| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| (...skipping 352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 363 // underlying transport until UnblockWrite() has been called. Note: if there | 363 // underlying transport until UnblockWrite() has been called. Note: if there |
| 364 // is a pending asynchronous write, it is NOT blocked. For purposes of | 364 // is a pending asynchronous write, it is NOT blocked. For purposes of |
| 365 // blocking writes, data is considered to have reached the underlying | 365 // blocking writes, data is considered to have reached the underlying |
| 366 // transport as soon as Write() is called. | 366 // transport as soon as Write() is called. |
| 367 void BlockWrite(); | 367 void BlockWrite(); |
| 368 void UnblockWrite(); | 368 void UnblockWrite(); |
| 369 | 369 |
| 370 // Waits for the blocked Write() call to be scheduled. | 370 // Waits for the blocked Write() call to be scheduled. |
| 371 void WaitForWrite(); | 371 void WaitForWrite(); |
| 372 | 372 |
| 373 // Returns the wrapped stream socket. | |
| 374 StreamSocket* transport() { return transport_.get(); } | |
| 375 | |
| 376 private: | 373 private: |
| 377 // Handles completion from the underlying transport read. | 374 // Handles completion from the underlying transport read. |
| 378 void OnReadCompleted(int result); | 375 void OnReadCompleted(int result); |
| 379 | 376 |
| 380 // True if read callbacks are blocked. | 377 // True if read callbacks are blocked. |
| 381 bool should_block_read_; | 378 bool should_block_read_; |
| 382 | 379 |
| 383 // The user callback for the pending read call. | 380 // The user callback for the pending read call. |
| 384 CompletionCallback pending_read_callback_; | 381 CompletionCallback pending_read_callback_; |
| 385 | 382 |
| (...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 673 const std::string&, | 670 const std::string&, |
| 674 ct::CTVerifyResult*, | 671 ct::CTVerifyResult*, |
| 675 const BoundNetLog&)); | 672 const BoundNetLog&)); |
| 676 }; | 673 }; |
| 677 | 674 |
| 678 class SSLClientSocketTest : public PlatformTest { | 675 class SSLClientSocketTest : public PlatformTest { |
| 679 public: | 676 public: |
| 680 SSLClientSocketTest() | 677 SSLClientSocketTest() |
| 681 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), | 678 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), |
| 682 cert_verifier_(new MockCertVerifier), | 679 cert_verifier_(new MockCertVerifier), |
| 683 transport_security_state_(new TransportSecurityState), | 680 transport_security_state_(new TransportSecurityState) { |
| 684 ran_handshake_completion_callback_(false) { | |
| 685 cert_verifier_->set_default_result(OK); | 681 cert_verifier_->set_default_result(OK); |
| 686 context_.cert_verifier = cert_verifier_.get(); | 682 context_.cert_verifier = cert_verifier_.get(); |
| 687 context_.transport_security_state = transport_security_state_.get(); | 683 context_.transport_security_state = transport_security_state_.get(); |
| 688 } | 684 } |
| 689 | 685 |
| 690 void RecordCompletedHandshake() { ran_handshake_completion_callback_ = true; } | |
| 691 | |
| 692 protected: | 686 protected: |
| 693 // The address of the spawned test server, after calling StartTestServer(). | 687 // The address of the spawned test server, after calling StartTestServer(). |
| 694 const AddressList& addr() const { return addr_; } | 688 const AddressList& addr() const { return addr_; } |
| 695 | 689 |
| 696 // The SpawnedTestServer object, after calling StartTestServer(). | 690 // The SpawnedTestServer object, after calling StartTestServer(). |
| 697 const SpawnedTestServer* test_server() const { return test_server_.get(); } | 691 const SpawnedTestServer* test_server() const { return test_server_.get(); } |
| 698 | 692 |
| 699 void SetCTVerifier(CTVerifier* ct_verifier) { | 693 void SetCTVerifier(CTVerifier* ct_verifier) { |
| 700 context_.cert_transparency_verifier = ct_verifier; | 694 context_.cert_transparency_verifier = ct_verifier; |
| 701 } | 695 } |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 762 *result = callback_.GetResult(sock_->Connect(callback_.callback())); | 756 *result = callback_.GetResult(sock_->Connect(callback_.callback())); |
| 763 return true; | 757 return true; |
| 764 } | 758 } |
| 765 | 759 |
| 766 ClientSocketFactory* socket_factory_; | 760 ClientSocketFactory* socket_factory_; |
| 767 scoped_ptr<MockCertVerifier> cert_verifier_; | 761 scoped_ptr<MockCertVerifier> cert_verifier_; |
| 768 scoped_ptr<TransportSecurityState> transport_security_state_; | 762 scoped_ptr<TransportSecurityState> transport_security_state_; |
| 769 SSLClientSocketContext context_; | 763 SSLClientSocketContext context_; |
| 770 scoped_ptr<SSLClientSocket> sock_; | 764 scoped_ptr<SSLClientSocket> sock_; |
| 771 CapturingNetLog log_; | 765 CapturingNetLog log_; |
| 772 bool ran_handshake_completion_callback_; | |
| 773 | 766 |
| 774 private: | 767 private: |
| 775 scoped_ptr<StreamSocket> transport_; | 768 scoped_ptr<StreamSocket> transport_; |
| 776 scoped_ptr<SpawnedTestServer> test_server_; | 769 scoped_ptr<SpawnedTestServer> test_server_; |
| 777 TestCompletionCallback callback_; | 770 TestCompletionCallback callback_; |
| 778 AddressList addr_; | 771 AddressList addr_; |
| 779 }; | 772 }; |
| 780 | 773 |
| 781 // Verifies the correctness of GetSSLCertRequestInfo. | 774 // Verifies the correctness of GetSSLCertRequestInfo. |
| 782 class SSLClientSocketCertRequestInfoTest : public SSLClientSocketTest { | 775 class SSLClientSocketCertRequestInfoTest : public SSLClientSocketTest { |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 815 sock->Disconnect(); | 808 sock->Disconnect(); |
| 816 EXPECT_FALSE(sock->IsConnected()); | 809 EXPECT_FALSE(sock->IsConnected()); |
| 817 EXPECT_TRUE( | 810 EXPECT_TRUE( |
| 818 test_server.host_port_pair().Equals(request_info->host_and_port)); | 811 test_server.host_port_pair().Equals(request_info->host_and_port)); |
| 819 | 812 |
| 820 return request_info; | 813 return request_info; |
| 821 } | 814 } |
| 822 }; | 815 }; |
| 823 | 816 |
| 824 class SSLClientSocketFalseStartTest : public SSLClientSocketTest { | 817 class SSLClientSocketFalseStartTest : public SSLClientSocketTest { |
| 825 public: | |
| 826 SSLClientSocketFalseStartTest() | |
| 827 : monitor_handshake_callback_(false), | |
| 828 fail_handshake_after_false_start_(false) {} | |
| 829 | |
| 830 protected: | 818 protected: |
| 831 // Creates an SSLClientSocket with |client_config| attached to a | 819 // Creates an SSLClientSocket with |client_config| attached to a |
| 832 // FakeBlockingStreamSocket, returning both in |*out_raw_transport| and | 820 // FakeBlockingStreamSocket, returning both in |*out_raw_transport| and |
| 833 // |*out_sock|. The FakeBlockingStreamSocket is owned by the SSLClientSocket, | 821 // |*out_sock|. The FakeBlockingStreamSocket is owned by the SSLClientSocket, |
| 834 // so |*out_raw_transport| is a raw pointer. | 822 // so |*out_raw_transport| is a raw pointer. |
| 835 // | 823 // |
| 836 // The client socket will begin a connect using |callback| but stop before the | 824 // The client socket will begin a connect using |callback| but stop before the |
| 837 // server's finished message is received. The finished message will be blocked | 825 // server's finished message is received. The finished message will be blocked |
| 838 // in |*out_raw_transport|. To complete the handshake and successfully read | 826 // in |*out_raw_transport|. To complete the handshake and successfully read |
| 839 // data, the caller must unblock reads on |*out_raw_transport|. (Note that, if | 827 // data, the caller must unblock reads on |*out_raw_transport|. (Note that, if |
| 840 // the client successfully false started, |callback.WaitForResult()| will | 828 // the client successfully false started, |callback.WaitForResult()| will |
| 841 // return OK without unblocking transport reads. But Read() will still block.) | 829 // return OK without unblocking transport reads. But Read() will still block.) |
| 842 // | 830 // |
| 843 // Must be called after StartTestServer is called. | 831 // Must be called after StartTestServer is called. |
| 844 void CreateAndConnectUntilServerFinishedReceived( | 832 void CreateAndConnectUntilServerFinishedReceived( |
| 845 const SSLConfig& client_config, | 833 const SSLConfig& client_config, |
| 846 TestCompletionCallback* callback, | 834 TestCompletionCallback* callback, |
| 847 FakeBlockingStreamSocket** out_raw_transport, | 835 FakeBlockingStreamSocket** out_raw_transport, |
| 848 scoped_ptr<SSLClientSocket>* out_sock) { | 836 scoped_ptr<SSLClientSocket>* out_sock) { |
| 849 CHECK(test_server()); | 837 CHECK(test_server()); |
| 850 | 838 |
| 851 scoped_ptr<StreamSocket> real_transport(scoped_ptr<StreamSocket>( | 839 scoped_ptr<StreamSocket> real_transport( |
| 852 new TCPClientSocket(addr(), NULL, NetLog::Source()))); | 840 new TCPClientSocket(addr(), NULL, NetLog::Source())); |
| 853 real_transport.reset( | |
| 854 new SynchronousErrorStreamSocket(real_transport.Pass())); | |
| 855 | |
| 856 scoped_ptr<FakeBlockingStreamSocket> transport( | 841 scoped_ptr<FakeBlockingStreamSocket> transport( |
| 857 new FakeBlockingStreamSocket(real_transport.Pass())); | 842 new FakeBlockingStreamSocket(real_transport.Pass())); |
| 858 int rv = callback->GetResult(transport->Connect(callback->callback())); | 843 int rv = callback->GetResult(transport->Connect(callback->callback())); |
| 859 EXPECT_EQ(OK, rv); | 844 EXPECT_EQ(OK, rv); |
| 860 | 845 |
| 861 FakeBlockingStreamSocket* raw_transport = transport.get(); | 846 FakeBlockingStreamSocket* raw_transport = transport.get(); |
| 862 scoped_ptr<SSLClientSocket> sock = CreateSSLClientSocket( | 847 scoped_ptr<SSLClientSocket> sock = CreateSSLClientSocket( |
| 863 transport.Pass(), test_server()->host_port_pair(), client_config); | 848 transport.Pass(), test_server()->host_port_pair(), client_config); |
| 864 | 849 |
| 865 if (monitor_handshake_callback_) { | |
| 866 sock->SetHandshakeCompletionCallback( | |
| 867 base::Bind(&SSLClientSocketTest::RecordCompletedHandshake, | |
| 868 base::Unretained(this))); | |
| 869 } | |
| 870 | |
| 871 // Connect. Stop before the client processes the first server leg | 850 // Connect. Stop before the client processes the first server leg |
| 872 // (ServerHello, etc.) | 851 // (ServerHello, etc.) |
| 873 raw_transport->BlockReadResult(); | 852 raw_transport->BlockReadResult(); |
| 874 rv = sock->Connect(callback->callback()); | 853 rv = sock->Connect(callback->callback()); |
| 875 EXPECT_EQ(ERR_IO_PENDING, rv); | 854 EXPECT_EQ(ERR_IO_PENDING, rv); |
| 876 raw_transport->WaitForReadResult(); | 855 raw_transport->WaitForReadResult(); |
| 877 | 856 |
| 878 // Release the ServerHello and wait for the client to write | 857 // Release the ServerHello and wait for the client to write |
| 879 // ClientKeyExchange, etc. (A proxy for waiting for the entirety of the | 858 // ClientKeyExchange, etc. (A proxy for waiting for the entirety of the |
| 880 // server's leg to complete, since it may span multiple reads.) | 859 // server's leg to complete, since it may span multiple reads.) |
| 881 EXPECT_FALSE(callback->have_result()); | 860 EXPECT_FALSE(callback->have_result()); |
| 882 raw_transport->BlockWrite(); | 861 raw_transport->BlockWrite(); |
| 883 raw_transport->UnblockReadResult(); | 862 raw_transport->UnblockReadResult(); |
| 884 raw_transport->WaitForWrite(); | 863 raw_transport->WaitForWrite(); |
| 885 | 864 |
| 886 if (fail_handshake_after_false_start_) { | |
| 887 SynchronousErrorStreamSocket* error_socket = | |
| 888 static_cast<SynchronousErrorStreamSocket*>( | |
| 889 raw_transport->transport()); | |
| 890 error_socket->SetNextReadError(ERR_CONNECTION_RESET); | |
| 891 } | |
| 892 // And, finally, release that and block the next server leg | 865 // And, finally, release that and block the next server leg |
| 893 // (ChangeCipherSpec, Finished). | 866 // (ChangeCipherSpec, Finished). |
| 894 raw_transport->BlockReadResult(); | 867 raw_transport->BlockReadResult(); |
| 895 raw_transport->UnblockWrite(); | 868 raw_transport->UnblockWrite(); |
| 896 | 869 |
| 897 *out_raw_transport = raw_transport; | 870 *out_raw_transport = raw_transport; |
| 898 *out_sock = sock.Pass(); | 871 *out_sock = sock.Pass(); |
| 899 } | 872 } |
| 900 | 873 |
| 901 void TestFalseStart(const SpawnedTestServer::SSLOptions& server_options, | 874 void TestFalseStart(const SpawnedTestServer::SSLOptions& server_options, |
| 902 const SSLConfig& client_config, | 875 const SSLConfig& client_config, |
| 903 bool expect_false_start) { | 876 bool expect_false_start) { |
| 904 ASSERT_TRUE(StartTestServer(server_options)); | 877 ASSERT_TRUE(StartTestServer(server_options)); |
| 905 | 878 |
| 906 TestCompletionCallback callback; | 879 TestCompletionCallback callback; |
| 907 FakeBlockingStreamSocket* raw_transport = NULL; | 880 FakeBlockingStreamSocket* raw_transport = NULL; |
| 908 scoped_ptr<SSLClientSocket> sock; | 881 scoped_ptr<SSLClientSocket> sock; |
| 909 | |
| 910 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( | 882 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( |
| 911 client_config, &callback, &raw_transport, &sock)); | 883 client_config, &callback, &raw_transport, &sock)); |
| 912 | 884 |
| 913 if (expect_false_start) { | 885 if (expect_false_start) { |
| 914 // When False Starting, the handshake should complete before receiving the | 886 // When False Starting, the handshake should complete before receiving the |
| 915 // Change Cipher Spec and Finished messages. | 887 // Change Cipher Spec and Finished messages. |
| 916 // | 888 // |
| 917 // Note: callback.have_result() may not be true without waiting. The NSS | 889 // Note: callback.have_result() may not be true without waiting. The NSS |
| 918 // state machine sometimes lives on a separate thread, so this thread may | 890 // state machine sometimes lives on a separate thread, so this thread may |
| 919 // not yet have processed the signal that the handshake has completed. | 891 // not yet have processed the signal that the handshake has completed. |
| (...skipping 14 matching lines...) Expand all Loading... |
| 934 EXPECT_EQ(kRequestTextSize, rv); | 906 EXPECT_EQ(kRequestTextSize, rv); |
| 935 | 907 |
| 936 // The read will hang; it's waiting for the peer to complete the | 908 // The read will hang; it's waiting for the peer to complete the |
| 937 // handshake, and the handshake is still blocked. | 909 // handshake, and the handshake is still blocked. |
| 938 scoped_refptr<IOBuffer> buf(new IOBuffer(4096)); | 910 scoped_refptr<IOBuffer> buf(new IOBuffer(4096)); |
| 939 rv = sock->Read(buf.get(), 4096, callback.callback()); | 911 rv = sock->Read(buf.get(), 4096, callback.callback()); |
| 940 | 912 |
| 941 // After releasing reads, the connection proceeds. | 913 // After releasing reads, the connection proceeds. |
| 942 raw_transport->UnblockReadResult(); | 914 raw_transport->UnblockReadResult(); |
| 943 rv = callback.GetResult(rv); | 915 rv = callback.GetResult(rv); |
| 944 if (fail_handshake_after_false_start_) | 916 EXPECT_LT(0, rv); |
| 945 EXPECT_EQ(ERR_CONNECTION_RESET, rv); | |
| 946 else | |
| 947 EXPECT_LT(0, rv); | |
| 948 } else { | 917 } else { |
| 949 // False Start is not enabled, so the handshake will not complete because | 918 // False Start is not enabled, so the handshake will not complete because |
| 950 // the server second leg is blocked. | 919 // the server second leg is blocked. |
| 951 base::RunLoop().RunUntilIdle(); | 920 base::RunLoop().RunUntilIdle(); |
| 952 EXPECT_FALSE(callback.have_result()); | 921 EXPECT_FALSE(callback.have_result()); |
| 953 } | 922 } |
| 954 } | 923 } |
| 955 | |
| 956 // Indicates that the socket's handshake completion callback should | |
| 957 // be monitored. | |
| 958 bool monitor_handshake_callback_; | |
| 959 // Indicates that this test's handshake should fail after the client | |
| 960 // "finished" message is sent. | |
| 961 bool fail_handshake_after_false_start_; | |
| 962 }; | 924 }; |
| 963 | 925 |
| 964 class SSLClientSocketChannelIDTest : public SSLClientSocketTest { | 926 class SSLClientSocketChannelIDTest : public SSLClientSocketTest { |
| 965 protected: | 927 protected: |
| 966 void EnableChannelID() { | 928 void EnableChannelID() { |
| 967 channel_id_service_.reset( | 929 channel_id_service_.reset( |
| 968 new ChannelIDService(new DefaultChannelIDStore(NULL), | 930 new ChannelIDService(new DefaultChannelIDStore(NULL), |
| 969 base::MessageLoopProxy::current())); | 931 base::MessageLoopProxy::current())); |
| 970 context_.channel_id_service = channel_id_service_.get(); | 932 context_.channel_id_service = channel_id_service_.get(); |
| 971 } | 933 } |
| (...skipping 1907 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2879 EXPECT_EQ(OK, callback.GetResult(transport->Connect(callback.callback()))); | 2841 EXPECT_EQ(OK, callback.GetResult(transport->Connect(callback.callback()))); |
| 2880 sock = CreateSSLClientSocket( | 2842 sock = CreateSSLClientSocket( |
| 2881 transport.Pass(), test_server()->host_port_pair(), fallback_ssl_config); | 2843 transport.Pass(), test_server()->host_port_pair(), fallback_ssl_config); |
| 2882 EXPECT_EQ(OK, callback.GetResult(sock->Connect(callback.callback()))); | 2844 EXPECT_EQ(OK, callback.GetResult(sock->Connect(callback.callback()))); |
| 2883 EXPECT_TRUE(sock->GetSSLInfo(&ssl_info)); | 2845 EXPECT_TRUE(sock->GetSSLInfo(&ssl_info)); |
| 2884 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type); | 2846 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type); |
| 2885 EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1, | 2847 EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1, |
| 2886 SSLConnectionStatusToVersion(ssl_info.connection_status)); | 2848 SSLConnectionStatusToVersion(ssl_info.connection_status)); |
| 2887 } | 2849 } |
| 2888 | 2850 |
| 2889 #if defined(USE_OPENSSL) | |
| 2890 | |
| 2891 TEST_F(SSLClientSocketTest, HandshakeCallbackIsRun_WithFailure) { | |
| 2892 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | |
| 2893 SpawnedTestServer::kLocalhost, | |
| 2894 base::FilePath()); | |
| 2895 ASSERT_TRUE(test_server.Start()); | |
| 2896 | |
| 2897 AddressList addr; | |
| 2898 ASSERT_TRUE(test_server.GetAddressList(&addr)); | |
| 2899 | |
| 2900 TestCompletionCallback callback; | |
| 2901 scoped_ptr<StreamSocket> real_transport( | |
| 2902 new TCPClientSocket(addr, NULL, NetLog::Source())); | |
| 2903 scoped_ptr<SynchronousErrorStreamSocket> transport( | |
| 2904 new SynchronousErrorStreamSocket(real_transport.Pass())); | |
| 2905 int rv = callback.GetResult(transport->Connect(callback.callback())); | |
| 2906 EXPECT_EQ(OK, rv); | |
| 2907 | |
| 2908 // Disable TLS False Start to avoid handshake non-determinism. | |
| 2909 SSLConfig ssl_config; | |
| 2910 ssl_config.false_start_enabled = false; | |
| 2911 | |
| 2912 SynchronousErrorStreamSocket* raw_transport = transport.get(); | |
| 2913 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | |
| 2914 transport.Pass(), test_server.host_port_pair(), ssl_config)); | |
| 2915 | |
| 2916 sock->SetHandshakeCompletionCallback(base::Bind( | |
| 2917 &SSLClientSocketTest::RecordCompletedHandshake, base::Unretained(this))); | |
| 2918 | |
| 2919 raw_transport->SetNextWriteError(ERR_CONNECTION_RESET); | |
| 2920 | |
| 2921 rv = callback.GetResult(sock->Connect(callback.callback())); | |
| 2922 EXPECT_EQ(ERR_CONNECTION_RESET, rv); | |
| 2923 EXPECT_FALSE(sock->IsConnected()); | |
| 2924 | |
| 2925 EXPECT_TRUE(ran_handshake_completion_callback_); | |
| 2926 } | |
| 2927 | |
| 2928 // Tests that the completion callback is run when an SSL connection | |
| 2929 // completes successfully. | |
| 2930 TEST_F(SSLClientSocketTest, HandshakeCallbackIsRun_WithSuccess) { | |
| 2931 SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTPS, | |
| 2932 SpawnedTestServer::kLocalhost, | |
| 2933 base::FilePath()); | |
| 2934 ASSERT_TRUE(test_server.Start()); | |
| 2935 | |
| 2936 AddressList addr; | |
| 2937 ASSERT_TRUE(test_server.GetAddressList(&addr)); | |
| 2938 | |
| 2939 scoped_ptr<StreamSocket> transport( | |
| 2940 new TCPClientSocket(addr, NULL, NetLog::Source())); | |
| 2941 | |
| 2942 TestCompletionCallback callback; | |
| 2943 int rv = transport->Connect(callback.callback()); | |
| 2944 if (rv == ERR_IO_PENDING) | |
| 2945 rv = callback.WaitForResult(); | |
| 2946 EXPECT_EQ(OK, rv); | |
| 2947 | |
| 2948 SSLConfig ssl_config; | |
| 2949 ssl_config.false_start_enabled = false; | |
| 2950 | |
| 2951 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | |
| 2952 transport.Pass(), test_server.host_port_pair(), ssl_config)); | |
| 2953 | |
| 2954 sock->SetHandshakeCompletionCallback(base::Bind( | |
| 2955 &SSLClientSocketTest::RecordCompletedHandshake, base::Unretained(this))); | |
| 2956 | |
| 2957 rv = callback.GetResult(sock->Connect(callback.callback())); | |
| 2958 | |
| 2959 EXPECT_EQ(OK, rv); | |
| 2960 EXPECT_TRUE(sock->IsConnected()); | |
| 2961 EXPECT_TRUE(ran_handshake_completion_callback_); | |
| 2962 } | |
| 2963 | |
| 2964 // Tests that the completion callback is run with a server that doesn't cache | |
| 2965 // sessions. | |
| 2966 TEST_F(SSLClientSocketTest, HandshakeCallbackIsRun_WithDisabledSessionCache) { | |
| 2967 SpawnedTestServer::SSLOptions ssl_options; | |
| 2968 ssl_options.disable_session_cache = true; | |
| 2969 SpawnedTestServer test_server( | |
| 2970 SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath()); | |
| 2971 ASSERT_TRUE(test_server.Start()); | |
| 2972 | |
| 2973 AddressList addr; | |
| 2974 ASSERT_TRUE(test_server.GetAddressList(&addr)); | |
| 2975 | |
| 2976 scoped_ptr<StreamSocket> transport( | |
| 2977 new TCPClientSocket(addr, NULL, NetLog::Source())); | |
| 2978 | |
| 2979 TestCompletionCallback callback; | |
| 2980 int rv = transport->Connect(callback.callback()); | |
| 2981 if (rv == ERR_IO_PENDING) | |
| 2982 rv = callback.WaitForResult(); | |
| 2983 EXPECT_EQ(OK, rv); | |
| 2984 | |
| 2985 SSLConfig ssl_config; | |
| 2986 ssl_config.false_start_enabled = false; | |
| 2987 | |
| 2988 scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket( | |
| 2989 transport.Pass(), test_server.host_port_pair(), ssl_config)); | |
| 2990 | |
| 2991 sock->SetHandshakeCompletionCallback(base::Bind( | |
| 2992 &SSLClientSocketTest::RecordCompletedHandshake, base::Unretained(this))); | |
| 2993 | |
| 2994 rv = callback.GetResult(sock->Connect(callback.callback())); | |
| 2995 | |
| 2996 EXPECT_EQ(OK, rv); | |
| 2997 EXPECT_TRUE(sock->IsConnected()); | |
| 2998 EXPECT_TRUE(ran_handshake_completion_callback_); | |
| 2999 } | |
| 3000 | |
| 3001 TEST_F(SSLClientSocketFalseStartTest, | |
| 3002 HandshakeCallbackIsRun_WithFalseStartFailure) { | |
| 3003 if (!SupportsAESGCM()) { | |
| 3004 LOG(WARNING) << "Skipping test because AES-GCM is not supported."; | |
| 3005 return; | |
| 3006 } | |
| 3007 | |
| 3008 // False Start requires NPN and a forward-secret cipher suite. | |
| 3009 SpawnedTestServer::SSLOptions server_options; | |
| 3010 server_options.key_exchanges = | |
| 3011 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; | |
| 3012 server_options.bulk_ciphers = | |
| 3013 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; | |
| 3014 server_options.enable_npn = true; | |
| 3015 SSLConfig client_config; | |
| 3016 client_config.next_protos.push_back(kProtoHTTP11); | |
| 3017 monitor_handshake_callback_ = true; | |
| 3018 fail_handshake_after_false_start_ = true; | |
| 3019 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, true)); | |
| 3020 ASSERT_TRUE(ran_handshake_completion_callback_); | |
| 3021 } | |
| 3022 | |
| 3023 TEST_F(SSLClientSocketFalseStartTest, | |
| 3024 HandshakeCallbackIsRun_WithFalseStartSuccess) { | |
| 3025 if (!SupportsAESGCM()) { | |
| 3026 LOG(WARNING) << "Skipping test because AES-GCM is not supported."; | |
| 3027 return; | |
| 3028 } | |
| 3029 | |
| 3030 // False Start requires NPN and a forward-secret cipher suite. | |
| 3031 SpawnedTestServer::SSLOptions server_options; | |
| 3032 server_options.key_exchanges = | |
| 3033 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; | |
| 3034 server_options.bulk_ciphers = | |
| 3035 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; | |
| 3036 server_options.enable_npn = true; | |
| 3037 SSLConfig client_config; | |
| 3038 client_config.next_protos.push_back(kProtoHTTP11); | |
| 3039 monitor_handshake_callback_ = true; | |
| 3040 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, true)); | |
| 3041 ASSERT_TRUE(ran_handshake_completion_callback_); | |
| 3042 } | |
| 3043 #endif // defined(USE_OPENSSL) | |
| 3044 | |
| 3045 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) { | 2851 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) { |
| 3046 if (!SupportsAESGCM()) { | 2852 if (!SupportsAESGCM()) { |
| 3047 LOG(WARNING) << "Skipping test because AES-GCM is not supported."; | 2853 LOG(WARNING) << "Skipping test because AES-GCM is not supported."; |
| 3048 return; | 2854 return; |
| 3049 } | 2855 } |
| 3050 | 2856 |
| 3051 // False Start requires NPN/ALPN, perfect forward secrecy, and an AEAD. | 2857 // False Start requires NPN/ALPN, perfect forward secrecy, and an AEAD. |
| 3052 SpawnedTestServer::SSLOptions server_options; | 2858 SpawnedTestServer::SSLOptions server_options; |
| 3053 server_options.key_exchanges = | 2859 server_options.key_exchanges = |
| 3054 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; | 2860 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; |
| (...skipping 211 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3266 ssl_config.channel_id_enabled = true; | 3072 ssl_config.channel_id_enabled = true; |
| 3267 | 3073 |
| 3268 int rv; | 3074 int rv; |
| 3269 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 3075 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
| 3270 | 3076 |
| 3271 EXPECT_EQ(ERR_UNEXPECTED, rv); | 3077 EXPECT_EQ(ERR_UNEXPECTED, rv); |
| 3272 EXPECT_FALSE(sock_->IsConnected()); | 3078 EXPECT_FALSE(sock_->IsConnected()); |
| 3273 } | 3079 } |
| 3274 | 3080 |
| 3275 } // namespace net | 3081 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 981723008:
Unwind the SSL connection holdback experiment and remove related code (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master