| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h" | 5 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 : ChromeFraudulentCertificateReporter(request_context) {} | 75 : ChromeFraudulentCertificateReporter(request_context) {} |
| 76 }; | 76 }; |
| 77 | 77 |
| 78 class SendingTestReporter : public TestReporter { | 78 class SendingTestReporter : public TestReporter { |
| 79 public: | 79 public: |
| 80 explicit SendingTestReporter(net::URLRequestContext* request_context) | 80 explicit SendingTestReporter(net::URLRequestContext* request_context) |
| 81 : TestReporter(request_context), passed_(false) {} | 81 : TestReporter(request_context), passed_(false) {} |
| 82 | 82 |
| 83 // Passes if invoked with a good SSLInfo and for a hostname that is a Google | 83 // Passes if invoked with a good SSLInfo and for a hostname that is a Google |
| 84 // pinned property. | 84 // pinned property. |
| 85 void SendReport(const std::string& hostname, | 85 void SendPinningViolationReport(const std::string& hostname, |
| 86 const SSLInfo& ssl_info) override { | 86 const SSLInfo& ssl_info) override { |
| 87 EXPECT_TRUE(IsGoodSSLInfo(ssl_info)); | 87 EXPECT_TRUE(IsGoodSSLInfo(ssl_info)); |
| 88 EXPECT_TRUE(net::TransportSecurityState::IsGooglePinnedProperty(hostname)); | 88 EXPECT_TRUE(net::TransportSecurityState::IsGooglePinnedProperty(hostname)); |
| 89 passed_ = true; | 89 passed_ = true; |
| 90 } | 90 } |
| 91 | 91 |
| 92 ~SendingTestReporter() override { | 92 ~SendingTestReporter() override { |
| 93 // If the object is destroyed without having its SendReport method invoked, | 93 // If the object is destroyed without having its SendPinningViolationReport |
| 94 // we failed. | 94 // method invoked, we failed. |
| 95 EXPECT_TRUE(passed_); | 95 EXPECT_TRUE(passed_); |
| 96 } | 96 } |
| 97 | 97 |
| 98 bool passed_; | 98 bool passed_; |
| 99 }; | 99 }; |
| 100 | 100 |
| 101 class NotSendingTestReporter : public TestReporter { | 101 class NotSendingTestReporter : public TestReporter { |
| 102 public: | 102 public: |
| 103 explicit NotSendingTestReporter(net::URLRequestContext* request_context) | 103 explicit NotSendingTestReporter(net::URLRequestContext* request_context) |
| 104 : TestReporter(request_context) {} | 104 : TestReporter(request_context) {} |
| 105 | 105 |
| 106 // Passes if invoked with a bad SSLInfo and for a hostname that is not a | 106 // Passes if invoked with a bad SSLInfo and for a hostname that is not a |
| 107 // Google pinned property. | 107 // Google pinned property. |
| 108 void SendReport(const std::string& hostname, | 108 void SendPinningViolationReport(const std::string& hostname, |
| 109 const SSLInfo& ssl_info) override { | 109 const SSLInfo& ssl_info) override { |
| 110 EXPECT_FALSE(IsGoodSSLInfo(ssl_info)); | 110 EXPECT_FALSE(IsGoodSSLInfo(ssl_info)); |
| 111 EXPECT_FALSE(net::TransportSecurityState::IsGooglePinnedProperty(hostname)); | 111 EXPECT_FALSE(net::TransportSecurityState::IsGooglePinnedProperty(hostname)); |
| 112 } | 112 } |
| 113 }; | 113 }; |
| 114 | 114 |
| 115 // A ChromeFraudulentCertificateReporter that uses a MockURLRequest, but is | 115 // A ChromeFraudulentCertificateReporter that uses a MockURLRequest, but is |
| 116 // otherwise normal: reports are constructed and sent in the usual way. | 116 // otherwise normal: reports are constructed and sent in the usual way. |
| 117 class MockReporter : public ChromeFraudulentCertificateReporter { | 117 class MockReporter : public ChromeFraudulentCertificateReporter { |
| 118 public: | 118 public: |
| 119 explicit MockReporter(net::URLRequestContext* request_context) | 119 explicit MockReporter(net::URLRequestContext* request_context) |
| 120 : ChromeFraudulentCertificateReporter(request_context) {} | 120 : ChromeFraudulentCertificateReporter(request_context) {} |
| 121 | 121 |
| 122 scoped_ptr<net::URLRequest> CreateURLRequest( | 122 scoped_ptr<net::URLRequest> CreateURLRequest( |
| 123 net::URLRequestContext* context) override { | 123 net::URLRequestContext* context, |
| 124 const GURL& upload_url) override { |
| 124 return context->CreateRequest(GURL(std::string()), | 125 return context->CreateRequest(GURL(std::string()), |
| 125 net::DEFAULT_PRIORITY, | 126 net::DEFAULT_PRIORITY, |
| 126 NULL, | 127 NULL, |
| 127 NULL); | 128 NULL); |
| 128 } | 129 } |
| 129 | 130 |
| 130 void SendReport(const std::string& hostname, | 131 void SendPinningViolationReport(const std::string& hostname, |
| 131 const net::SSLInfo& ssl_info) override { | 132 const net::SSLInfo& ssl_info) override { |
| 132 DCHECK(!hostname.empty()); | 133 DCHECK(!hostname.empty()); |
| 133 DCHECK(ssl_info.is_valid()); | 134 DCHECK(ssl_info.is_valid()); |
| 134 ChromeFraudulentCertificateReporter::SendReport(hostname, ssl_info); | 135 ChromeFraudulentCertificateReporter::SendPinningViolationReport(hostname, |
| 136 ssl_info); |
| 135 } | 137 } |
| 136 }; | 138 }; |
| 137 | 139 |
| 138 static void DoReportIsSent() { | 140 static void DoReportIsSent() { |
| 139 net::TestURLRequestContext context; | 141 net::TestURLRequestContext context; |
| 140 SendingTestReporter reporter(&context); | 142 SendingTestReporter reporter(&context); |
| 141 SSLInfo info = GetGoodSSLInfo(); | 143 SSLInfo info = GetGoodSSLInfo(); |
| 142 reporter.SendReport("mail.google.com", info); | 144 reporter.SendPinningViolationReport("mail.google.com", info); |
| 143 } | 145 } |
| 144 | 146 |
| 145 static void DoReportIsNotSent() { | 147 static void DoReportIsNotSent() { |
| 146 net::TestURLRequestContext context; | 148 net::TestURLRequestContext context; |
| 147 NotSendingTestReporter reporter(&context); | 149 NotSendingTestReporter reporter(&context); |
| 148 SSLInfo info = GetBadSSLInfo(); | 150 SSLInfo info = GetBadSSLInfo(); |
| 149 reporter.SendReport("www.example.com", info); | 151 reporter.SendPinningViolationReport("www.example.com", info); |
| 150 } | 152 } |
| 151 | 153 |
| 152 static void DoMockReportIsSent() { | 154 static void DoMockReportIsSent() { |
| 153 net::TestURLRequestContext context; | 155 net::TestURLRequestContext context; |
| 154 MockReporter reporter(&context); | 156 MockReporter reporter(&context); |
| 155 SSLInfo info = GetGoodSSLInfo(); | 157 SSLInfo info = GetGoodSSLInfo(); |
| 156 reporter.SendReport("mail.google.com", info); | 158 reporter.SendPinningViolationReport("mail.google.com", info); |
| 157 } | 159 } |
| 158 | 160 |
| 159 TEST(ChromeFraudulentCertificateReporterTest, GoodBadInfo) { | 161 TEST(ChromeFraudulentCertificateReporterTest, GoodBadInfo) { |
| 160 SSLInfo good = GetGoodSSLInfo(); | 162 SSLInfo good = GetGoodSSLInfo(); |
| 161 EXPECT_TRUE(IsGoodSSLInfo(good)); | 163 EXPECT_TRUE(IsGoodSSLInfo(good)); |
| 162 | 164 |
| 163 SSLInfo bad = GetBadSSLInfo(); | 165 SSLInfo bad = GetBadSSLInfo(); |
| 164 EXPECT_FALSE(IsGoodSSLInfo(bad)); | 166 EXPECT_FALSE(IsGoodSSLInfo(bad)); |
| 165 } | 167 } |
| 166 | 168 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 179 } | 181 } |
| 180 | 182 |
| 181 TEST(ChromeFraudulentCertificateReporterTest, ReportIsNotSent) { | 183 TEST(ChromeFraudulentCertificateReporterTest, ReportIsNotSent) { |
| 182 base::MessageLoopForIO loop; | 184 base::MessageLoopForIO loop; |
| 183 content::TestBrowserThread io_thread(BrowserThread::IO, &loop); | 185 content::TestBrowserThread io_thread(BrowserThread::IO, &loop); |
| 184 loop.PostTask(FROM_HERE, base::Bind(&DoReportIsNotSent)); | 186 loop.PostTask(FROM_HERE, base::Bind(&DoReportIsNotSent)); |
| 185 loop.RunUntilIdle(); | 187 loop.RunUntilIdle(); |
| 186 } | 188 } |
| 187 | 189 |
| 188 } // namespace chrome_browser_net | 190 } // namespace chrome_browser_net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 935663004:
Add checkbox for reporting invalid TLS/SSL cert chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master