OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "net/base/address_list.h" | 9 #include "net/base/address_list.h" |
10 #include "net/base/io_buffer.h" | 10 #include "net/base/io_buffer.h" |
(...skipping 1775 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1786 scoped_refptr<SSLCertRequestInfo> request_info = GetCertRequest(ssl_options); | 1786 scoped_refptr<SSLCertRequestInfo> request_info = GetCertRequest(ssl_options); |
1787 ASSERT_TRUE(request_info.get()); | 1787 ASSERT_TRUE(request_info.get()); |
1788 ASSERT_EQ(2u, request_info->cert_authorities.size()); | 1788 ASSERT_EQ(2u, request_info->cert_authorities.size()); |
1789 EXPECT_EQ(std::string(reinterpret_cast<const char*>(kThawteDN), kThawteLen), | 1789 EXPECT_EQ(std::string(reinterpret_cast<const char*>(kThawteDN), kThawteLen), |
1790 request_info->cert_authorities[0]); | 1790 request_info->cert_authorities[0]); |
1791 EXPECT_EQ( | 1791 EXPECT_EQ( |
1792 std::string(reinterpret_cast<const char*>(kDiginotarDN), kDiginotarLen), | 1792 std::string(reinterpret_cast<const char*>(kDiginotarDN), kDiginotarLen), |
1793 request_info->cert_authorities[1]); | 1793 request_info->cert_authorities[1]); |
1794 } | 1794 } |
1795 | 1795 |
1796 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsEnabled) { | 1796 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsEnabledTLSExtension) { |
1797 SpawnedTestServer::SSLOptions ssl_options; | 1797 SpawnedTestServer::SSLOptions ssl_options; |
1798 ssl_options.signed_cert_timestamps = "test"; | 1798 ssl_options.signed_cert_timestamps_tls_ext = "test"; |
1799 | 1799 |
1800 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | 1800 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, |
1801 ssl_options, | 1801 ssl_options, |
1802 base::FilePath()); | |
1803 ASSERT_TRUE(test_server.Start()); | |
1804 | |
1805 AddressList addr; | |
1806 ASSERT_TRUE(test_server.GetAddressList(&addr)); | |
1807 | |
1808 TestCompletionCallback callback; | |
1809 CapturingNetLog log; | |
1810 scoped_ptr<StreamSocket> transport( | |
1811 new TCPClientSocket(addr, &log, NetLog::Source())); | |
1812 int rv = transport->Connect(callback.callback()); | |
1813 if (rv == ERR_IO_PENDING) | |
1814 rv = callback.WaitForResult(); | |
1815 EXPECT_EQ(OK, rv); | |
1816 | |
1817 SSLConfig ssl_config; | |
1818 ssl_config.signed_cert_timestamps_enabled = true; | |
1819 | |
1820 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | |
1821 transport.Pass(), test_server.host_port_pair(), ssl_config)); | |
1822 | |
1823 EXPECT_FALSE(sock->IsConnected()); | |
1824 | |
1825 rv = sock->Connect(callback.callback()); | |
1826 | |
1827 CapturingNetLog::CapturedEntryList entries; | |
1828 log.GetEntries(&entries); | |
1829 EXPECT_TRUE(LogContainsBeginEvent(entries, 5, NetLog::TYPE_SSL_CONNECT)); | |
1830 if (rv == ERR_IO_PENDING) | |
1831 rv = callback.WaitForResult(); | |
1832 EXPECT_EQ(OK, rv); | |
1833 EXPECT_TRUE(sock->IsConnected()); | |
1834 log.GetEntries(&entries); | |
1835 EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1)); | |
1836 | |
1837 #if !defined(USE_OPENSSL) | |
1838 EXPECT_TRUE(sock->WereSignedCertTimestampsReceived()); | |
1839 #else | |
1840 // Enabling CT for OpenSSL is currently a noop. | |
1841 EXPECT_FALSE(sock->WereSignedCertTimestampsReceived()); | |
1842 #endif | |
1843 | |
1844 sock->Disconnect(); | |
1845 EXPECT_FALSE(sock->IsConnected()); | |
1846 } | |
1847 | |
1848 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsEnabledOCSP) { | |
1849 SpawnedTestServer::SSLOptions ssl_options; | |
1850 ssl_options.signed_cert_timestamps_ocsp = "test"; | |
1851 // The test server currently only knows how to generate OCSP responses | |
1852 // for a freshly minted certificate. | |
1853 ssl_options.server_certificate = SpawnedTestServer::SSLOptions::CERT_AUTO; | |
1854 | |
1855 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | |
1856 ssl_options, | |
1802 base::FilePath()); | 1857 base::FilePath()); |
1803 ASSERT_TRUE(test_server.Start()); | 1858 ASSERT_TRUE(test_server.Start()); |
1804 | 1859 |
1805 AddressList addr; | 1860 AddressList addr; |
1806 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 1861 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1807 | 1862 |
1808 TestCompletionCallback callback; | 1863 TestCompletionCallback callback; |
1809 CapturingNetLog log; | 1864 CapturingNetLog log; |
1810 scoped_ptr<StreamSocket> transport( | 1865 scoped_ptr<StreamSocket> transport( |
1811 new TCPClientSocket(addr, &log, NetLog::Source())); | 1866 new TCPClientSocket(addr, &log, NetLog::Source())); |
(...skipping 28 matching lines...) Expand all Loading... | |
1840 // Enabling CT for OpenSSL is currently a noop. | 1895 // Enabling CT for OpenSSL is currently a noop. |
1841 EXPECT_FALSE(sock->WereSignedCertTimestampsReceived()); | 1896 EXPECT_FALSE(sock->WereSignedCertTimestampsReceived()); |
1842 #endif | 1897 #endif |
1843 | 1898 |
1844 sock->Disconnect(); | 1899 sock->Disconnect(); |
1845 EXPECT_FALSE(sock->IsConnected()); | 1900 EXPECT_FALSE(sock->IsConnected()); |
1846 } | 1901 } |
1847 | 1902 |
1848 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsDisabled) { | 1903 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsDisabled) { |
1849 SpawnedTestServer::SSLOptions ssl_options; | 1904 SpawnedTestServer::SSLOptions ssl_options; |
1850 ssl_options.signed_cert_timestamps = "test"; | 1905 ssl_options.signed_cert_timestamps_tls_ext = "test"; |
1906 ssl_options.signed_cert_timestamps_tls_ext = "test2"; | |
wtc
2013/12/03 21:04:25
BUG: I think you meant to assign "test2" to ssl_op
ekasper
2013/12/04 19:25:15
I did but this has gone away as I've reverted Were
| |
1851 | 1907 |
1852 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | 1908 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, |
1853 ssl_options, | 1909 ssl_options, |
1854 base::FilePath()); | 1910 base::FilePath()); |
1855 ASSERT_TRUE(test_server.Start()); | 1911 ASSERT_TRUE(test_server.Start()); |
1856 | 1912 |
1857 AddressList addr; | 1913 AddressList addr; |
1858 ASSERT_TRUE(test_server.GetAddressList(&addr)); | 1914 ASSERT_TRUE(test_server.GetAddressList(&addr)); |
1859 | 1915 |
1860 TestCompletionCallback callback; | 1916 TestCompletionCallback callback; |
(...skipping 27 matching lines...) Expand all Loading... | |
1888 | 1944 |
1889 EXPECT_FALSE(sock->WereSignedCertTimestampsReceived()); | 1945 EXPECT_FALSE(sock->WereSignedCertTimestampsReceived()); |
1890 | 1946 |
1891 sock->Disconnect(); | 1947 sock->Disconnect(); |
1892 EXPECT_FALSE(sock->IsConnected()); | 1948 EXPECT_FALSE(sock->IsConnected()); |
1893 } | 1949 } |
1894 | 1950 |
1895 } // namespace | 1951 } // namespace |
1896 | 1952 |
1897 } // namespace net | 1953 } // namespace net |
OLD | NEW |