Google Git
Sign in
chromium / chromium / src.git / 9dd8487a1b91064fc7f351e185f48d4c74734f97 / . / net / socket / ssl_server_socket_unittest.cc
blob: c15b8cc3cf203541a9647519ff34c6c4a6764686 [file] [log] [blame]
[email protected]1bc6f5e2012-03-15 00:20:58[diff] [blame]1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5// This test suite uses SSLClientSocket to test the implementation of
6// SSLServerSocket. In order to establish connections between the sockets
7// we need two additional classes:
8// 1. FakeSocket
9// Connects SSL socket to FakeDataChannel. This class is just a stub.
10//
11// 2. FakeDataChannel
12// Implements the actual exchange of data between two FakeSockets.
13//
14// Implementations of these two classes are included in this file.
15
16#include "net/socket/ssl_server_socket.h"
17
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]18#include <stdlib.h>
19
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]20#include <queue>
21
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]22#include "base/compiler_specific.h"
[email protected]57999812013-02-24 05:40:52[diff] [blame]23#include "base/files/file_path.h"
thestigd8df0332014-09-04 06:33:29[diff] [blame]24#include "base/files/file_util.h"
[email protected]18b577412013-07-18 04:19:15[diff] [blame]25#include "base/message_loop/message_loop.h"
[email protected]4b559b4d2011-04-14 17:37:14[diff] [blame]26#include "crypto/nss_util.h"
27#include "crypto/rsa_private_key.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]28#include "net/base/address_list.h"
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]29#include "net/base/completion_callback.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]30#include "net/base/host_port_pair.h"
31#include "net/base/io_buffer.h"
[email protected]e7f74da2011-04-19 23:49:35[diff] [blame]32#include "net/base/ip_endpoint.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]33#include "net/base/net_errors.h"
[email protected]42fdb452012-11-01 12:44:40[diff] [blame]34#include "net/base/test_data_directory.h"
[email protected]6e7845ae2013-03-29 21:48:11[diff] [blame]35#include "net/cert/cert_status_flags.h"
36#include "net/cert/mock_cert_verifier.h"
37#include "net/cert/x509_certificate.h"
[email protected]b1c988b2013-06-13 06:48:11[diff] [blame]38#include "net/http/transport_security_state.h"
eroman87c53d62015-04-02 06:51:07[diff] [blame]39#include "net/log/net_log.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]40#include "net/socket/client_socket_factory.h"
41#include "net/socket/socket_test_util.h"
42#include "net/socket/ssl_client_socket.h"
[email protected]3268023f2011-05-05 00:08:10[diff] [blame]43#include "net/socket/stream_socket.h"
davidben9dd84872015-05-02 00:22:58[diff] [blame^]44#include "net/ssl/ssl_cipher_suite_names.h"
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame]45#include "net/ssl/ssl_config_service.h"
davidben9dd84872015-05-02 00:22:58[diff] [blame^]46#include "net/ssl/ssl_connection_status_flags.h"
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame]47#include "net/ssl/ssl_info.h"
[email protected]6e7845ae2013-03-29 21:48:11[diff] [blame]48#include "net/test/cert_test_util.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]49#include "testing/gtest/include/gtest/gtest.h"
50#include "testing/platform_test.h"
51
davidben9dd84872015-05-02 00:22:58[diff] [blame^]52#if !defined(USE_OPENSSL)
53#include <pk11pub.h>
54
55#if !defined(CKM_AES_GCM)
56#define CKM_AES_GCM 0x00001087
57#endif
58#endif
59
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]60namespace net {
61
62namespace {
63
64class FakeDataChannel {
65 public:
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]66 FakeDataChannel()
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]67 : read_buf_len_(0),
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]68 closed_(false),
[email protected]d5492c52013-11-10 20:44:39[diff] [blame]69 write_called_after_close_(false),
70 weak_factory_(this) {
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]71 }
72
[email protected]47a12862012-04-10 01:00:49[diff] [blame]73 int Read(IOBuffer* buf, int buf_len, const CompletionCallback& callback) {
[email protected]4da82282014-07-16 18:40:43[diff] [blame]74 DCHECK(read_callback_.is_null());
dcheng08ea2af02014-08-25 23:38:09[diff] [blame]75 DCHECK(!read_buf_.get());
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]76 if (closed_)
77 return 0;
[email protected]3f55aa12011-12-07 02:03:33[diff] [blame]78 if (data_.empty()) {
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]79 read_callback_ = callback;
80 read_buf_ = buf;
81 read_buf_len_ = buf_len;
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]82 return ERR_IO_PENDING;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]83 }
84 return PropogateData(buf, buf_len);
85 }
86
[email protected]47a12862012-04-10 01:00:49[diff] [blame]87 int Write(IOBuffer* buf, int buf_len, const CompletionCallback& callback) {
[email protected]4da82282014-07-16 18:40:43[diff] [blame]88 DCHECK(write_callback_.is_null());
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]89 if (closed_) {
90 if (write_called_after_close_)
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]91 return ERR_CONNECTION_RESET;
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]92 write_called_after_close_ = true;
93 write_callback_ = callback;
[email protected]2da659e2013-05-23 20:51:34[diff] [blame]94 base::MessageLoop::current()->PostTask(
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]95 FROM_HERE, base::Bind(&FakeDataChannel::DoWriteCallback,
96 weak_factory_.GetWeakPtr()));
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]97 return ERR_IO_PENDING;
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]98 }
[email protected]4da82282014-07-16 18:40:43[diff] [blame]99 // This function returns synchronously, so make a copy of the buffer.
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]100 data_.push(new DrainableIOBuffer(
101 new StringIOBuffer(std::string(buf->data(), buf_len)),
[email protected]4da82282014-07-16 18:40:43[diff] [blame]102 buf_len));
[email protected]2da659e2013-05-23 20:51:34[diff] [blame]103 base::MessageLoop::current()->PostTask(
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]104 FROM_HERE, base::Bind(&FakeDataChannel::DoReadCallback,
105 weak_factory_.GetWeakPtr()));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]106 return buf_len;
107 }
108
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]109 // Closes the FakeDataChannel. After Close() is called, Read() returns 0,
110 // indicating EOF, and Write() fails with ERR_CONNECTION_RESET. Note that
111 // after the FakeDataChannel is closed, the first Write() call completes
112 // asynchronously, which is necessary to reproduce bug 127822.
113 void Close() {
114 closed_ = true;
115 }
116
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]117 private:
118 void DoReadCallback() {
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]119 if (read_callback_.is_null() || data_.empty())
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]120 return;
121
122 int copied = PropogateData(read_buf_, read_buf_len_);
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]123 CompletionCallback callback = read_callback_;
124 read_callback_.Reset();
125 read_buf_ = NULL;
126 read_buf_len_ = 0;
127 callback.Run(copied);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]128 }
129
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]130 void DoWriteCallback() {
131 if (write_callback_.is_null())
132 return;
133
134 CompletionCallback callback = write_callback_;
135 write_callback_.Reset();
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]136 callback.Run(ERR_CONNECTION_RESET);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]137 }
138
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]139 int PropogateData(scoped_refptr<IOBuffer> read_buf, int read_buf_len) {
140 scoped_refptr<DrainableIOBuffer> buf = data_.front();
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]141 int copied = std::min(buf->BytesRemaining(), read_buf_len);
142 memcpy(read_buf->data(), buf->data(), copied);
143 buf->DidConsume(copied);
144
145 if (!buf->BytesRemaining())
146 data_.pop();
147 return copied;
148 }
149
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]150 CompletionCallback read_callback_;
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]151 scoped_refptr<IOBuffer> read_buf_;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]152 int read_buf_len_;
153
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]154 CompletionCallback write_callback_;
155
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]156 std::queue<scoped_refptr<DrainableIOBuffer> > data_;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]157
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]158 // True if Close() has been called.
159 bool closed_;
160
161 // Controls the completion of Write() after the FakeDataChannel is closed.
162 // After the FakeDataChannel is closed, the first Write() call completes
163 // asynchronously.
164 bool write_called_after_close_;
165
[email protected]d5492c52013-11-10 20:44:39[diff] [blame]166 base::WeakPtrFactory<FakeDataChannel> weak_factory_;
167
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]168 DISALLOW_COPY_AND_ASSIGN(FakeDataChannel);
169};
170
[email protected]3268023f2011-05-05 00:08:10[diff] [blame]171class FakeSocket : public StreamSocket {
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]172 public:
173 FakeSocket(FakeDataChannel* incoming_channel,
174 FakeDataChannel* outgoing_channel)
175 : incoming_(incoming_channel),
176 outgoing_(outgoing_channel) {
177 }
178
dchengb03027d2014-10-21 12:00:20[diff] [blame]179 ~FakeSocket() override {}
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]180
dchengb03027d2014-10-21 12:00:20[diff] [blame]181 int Read(IOBuffer* buf,
182 int buf_len,
183 const CompletionCallback& callback) override {
[email protected]3f55aa12011-12-07 02:03:33[diff] [blame]184 // Read random number of bytes.
185 buf_len = rand() % buf_len + 1;
186 return incoming_->Read(buf, buf_len, callback);
187 }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]188
dchengb03027d2014-10-21 12:00:20[diff] [blame]189 int Write(IOBuffer* buf,
190 int buf_len,
191 const CompletionCallback& callback) override {
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]192 // Write random number of bytes.
193 buf_len = rand() % buf_len + 1;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]194 return outgoing_->Write(buf, buf_len, callback);
195 }
196
dchengb03027d2014-10-21 12:00:20[diff] [blame]197 int SetReceiveBufferSize(int32 size) override { return OK; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]198
dchengb03027d2014-10-21 12:00:20[diff] [blame]199 int SetSendBufferSize(int32 size) override { return OK; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]200
dchengb03027d2014-10-21 12:00:20[diff] [blame]201 int Connect(const CompletionCallback& callback) override { return OK; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]202
dchengb03027d2014-10-21 12:00:20[diff] [blame]203 void Disconnect() override {
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]204 incoming_->Close();
205 outgoing_->Close();
206 }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]207
dchengb03027d2014-10-21 12:00:20[diff] [blame]208 bool IsConnected() const override { return true; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]209
dchengb03027d2014-10-21 12:00:20[diff] [blame]210 bool IsConnectedAndIdle() const override { return true; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]211
dchengb03027d2014-10-21 12:00:20[diff] [blame]212 int GetPeerAddress(IPEndPoint* address) const override {
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]213 IPAddressNumber ip_address(kIPv4AddressSize);
214 *address = IPEndPoint(ip_address, 0 /*port*/);
215 return OK;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]216 }
217
dchengb03027d2014-10-21 12:00:20[diff] [blame]218 int GetLocalAddress(IPEndPoint* address) const override {
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]219 IPAddressNumber ip_address(4);
220 *address = IPEndPoint(ip_address, 0);
221 return OK;
[email protected]e7f74da2011-04-19 23:49:35[diff] [blame]222 }
223
dchengb03027d2014-10-21 12:00:20[diff] [blame]224 const BoundNetLog& NetLog() const override { return net_log_; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]225
dchengb03027d2014-10-21 12:00:20[diff] [blame]226 void SetSubresourceSpeculation() override {}
227 void SetOmniboxSpeculation() override {}
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]228
dchengb03027d2014-10-21 12:00:20[diff] [blame]229 bool WasEverUsed() const override { return true; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]230
dchengb03027d2014-10-21 12:00:20[diff] [blame]231 bool UsingTCPFastOpen() const override { return false; }
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]232
dchengb03027d2014-10-21 12:00:20[diff] [blame]233 bool WasNpnNegotiated() const override { return false; }
[email protected]5e6efa52011-06-27 17:26:41[diff] [blame]234
dchengb03027d2014-10-21 12:00:20[diff] [blame]235 NextProto GetNegotiatedProtocol() const override { return kProtoUnknown; }
[email protected]2d88e7d2012-07-19 17:55:17[diff] [blame]236
dchengb03027d2014-10-21 12:00:20[diff] [blame]237 bool GetSSLInfo(SSLInfo* ssl_info) override { return false; }
[email protected]2d88e7d2012-07-19 17:55:17[diff] [blame]238
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]239 private:
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]240 BoundNetLog net_log_;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]241 FakeDataChannel* incoming_;
242 FakeDataChannel* outgoing_;
243
244 DISALLOW_COPY_AND_ASSIGN(FakeSocket);
245};
246
247} // namespace
248
249// Verify the correctness of the test helper classes first.
250TEST(FakeSocketTest, DataTransfer) {
251 // Establish channels between two sockets.
252 FakeDataChannel channel_1;
253 FakeDataChannel channel_2;
254 FakeSocket client(&channel_1, &channel_2);
255 FakeSocket server(&channel_2, &channel_1);
256
257 const char kTestData[] = "testing123";
258 const int kTestDataSize = strlen(kTestData);
259 const int kReadBufSize = 1024;
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]260 scoped_refptr<IOBuffer> write_buf = new StringIOBuffer(kTestData);
261 scoped_refptr<IOBuffer> read_buf = new IOBuffer(kReadBufSize);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]262
263 // Write then read.
[email protected]90499482013-06-01 00:39:50[diff] [blame]264 int written =
265 server.Write(write_buf.get(), kTestDataSize, CompletionCallback());
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]266 EXPECT_GT(written, 0);
267 EXPECT_LE(written, kTestDataSize);
268
[email protected]90499482013-06-01 00:39:50[diff] [blame]269 int read = client.Read(read_buf.get(), kReadBufSize, CompletionCallback());
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]270 EXPECT_GT(read, 0);
271 EXPECT_LE(read, written);
272 EXPECT_EQ(0, memcmp(kTestData, read_buf->data(), read));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]273
274 // Read then write.
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]275 TestCompletionCallback callback;
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]276 EXPECT_EQ(ERR_IO_PENDING,
[email protected]90499482013-06-01 00:39:50[diff] [blame]277 server.Read(read_buf.get(), kReadBufSize, callback.callback()));
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]278
[email protected]90499482013-06-01 00:39:50[diff] [blame]279 written = client.Write(write_buf.get(), kTestDataSize, CompletionCallback());
[email protected]55ee0e52011-07-21 18:29:44[diff] [blame]280 EXPECT_GT(written, 0);
281 EXPECT_LE(written, kTestDataSize);
282
283 read = callback.WaitForResult();
284 EXPECT_GT(read, 0);
285 EXPECT_LE(read, written);
286 EXPECT_EQ(0, memcmp(kTestData, read_buf->data(), read));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]287}
288
289class SSLServerSocketTest : public PlatformTest {
290 public:
291 SSLServerSocketTest()
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]292 : socket_factory_(ClientSocketFactory::GetDefaultFactory()),
[email protected]b1c988b2013-06-13 06:48:11[diff] [blame]293 cert_verifier_(new MockCertVerifier()),
294 transport_security_state_(new TransportSecurityState) {
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]295 cert_verifier_->set_default_result(CERT_STATUS_AUTHORITY_INVALID);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]296 }
297
298 protected:
299 void Initialize() {
[email protected]18ccfdb2013-08-15 00:13:44[diff] [blame]300 scoped_ptr<ClientSocketHandle> client_connection(new ClientSocketHandle);
301 client_connection->SetSocket(
302 scoped_ptr<StreamSocket>(new FakeSocket(&channel_1_, &channel_2_)));
303 scoped_ptr<StreamSocket> server_socket(
304 new FakeSocket(&channel_2_, &channel_1_));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]305
[email protected]6cdfd7f2013-02-08 20:40:15[diff] [blame]306 base::FilePath certs_dir(GetTestCertsDirectory());
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]307
[email protected]6cdfd7f2013-02-08 20:40:15[diff] [blame]308 base::FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der");
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]309 std::string cert_der;
[email protected]82f84b92013-08-30 18:23:50[diff] [blame]310 ASSERT_TRUE(base::ReadFileToString(cert_path, &cert_der));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]311
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]312 scoped_refptr<X509Certificate> cert =
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]313 X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
314
[email protected]6cdfd7f2013-02-08 20:40:15[diff] [blame]315 base::FilePath key_path = certs_dir.AppendASCII("unittest.key.bin");
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]316 std::string key_string;
[email protected]82f84b92013-08-30 18:23:50[diff] [blame]317 ASSERT_TRUE(base::ReadFileToString(key_path, &key_string));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]318 std::vector<uint8> key_vector(
319 reinterpret_cast<const uint8*>(key_string.data()),
320 reinterpret_cast<const uint8*>(key_string.data() +
321 key_string.length()));
322
[email protected]4b559b4d2011-04-14 17:37:14[diff] [blame]323 scoped_ptr<crypto::RSAPrivateKey> private_key(
324 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]325
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]326 SSLConfig ssl_config;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]327 ssl_config.false_start_enabled = false;
[email protected]6b4903f2012-06-26 02:13:49[diff] [blame]328 ssl_config.channel_id_enabled = false;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]329
330 // Certificate provided by the host doesn't need authority.
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]331 SSLConfig::CertAndStatus cert_and_status;
[email protected]4dc832e2011-04-28 22:04:24[diff] [blame]332 cert_and_status.cert_status = CERT_STATUS_AUTHORITY_INVALID;
[email protected]3d5c1bd2011-07-20 02:14:01[diff] [blame]333 cert_and_status.der_cert = cert_der;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]334 ssl_config.allowed_bad_certs.push_back(cert_and_status);
335
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]336 HostPortPair host_and_pair("unittest", 0);
337 SSLClientSocketContext context;
[email protected]9f59fac2012-03-21 23:18:11[diff] [blame]338 context.cert_verifier = cert_verifier_.get();
[email protected]b1c988b2013-06-13 06:48:11[diff] [blame]339 context.transport_security_state = transport_security_state_.get();
[email protected]18ccfdb2013-08-15 00:13:44[diff] [blame]340 client_socket_ =
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]341 socket_factory_->CreateSSLClientSocket(
[email protected]18ccfdb2013-08-15 00:13:44[diff] [blame]342 client_connection.Pass(), host_and_pair, ssl_config, context);
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]343 server_socket_ = CreateSSLServerSocket(
[email protected]18ccfdb2013-08-15 00:13:44[diff] [blame]344 server_socket.Pass(),
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]345 cert.get(), private_key.get(), SSLConfig());
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]346 }
347
348 FakeDataChannel channel_1_;
349 FakeDataChannel channel_2_;
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]350 scoped_ptr<SSLClientSocket> client_socket_;
351 scoped_ptr<SSLServerSocket> server_socket_;
352 ClientSocketFactory* socket_factory_;
353 scoped_ptr<MockCertVerifier> cert_verifier_;
354 scoped_ptr<TransportSecurityState> transport_security_state_;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]355};
356
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]357// This test only executes creation of client and server sockets. This is to
358// test that creation of sockets doesn't crash and have minimal code to run
359// under valgrind in order to help debugging memory problems.
360TEST_F(SSLServerSocketTest, Initialize) {
361 Initialize();
362}
363
[email protected]a7ac3c32011-06-17 19:10:15[diff] [blame]364// This test executes Connect() on SSLClientSocket and Handshake() on
365// SSLServerSocket to make sure handshaking between the two sockets is
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]366// completed successfully.
367TEST_F(SSLServerSocketTest, Handshake) {
368 Initialize();
369
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]370 TestCompletionCallback connect_callback;
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]371 TestCompletionCallback handshake_callback;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]372
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]373 int server_ret = server_socket_->Handshake(handshake_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]374 EXPECT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]375
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]376 int client_ret = client_socket_->Connect(connect_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]377 EXPECT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]378
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]379 if (client_ret == ERR_IO_PENDING) {
380 EXPECT_EQ(OK, connect_callback.WaitForResult());
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]381 }
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]382 if (server_ret == ERR_IO_PENDING) {
383 EXPECT_EQ(OK, handshake_callback.WaitForResult());
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]384 }
[email protected]4dc832e2011-04-28 22:04:24[diff] [blame]385
386 // Make sure the cert status is expected.
387 SSLInfo ssl_info;
davidben9dd84872015-05-02 00:22:58[diff] [blame^]388 ASSERT_TRUE(client_socket_->GetSSLInfo(&ssl_info));
[email protected]4dc832e2011-04-28 22:04:24[diff] [blame]389 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, ssl_info.cert_status);
davidben9dd84872015-05-02 00:22:58[diff] [blame^]390
391 // The default cipher suite should be ECDHE and, unless on NSS and the
392 // platform doesn't support it, an AEAD.
393 uint16_t cipher_suite =
394 SSLConnectionStatusToCipherSuite(ssl_info.connection_status);
395 const char* key_exchange;
396 const char* cipher;
397 const char* mac;
398 bool is_aead;
399 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, cipher_suite);
400 EXPECT_STREQ("ECDHE_RSA", key_exchange);
401#if defined(USE_OPENSSL)
402 bool supports_aead = true;
403#else
404 bool supports_aead = PK11_TokenExists(CKM_AES_GCM);
405#endif
406 EXPECT_TRUE(!supports_aead || is_aead);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]407}
408
409TEST_F(SSLServerSocketTest, DataTransfer) {
410 Initialize();
411
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]412 TestCompletionCallback connect_callback;
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]413 TestCompletionCallback handshake_callback;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]414
415 // Establish connection.
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]416 int client_ret = client_socket_->Connect(connect_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]417 ASSERT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]418
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]419 int server_ret = server_socket_->Handshake(handshake_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]420 ASSERT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]421
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]422 client_ret = connect_callback.GetResult(client_ret);
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]423 ASSERT_EQ(OK, client_ret);
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]424 server_ret = handshake_callback.GetResult(server_ret);
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]425 ASSERT_EQ(OK, server_ret);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]426
427 const int kReadBufSize = 1024;
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]428 scoped_refptr<StringIOBuffer> write_buf =
429 new StringIOBuffer("testing123");
430 scoped_refptr<DrainableIOBuffer> read_buf =
431 new DrainableIOBuffer(new IOBuffer(kReadBufSize), kReadBufSize);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]432
433 // Write then read.
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]434 TestCompletionCallback write_callback;
435 TestCompletionCallback read_callback;
[email protected]90499482013-06-01 00:39:50[diff] [blame]436 server_ret = server_socket_->Write(
437 write_buf.get(), write_buf->size(), write_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]438 EXPECT_TRUE(server_ret > 0 || server_ret == ERR_IO_PENDING);
[email protected]90499482013-06-01 00:39:50[diff] [blame]439 client_ret = client_socket_->Read(
440 read_buf.get(), read_buf->BytesRemaining(), read_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]441 EXPECT_TRUE(client_ret > 0 || client_ret == ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]442
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]443 server_ret = write_callback.GetResult(server_ret);
444 EXPECT_GT(server_ret, 0);
445 client_ret = read_callback.GetResult(client_ret);
446 ASSERT_GT(client_ret, 0);
447
448 read_buf->DidConsume(client_ret);
449 while (read_buf->BytesConsumed() < write_buf->size()) {
[email protected]90499482013-06-01 00:39:50[diff] [blame]450 client_ret = client_socket_->Read(
451 read_buf.get(), read_buf->BytesRemaining(), read_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]452 EXPECT_TRUE(client_ret > 0 || client_ret == ERR_IO_PENDING);
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]453 client_ret = read_callback.GetResult(client_ret);
454 ASSERT_GT(client_ret, 0);
455 read_buf->DidConsume(client_ret);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]456 }
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]457 EXPECT_EQ(write_buf->size(), read_buf->BytesConsumed());
458 read_buf->SetOffset(0);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]459 EXPECT_EQ(0, memcmp(write_buf->data(), read_buf->data(), write_buf->size()));
460
461 // Read then write.
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]462 write_buf = new StringIOBuffer("hello123");
[email protected]90499482013-06-01 00:39:50[diff] [blame]463 server_ret = server_socket_->Read(
464 read_buf.get(), read_buf->BytesRemaining(), read_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]465 EXPECT_TRUE(server_ret > 0 || server_ret == ERR_IO_PENDING);
[email protected]90499482013-06-01 00:39:50[diff] [blame]466 client_ret = client_socket_->Write(
467 write_buf.get(), write_buf->size(), write_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]468 EXPECT_TRUE(client_ret > 0 || client_ret == ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]469
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]470 server_ret = read_callback.GetResult(server_ret);
471 ASSERT_GT(server_ret, 0);
472 client_ret = write_callback.GetResult(client_ret);
473 EXPECT_GT(client_ret, 0);
474
475 read_buf->DidConsume(server_ret);
476 while (read_buf->BytesConsumed() < write_buf->size()) {
[email protected]90499482013-06-01 00:39:50[diff] [blame]477 server_ret = server_socket_->Read(
478 read_buf.get(), read_buf->BytesRemaining(), read_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]479 EXPECT_TRUE(server_ret > 0 || server_ret == ERR_IO_PENDING);
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]480 server_ret = read_callback.GetResult(server_ret);
481 ASSERT_GT(server_ret, 0);
482 read_buf->DidConsume(server_ret);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]483 }
[email protected]febbbb52011-08-17 04:59:23[diff] [blame]484 EXPECT_EQ(write_buf->size(), read_buf->BytesConsumed());
485 read_buf->SetOffset(0);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]486 EXPECT_EQ(0, memcmp(write_buf->data(), read_buf->data(), write_buf->size()));
487}
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]488
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]489// A regression test for bug 127822 (http://crbug.com/127822).
490// If the server closes the connection after the handshake is finished,
491// the client's Write() call should not cause an infinite loop.
492// NOTE: this is a test for SSLClientSocket rather than SSLServerSocket.
[email protected]4da82282014-07-16 18:40:43[diff] [blame]493TEST_F(SSLServerSocketTest, ClientWriteAfterServerClose) {
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]494 Initialize();
495
496 TestCompletionCallback connect_callback;
497 TestCompletionCallback handshake_callback;
498
499 // Establish connection.
500 int client_ret = client_socket_->Connect(connect_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]501 ASSERT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]502
503 int server_ret = server_socket_->Handshake(handshake_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]504 ASSERT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]505
506 client_ret = connect_callback.GetResult(client_ret);
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]507 ASSERT_EQ(OK, client_ret);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]508 server_ret = handshake_callback.GetResult(server_ret);
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]509 ASSERT_EQ(OK, server_ret);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]510
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]511 scoped_refptr<StringIOBuffer> write_buf = new StringIOBuffer("testing123");
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]512
513 // The server closes the connection. The server needs to write some
514 // data first so that the client's Read() calls from the transport
515 // socket won't return ERR_IO_PENDING. This ensures that the client
516 // will call Read() on the transport socket again.
517 TestCompletionCallback write_callback;
518
[email protected]90499482013-06-01 00:39:50[diff] [blame]519 server_ret = server_socket_->Write(
520 write_buf.get(), write_buf->size(), write_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]521 EXPECT_TRUE(server_ret > 0 || server_ret == ERR_IO_PENDING);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]522
523 server_ret = write_callback.GetResult(server_ret);
524 EXPECT_GT(server_ret, 0);
525
526 server_socket_->Disconnect();
527
528 // The client writes some data. This should not cause an infinite loop.
[email protected]90499482013-06-01 00:39:50[diff] [blame]529 client_ret = client_socket_->Write(
530 write_buf.get(), write_buf->size(), write_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]531 EXPECT_TRUE(client_ret > 0 || client_ret == ERR_IO_PENDING);
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]532
533 client_ret = write_callback.GetResult(client_ret);
534 EXPECT_GT(client_ret, 0);
535
[email protected]2da659e2013-05-23 20:51:34[diff] [blame]536 base::MessageLoop::current()->PostDelayedTask(
537 FROM_HERE, base::MessageLoop::QuitClosure(),
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]538 base::TimeDelta::FromMilliseconds(10));
[email protected]2da659e2013-05-23 20:51:34[diff] [blame]539 base::MessageLoop::current()->Run();
[email protected]c0e4dd12012-05-16 19:36:31[diff] [blame]540}
541
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]542// This test executes ExportKeyingMaterial() on the client and server sockets,
543// after connecting them, and verifies that the results match.
544// This test will fail if False Start is enabled (see crbug.com/90208).
545TEST_F(SSLServerSocketTest, ExportKeyingMaterial) {
546 Initialize();
547
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]548 TestCompletionCallback connect_callback;
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]549 TestCompletionCallback handshake_callback;
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]550
[email protected]83039bb2011-12-09 18:43:55[diff] [blame]551 int client_ret = client_socket_->Connect(connect_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]552 ASSERT_TRUE(client_ret == OK || client_ret == ERR_IO_PENDING);
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]553
[email protected]6ea7b152011-12-21 21:21:13[diff] [blame]554 int server_ret = server_socket_->Handshake(handshake_callback.callback());
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]555 ASSERT_TRUE(server_ret == OK || server_ret == ERR_IO_PENDING);
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]556
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]557 if (client_ret == ERR_IO_PENDING) {
558 ASSERT_EQ(OK, connect_callback.WaitForResult());
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]559 }
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]560 if (server_ret == ERR_IO_PENDING) {
561 ASSERT_EQ(OK, handshake_callback.WaitForResult());
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]562 }
563
564 const int kKeyingMaterialSize = 32;
thestig9d3bb0c2015-01-24 00:49:51[diff] [blame]565 const char kKeyingLabel[] = "EXPERIMENTAL-server-socket-test";
566 const char kKeyingContext[] = "";
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]567 unsigned char server_out[kKeyingMaterialSize];
[email protected]1bc6f5e2012-03-15 00:20:58[diff] [blame]568 int rv = server_socket_->ExportKeyingMaterial(kKeyingLabel,
569 false, kKeyingContext,
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]570 server_out, sizeof(server_out));
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]571 ASSERT_EQ(OK, rv);
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]572
573 unsigned char client_out[kKeyingMaterialSize];
[email protected]1bc6f5e2012-03-15 00:20:58[diff] [blame]574 rv = client_socket_->ExportKeyingMaterial(kKeyingLabel,
575 false, kKeyingContext,
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]576 client_out, sizeof(client_out));
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]577 ASSERT_EQ(OK, rv);
[email protected]47a12862012-04-10 01:00:49[diff] [blame]578 EXPECT_EQ(0, memcmp(server_out, client_out, sizeof(server_out)));
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]579
thestig9d3bb0c2015-01-24 00:49:51[diff] [blame]580 const char kKeyingLabelBad[] = "EXPERIMENTAL-server-socket-test-bad";
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]581 unsigned char client_bad[kKeyingMaterialSize];
[email protected]1bc6f5e2012-03-15 00:20:58[diff] [blame]582 rv = client_socket_->ExportKeyingMaterial(kKeyingLabelBad,
583 false, kKeyingContext,
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]584 client_bad, sizeof(client_bad));
[email protected]fa6ce922014-07-17 04:27:04[diff] [blame]585 ASSERT_EQ(rv, OK);
[email protected]47a12862012-04-10 01:00:49[diff] [blame]586 EXPECT_NE(0, memcmp(server_out, client_bad, sizeof(server_out)));
[email protected]b0ff3f82011-07-23 05:12:39[diff] [blame]587}
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]588
589} // namespace net