rev_checking_required_local_anchors_; | |
7351 }; | |
7352 | |
7353 // This the fingerprint of the "Testing CA" certificate used by the testserver. | 7457 // This the fingerprint of the "Testing CA" certificate used by the testserver. |
7354 // See net/data/ssl/certificates/ocsp-test-root.pem. | 7458 // See net/data/ssl/certificates/ocsp-test-root.pem. |
7355 static const SHA1HashValue kOCSPTestCertFingerprint = | 7459 static const SHA1HashValue kOCSPTestCertFingerprint = |
7356 { { 0xf1, 0xad, 0xf6, 0xce, 0x42, 0xac, 0xe7, 0xb4, 0xf4, 0x24, | 7460 { { 0xf1, 0xad, 0xf6, 0xce, 0x42, 0xac, 0xe7, 0xb4, 0xf4, 0x24, |
7357 0xdb, 0x1a, 0xf7, 0xa0, 0x9f, 0x09, 0xa1, 0xea, 0xf1, 0x5c } }; | 7461 0xdb, 0x1a, 0xf7, 0xa0, 0x9f, 0x09, 0xa1, 0xea, 0xf1, 0x5c } }; |
7358 | 7462 |
7359 // This is the SHA256, SPKI hash of the "Testing CA" certificate used by the | 7463 // This is the SHA256, SPKI hash of the "Testing CA" certificate used by the |
7360 // testserver. | 7464 // testserver. |
7361 static const SHA256HashValue kOCSPTestCertSPKI = { { | 7465 static const SHA256HashValue kOCSPTestCertSPKI = { { |
7362 0xee, 0xe6, 0x51, 0x2d, 0x4c, 0xfa, 0xf7, 0x3e, | 7466 0xee, 0xe6, 0x51, 0x2d, 0x4c, 0xfa, 0xf7, 0x3e, |
(...skipping 816 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
8179 | 8283 |
8180 EXPECT_FALSE(r->is_pending()); | 8284 EXPECT_FALSE(r->is_pending()); |
8181 EXPECT_EQ(1, d->response_started_count()); | 8285 EXPECT_EQ(1, d->response_started_count()); |
8182 EXPECT_FALSE(d->received_data_before_response()); | 8286 EXPECT_FALSE(d->received_data_before_response()); |
8183 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); | 8287 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); |
8184 } | 8288 } |
8185 } | 8289 } |
8186 #endif // !defined(DISABLE_FTP_SUPPORT) | 8290 #endif // !defined(DISABLE_FTP_SUPPORT) |
8187 | 8291 |
8188 } // namespace net | 8292 } // namespace net |
OLD | NEW |