Rewrite session cache in OpenSSL ports.

net/socket/ssl_client_socket_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket.h"
 
 #include "base/callback_helpers.h"
 #include "base/memory/ref_counted.h"
 #include "base/run_loop.h"
 #include "base/time/time.h"
@@ skipping 798 matching lines @@
     EXPECT_FALSE(sock->IsConnected());
     EXPECT_TRUE(
         test_server.host_port_pair().Equals(request_info->host_and_port));
 
     return request_info;
   }
 };
 
 class SSLClientSocketFalseStartTest : public SSLClientSocketTest {
  protected:
-  // Creates an SSLClientSocket with |client_config| attached to a
-  // FakeBlockingStreamSocket, returning both in |*out_raw_transport| and
-  // |*out_sock|. The FakeBlockingStreamSocket is owned by the SSLClientSocket,
-  // so |*out_raw_transport| is a raw pointer.
+  // Creates an SSLClientSocket with |client_config| to a series of modifier
+  // sockets: a SynchronousErrorStreamSocket which wraps a
+  // FakeBlockingStreamSocket which wraps the real connection to the test
+  // server. These are returned in |*out_sock|, |*out_raw_error_socket|, and
+  // |*out_raw_blocking_socket|, respectively. Note that the last two are raw
+  // pointers owned by |*out_sock|.
   //
   // The client socket will begin a connect using |callback| but stop before the
   // server's finished message is received. The finished message will be blocked
   // in |*out_raw_transport|. To complete the handshake and successfully read
   // data, the caller must unblock reads on |*out_raw_transport|. (Note that, if
   // the client successfully false started, |callback.WaitForResult()| will
   // return OK without unblocking transport reads. But Read() will still block.)
   //
+  // |*out_raw_error_socket| may be used to cause reading the Finished to fail.
+  //
   // Must be called after StartTestServer is called.
   void CreateAndConnectUntilServerFinishedReceived(
       const SSLConfig& client_config,
       TestCompletionCallback* callback,
-      FakeBlockingStreamSocket** out_raw_transport,
+      FakeBlockingStreamSocket** out_raw_blocking_socket,
+      SynchronousErrorStreamSocket** out_raw_error_socket,
       scoped_ptr<SSLClientSocket>* out_sock) {
     CHECK(test_server());
 
     scoped_ptr<StreamSocket> real_transport(
         new TCPClientSocket(addr(), NULL, NetLog::Source()));
-    scoped_ptr<FakeBlockingStreamSocket> transport(
+    scoped_ptr<FakeBlockingStreamSocket> blocking_socket(
         new FakeBlockingStreamSocket(real_transport.Pass()));
-    int rv = callback->GetResult(transport->Connect(callback->callback()));
+    FakeBlockingStreamSocket* raw_blocking_socket = blocking_socket.get();
+    scoped_ptr<SynchronousErrorStreamSocket> error_socket(
+        new SynchronousErrorStreamSocket(blocking_socket.Pass()));
+    SynchronousErrorStreamSocket* raw_error_socket = error_socket.get();
+    int rv = callback->GetResult(error_socket->Connect(callback->callback()));
     EXPECT_EQ(OK, rv);
 
-    FakeBlockingStreamSocket* raw_transport = transport.get();
     scoped_ptr<SSLClientSocket> sock = CreateSSLClientSocket(
-        transport.Pass(), test_server()->host_port_pair(), client_config);
+        error_socket.Pass(), test_server()->host_port_pair(), client_config);
 
     // Connect. Stop before the client processes the first server leg
     // (ServerHello, etc.)
-    raw_transport->BlockReadResult();
+    raw_blocking_socket->BlockReadResult();
     rv = sock->Connect(callback->callback());
     EXPECT_EQ(ERR_IO_PENDING, rv);
-    raw_transport->WaitForReadResult();
+    raw_blocking_socket->WaitForReadResult();
 
     // Release the ServerHello and wait for the client to write
     // ClientKeyExchange, etc. (A proxy for waiting for the entirety of the
     // server's leg to complete, since it may span multiple reads.)
     EXPECT_FALSE(callback->have_result());
-    raw_transport->BlockWrite();
-    raw_transport->UnblockReadResult();
-    raw_transport->WaitForWrite();
+    raw_blocking_socket->BlockWrite();
+    raw_blocking_socket->UnblockReadResult();
+    raw_blocking_socket->WaitForWrite();
 
     // And, finally, release that and block the next server leg
     // (ChangeCipherSpec, Finished).
-    raw_transport->BlockReadResult();
-    raw_transport->UnblockWrite();
+    raw_blocking_socket->BlockReadResult();
+    raw_blocking_socket->UnblockWrite();
 
-    *out_raw_transport = raw_transport;
+    *out_raw_error_socket = raw_error_socket;
+    *out_raw_blocking_socket = raw_blocking_socket;
     *out_sock = sock.Pass();
   }
 
   void TestFalseStart(const SpawnedTestServer::SSLOptions& server_options,
                       const SSLConfig& client_config,
                       bool expect_false_start) {
     ASSERT_TRUE(StartTestServer(server_options));
 
     TestCompletionCallback callback;
-    FakeBlockingStreamSocket* raw_transport = NULL;
+    FakeBlockingStreamSocket* raw_blocking_socket = nullptr;
+    SynchronousErrorStreamSocket* raw_error_socket = nullptr;
     scoped_ptr<SSLClientSocket> sock;
     ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived(
-        client_config, &callback, &raw_transport, &sock));
+        client_config, &callback, &raw_blocking_socket, &raw_error_socket,
+        &sock));
 
     if (expect_false_start) {
       // When False Starting, the handshake should complete before receiving the
       // Change Cipher Spec and Finished messages.
       //
       // Note: callback.have_result() may not be true without waiting. The NSS
       // state machine sometimes lives on a separate thread, so this thread may
       // not yet have processed the signal that the handshake has completed.
       int rv = callback.WaitForResult();
       EXPECT_EQ(OK, rv);
@@ skipping 10 matching lines @@
                                           kRequestTextSize,
                                           callback.callback()));
       EXPECT_EQ(kRequestTextSize, rv);
 
       // The read will hang; it's waiting for the peer to complete the
       // handshake, and the handshake is still blocked.
       scoped_refptr<IOBuffer> buf(new IOBuffer(4096));
       rv = sock->Read(buf.get(), 4096, callback.callback());
 
       // After releasing reads, the connection proceeds.
-      raw_transport->UnblockReadResult();
+      raw_blocking_socket->UnblockReadResult();
       rv = callback.GetResult(rv);
       EXPECT_LT(0, rv);
     } else {
       // False Start is not enabled, so the handshake will not complete because
       // the server second leg is blocked.
       base::RunLoop().RunUntilIdle();
       EXPECT_FALSE(callback.have_result());
     }
   }
 };
@@ skipping 1872 matching lines @@
   EXPECT_TRUE(sock->WasEverUsed());
 
   // TODO(davidben): Read one byte to ensure the test server has responded and
   // then assert IsConnectedAndIdle is false. This currently doesn't work
   // because neither SSLClientSocketNSS nor SSLClientSocketOpenSSL check their
   // SSL implementation's internal buffers. Either call PR_Available and
   // SSL_pending, although the former isn't actually implemented or perhaps
   // attempt to read one byte extra.
 }
 
+// Tests that basic session resumption works.
+TEST_F(SSLClientSocketTest, SessionResumption) {
+  SpawnedTestServer::SSLOptions ssl_options;
+  ASSERT_TRUE(StartTestServer(ssl_options));
+
+  // First, perform a full handshake.
+  SSLConfig ssl_config;
+  TestCompletionCallback callback;
+  scoped_ptr<StreamSocket> transport(
+      new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket(
+      transport.Pass(), test_server()->host_port_pair(), ssl_config));
+  ASSERT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  SSLInfo ssl_info;
+  ASSERT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+
+  // The next connection should resume.
+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(transport.Pass(),
+                               test_server()->host_port_pair(), ssl_config);
+  ASSERT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  ASSERT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type);
+
+  // Using a different HostPortPair uses a different session cache key.
+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(transport.Pass(),
+                               HostPortPair("example.com", 443), ssl_config);
+  ASSERT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  ASSERT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+
+  SSLClientSocket::ClearSessionCache();
+
+  // After clearing the session cache, the next handshake doesn't resume.
+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(transport.Pass(),
+                               test_server()->host_port_pair(), ssl_config);
+  ASSERT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  ASSERT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+}
+
+// Tests that connections with certificate errors do not add entries to the
+// session cache.
+TEST_F(SSLClientSocketTest, CertificateErrorNoResume) {
+  SpawnedTestServer::SSLOptions ssl_options;
+  ASSERT_TRUE(StartTestServer(ssl_options));
+
+  cert_verifier_->set_default_result(ERR_CERT_COMMON_NAME_INVALID);
+
+  SSLConfig ssl_config;
+  TestCompletionCallback callback;
+  scoped_ptr<StreamSocket> transport(
+      new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket(
+      transport.Pass(), test_server()->host_port_pair(), ssl_config));
+  EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID,
+            callback.GetResult(sock->Connect(callback.callback())));
+
+  cert_verifier_->set_default_result(OK);
+
+  // The next connection should perform a full handshake.
+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(transport.Pass(),
+                               test_server()->host_port_pair(), ssl_config);
+  ASSERT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  SSLInfo ssl_info;
+  ASSERT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+}
+
 // Tests that session caches are sharded by max_version.
 TEST_F(SSLClientSocketTest, FallbackShardSessionCache) {
   SpawnedTestServer::SSLOptions ssl_options;
   ASSERT_TRUE(StartTestServer(ssl_options));
 
   // Prepare a normal and fallback SSL config.
   SSLConfig ssl_config;
   SSLConfig fallback_ssl_config;
   fallback_ssl_config.version_max = SSL_PROTOCOL_VERSION_TLS1;
   fallback_ssl_config.version_fallback = true;
@@ skipping 157 matching lines @@
       transport2.Pass(), test_server()->host_port_pair(), client_config);
   ASSERT_TRUE(sock2.get());
   EXPECT_EQ(OK, callback.GetResult(sock2->Connect(callback.callback())));
 
   // It should resume the session.
   SSLInfo ssl_info;
   EXPECT_TRUE(sock2->GetSSLInfo(&ssl_info));
   EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type);
 }
 
-// Test that sessions are not resumable before receiving the server Finished
-// message.
+// Test that False Started sessions are not resumable before receiving the
+// server Finished message.
 TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBeforeFinish) {
   if (!SupportsAESGCM()) {
     LOG(WARNING) << "Skipping test because AES-GCM is not supported.";
     return;
   }
 
   // Start a server.
   SpawnedTestServer::SSLOptions server_options;
   server_options.key_exchanges =
       SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA;
   server_options.bulk_ciphers =
       SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
   server_options.enable_npn = true;
   ASSERT_TRUE(StartTestServer(server_options));
 
   SSLConfig client_config;
   client_config.next_protos.push_back(kProtoHTTP11);
 
   // Start a handshake up to the server Finished message.
   TestCompletionCallback callback;
-  FakeBlockingStreamSocket* raw_transport1 = NULL;
+  FakeBlockingStreamSocket* raw_blocking_socket1 = nullptr;
+  SynchronousErrorStreamSocket* raw_error_socket1 = nullptr;
   scoped_ptr<SSLClientSocket> sock1;
   ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived(
-      client_config, &callback, &raw_transport1, &sock1));
-  // Although raw_transport1 has the server Finished blocked, the handshake
-  // still completes.
+      client_config, &callback, &raw_blocking_socket1, &raw_error_socket1,
+      &sock1));
+  // Although |raw_blocking_socket1| has the server Finished blocked, the
+  // handshake still completes.
   EXPECT_EQ(OK, callback.WaitForResult());
 
   // Continue to block the client (|sock1|) from processing the Finished
   // message, but allow it to arrive on the socket. This ensures that, from the
   // server's point of view, it has completed the handshake and added the
   // session to its session cache.
   //
   // The actual read on |sock1| will not complete until the Finished message is
   // processed; however, pump the underlying transport so that it is read from
   // the socket. This still has the potential to race, but is generally unlikely
   // due to socket buffer sizes.
   scoped_refptr<IOBuffer> buf(new IOBuffer(4096));
   int rv = sock1->Read(buf.get(), 4096, callback.callback());
   EXPECT_EQ(ERR_IO_PENDING, rv);
-  raw_transport1->WaitForReadResult();
+  raw_blocking_socket1->WaitForReadResult();
 
   // Drop the old socket. This is needed because the Python test server can't
   // service two sockets in parallel.
+  sock1.reset();
+
+  // Start a second connection.
+  scoped_ptr<StreamSocket> transport2(
+      new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  EXPECT_EQ(OK, callback.GetResult(transport2->Connect(callback.callback())));
+  scoped_ptr<SSLClientSocket> sock2 = CreateSSLClientSocket(
+      transport2.Pass(), test_server()->host_port_pair(), client_config);
+  EXPECT_EQ(OK, callback.GetResult(sock2->Connect(callback.callback())));
+
+  // No session resumption because the first connection never received a server
+  // Finished message.
+  SSLInfo ssl_info;
+  EXPECT_TRUE(sock2->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+}
+
+// Test that False Started sessions are not resumable if reading the server
+// Finished message failed.

[Ryan Sleevi, 2015/04/02 20:00:14]

I didn't mean reading the server finished failed - I meant reading (fully
consuming) a server finished, but the server finished is _wrong_ (doesn't match)

[davidben, 2015/04/03 00:37:11]

Switched it to that. That was actually somewhat less of a pain than I expected.
Though all three are still testing the exact same thing as far as Chromium is
concerned. :-P

I've also now uploaded https://boringssl-review.googlesource.com/#/c/4212/ which
tests, BoringSSL-side, the interactions between the callbacks.

+TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBadFinish) {
+  if (!SupportsAESGCM()) {
+    LOG(WARNING) << "Skipping test because AES-GCM is not supported.";
+    return;
+  }
+
+  // Start a server.
+  SpawnedTestServer::SSLOptions server_options;
+  server_options.key_exchanges =
+      SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA;
+  server_options.bulk_ciphers =
+      SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
+  server_options.enable_npn = true;
+  ASSERT_TRUE(StartTestServer(server_options));
+
+  SSLConfig client_config;
+  client_config.next_protos.push_back(kProtoHTTP11);
+
+  // Start a handshake up to the server Finished message.
+  TestCompletionCallback callback;
+  FakeBlockingStreamSocket* raw_blocking_socket1 = nullptr;
+  SynchronousErrorStreamSocket* raw_error_socket1 = nullptr;
+  scoped_ptr<SSLClientSocket> sock1;
+  ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived(
+      client_config, &callback, &raw_blocking_socket1, &raw_error_socket1,
+      &sock1));
+  // Although |raw_blocking_socket1| has the server Finished blocked, the
+  // handshake still completes.
+  EXPECT_EQ(OK, callback.WaitForResult());
+
+  // Fail to read the Finished.
+  raw_error_socket1->SetNextReadError(ERR_CONNECTION_RESET);
+  scoped_refptr<IOBuffer> buf(new IOBuffer(4096));
+  EXPECT_EQ(ERR_CONNECTION_RESET, callback.GetResult(sock1->Read(
+                                      buf.get(), 4096, callback.callback())));
+
+  // Drop the old socket. This is needed because the Python test server can't
+  // service two sockets in parallel.
   sock1.reset();
 
   // Start a second connection.
   scoped_ptr<StreamSocket> transport2(
       new TCPClientSocket(addr(), &log_, NetLog::Source()));
   EXPECT_EQ(OK, callback.GetResult(transport2->Connect(callback.callback())));
   scoped_ptr<SSLClientSocket> sock2 = CreateSSLClientSocket(
       transport2.Pass(), test_server()->host_port_pair(), client_config);
   EXPECT_EQ(OK, callback.GetResult(sock2->Connect(callback.callback())));
 
@@ skipping 59 matching lines @@
   ssl_config.channel_id_enabled = true;
 
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
 
   EXPECT_EQ(ERR_UNEXPECTED, rv);
   EXPECT_FALSE(sock_->IsConnected());
 }
 
 }  // namespace net