Google Git
Sign in
chromium / chromium / src.git / feb79bcd1b3f755b1125ba471c4e17c7b7ede66d / . / net / socket / ssl_server_socket_unittest.cc
blob: 64b5922ba2f63dd31d5f0ddc12d5b8b1f9b72866 [file] [log] [blame]
[email protected]4b559b4d2011-04-14 17:37:14[diff] [blame]1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5// This test suite uses SSLClientSocket to test the implementation of
6// SSLServerSocket. In order to establish connections between the sockets
7// we need two additional classes:
8// 1. FakeSocket
9// Connects SSL socket to FakeDataChannel. This class is just a stub.
10//
11// 2. FakeDataChannel
12// Implements the actual exchange of data between two FakeSockets.
13//
14// Implementations of these two classes are included in this file.
15
16#include "net/socket/ssl_server_socket.h"
17
18#include <queue>
19
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]20#include "base/file_path.h"
21#include "base/file_util.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]22#include "base/path_service.h"
[email protected]4b559b4d2011-04-14 17:37:14[diff] [blame]23#include "crypto/nss_util.h"
24#include "crypto/rsa_private_key.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]25#include "net/base/address_list.h"
[email protected]bd707a62011-03-14 23:29:34[diff] [blame]26#include "net/base/cert_status_flags.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]27#include "net/base/cert_verifier.h"
28#include "net/base/host_port_pair.h"
29#include "net/base/io_buffer.h"
[email protected]e7f74da2011-04-19 23:49:35[diff] [blame]30#include "net/base/ip_endpoint.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]31#include "net/base/net_errors.h"
32#include "net/base/net_log.h"
33#include "net/base/ssl_config_service.h"
[email protected]4dc832e2011-04-28 22:04:24[diff] [blame]34#include "net/base/ssl_info.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]35#include "net/base/x509_certificate.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]36#include "net/socket/client_socket_factory.h"
37#include "net/socket/socket_test_util.h"
38#include "net/socket/ssl_client_socket.h"
[email protected]3268023f2011-05-05 00:08:10[diff] [blame]39#include "net/socket/stream_socket.h"
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]40#include "testing/gtest/include/gtest/gtest.h"
41#include "testing/platform_test.h"
42
43namespace net {
44
45namespace {
46
47class FakeDataChannel {
48 public:
49 FakeDataChannel() : read_callback_(NULL), read_buf_len_(0) {
50 }
51
52 virtual int Read(IOBuffer* buf, int buf_len,
53 CompletionCallback* callback) {
54 if (data_.empty()) {
55 read_callback_ = callback;
56 read_buf_ = buf;
57 read_buf_len_ = buf_len;
58 return net::ERR_IO_PENDING;
59 }
60 return PropogateData(buf, buf_len);
61 }
62
63 virtual int Write(IOBuffer* buf, int buf_len,
64 CompletionCallback* callback) {
65 data_.push(new net::DrainableIOBuffer(buf, buf_len));
66 DoReadCallback();
67 return buf_len;
68 }
69
70 private:
71 void DoReadCallback() {
72 if (!read_callback_)
73 return;
74
75 int copied = PropogateData(read_buf_, read_buf_len_);
76 net::CompletionCallback* callback = read_callback_;
77 read_callback_ = NULL;
78 read_buf_ = NULL;
79 read_buf_len_ = 0;
80 callback->Run(copied);
81 }
82
83 int PropogateData(scoped_refptr<net::IOBuffer> read_buf, int read_buf_len) {
84 scoped_refptr<net::DrainableIOBuffer> buf = data_.front();
85 int copied = std::min(buf->BytesRemaining(), read_buf_len);
86 memcpy(read_buf->data(), buf->data(), copied);
87 buf->DidConsume(copied);
88
89 if (!buf->BytesRemaining())
90 data_.pop();
91 return copied;
92 }
93
94 net::CompletionCallback* read_callback_;
95 scoped_refptr<net::IOBuffer> read_buf_;
96 int read_buf_len_;
97
98 std::queue<scoped_refptr<net::DrainableIOBuffer> > data_;
99
100 DISALLOW_COPY_AND_ASSIGN(FakeDataChannel);
101};
102
[email protected]3268023f2011-05-05 00:08:10[diff] [blame]103class FakeSocket : public StreamSocket {
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]104 public:
105 FakeSocket(FakeDataChannel* incoming_channel,
106 FakeDataChannel* outgoing_channel)
107 : incoming_(incoming_channel),
108 outgoing_(outgoing_channel) {
109 }
110
111 virtual ~FakeSocket() {
112
113 }
114
115 virtual int Read(IOBuffer* buf, int buf_len,
116 CompletionCallback* callback) {
117 return incoming_->Read(buf, buf_len, callback);
118 }
119
120 virtual int Write(IOBuffer* buf, int buf_len,
121 CompletionCallback* callback) {
122 return outgoing_->Write(buf, buf_len, callback);
123 }
124
125 virtual bool SetReceiveBufferSize(int32 size) {
126 return true;
127 }
128
129 virtual bool SetSendBufferSize(int32 size) {
130 return true;
131 }
132
133 virtual int Connect(CompletionCallback* callback) {
134 return net::OK;
135 }
136
137 virtual void Disconnect() {}
138
139 virtual bool IsConnected() const {
140 return true;
141 }
142
143 virtual bool IsConnectedAndIdle() const {
144 return true;
145 }
146
147 virtual int GetPeerAddress(AddressList* address) const {
148 net::IPAddressNumber ip_address(4);
[email protected]fe89ea72011-05-12 02:02:40[diff] [blame]149 *address = net::AddressList::CreateFromIPAddress(ip_address, 0 /*port*/);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]150 return net::OK;
151 }
152
[email protected]e7f74da2011-04-19 23:49:35[diff] [blame]153 virtual int GetLocalAddress(IPEndPoint* address) const {
154 net::IPAddressNumber ip_address(4);
155 *address = net::IPEndPoint(ip_address, 0);
156 return net::OK;
157 }
158
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]159 virtual const BoundNetLog& NetLog() const {
160 return net_log_;
161 }
162
163 virtual void SetSubresourceSpeculation() {}
164 virtual void SetOmniboxSpeculation() {}
165
166 virtual bool WasEverUsed() const {
167 return true;
168 }
169
170 virtual bool UsingTCPFastOpen() const {
171 return false;
172 }
173
[email protected]5e6efa52011-06-27 17:26:41[diff] [blame]174 virtual int64 NumBytesRead() const {
175 return -1;
176 }
177
178 virtual base::TimeDelta GetConnectTimeMicros() const {
179 return base::TimeDelta::FromMicroseconds(-1);
180 }
181
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]182 private:
183 net::BoundNetLog net_log_;
184 FakeDataChannel* incoming_;
185 FakeDataChannel* outgoing_;
186
187 DISALLOW_COPY_AND_ASSIGN(FakeSocket);
188};
189
190} // namespace
191
192// Verify the correctness of the test helper classes first.
193TEST(FakeSocketTest, DataTransfer) {
194 // Establish channels between two sockets.
195 FakeDataChannel channel_1;
196 FakeDataChannel channel_2;
197 FakeSocket client(&channel_1, &channel_2);
198 FakeSocket server(&channel_2, &channel_1);
199
200 const char kTestData[] = "testing123";
201 const int kTestDataSize = strlen(kTestData);
202 const int kReadBufSize = 1024;
203 scoped_refptr<net::IOBuffer> write_buf = new net::StringIOBuffer(kTestData);
204 scoped_refptr<net::IOBuffer> read_buf = new net::IOBuffer(kReadBufSize);
205
206 // Write then read.
207 EXPECT_EQ(kTestDataSize, server.Write(write_buf, kTestDataSize, NULL));
208 EXPECT_EQ(kTestDataSize, client.Read(read_buf, kReadBufSize, NULL));
209 EXPECT_EQ(0, memcmp(kTestData, read_buf->data(), kTestDataSize));
210
211 // Read then write.
212 TestCompletionCallback callback;
213 EXPECT_EQ(net::ERR_IO_PENDING,
214 server.Read(read_buf, kReadBufSize, &callback));
215 EXPECT_EQ(kTestDataSize, client.Write(write_buf, kTestDataSize, NULL));
216 EXPECT_EQ(kTestDataSize, callback.WaitForResult());
217 EXPECT_EQ(0, memcmp(kTestData, read_buf->data(), kTestDataSize));
218}
219
220class SSLServerSocketTest : public PlatformTest {
221 public:
222 SSLServerSocketTest()
223 : socket_factory_(net::ClientSocketFactory::GetDefaultFactory()) {
224 }
225
226 protected:
227 void Initialize() {
228 FakeSocket* fake_client_socket = new FakeSocket(&channel_1_, &channel_2_);
229 FakeSocket* fake_server_socket = new FakeSocket(&channel_2_, &channel_1_);
230
231 FilePath certs_dir;
232 PathService::Get(base::DIR_SOURCE_ROOT, &certs_dir);
233 certs_dir = certs_dir.AppendASCII("net");
234 certs_dir = certs_dir.AppendASCII("data");
235 certs_dir = certs_dir.AppendASCII("ssl");
236 certs_dir = certs_dir.AppendASCII("certificates");
237
238 FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der");
239 std::string cert_der;
240 ASSERT_TRUE(file_util::ReadFileToString(cert_path, &cert_der));
241
242 scoped_refptr<net::X509Certificate> cert =
243 X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
244
245 FilePath key_path = certs_dir.AppendASCII("unittest.key.bin");
246 std::string key_string;
247 ASSERT_TRUE(file_util::ReadFileToString(key_path, &key_string));
248 std::vector<uint8> key_vector(
249 reinterpret_cast<const uint8*>(key_string.data()),
250 reinterpret_cast<const uint8*>(key_string.data() +
251 key_string.length()));
252
[email protected]4b559b4d2011-04-14 17:37:14[diff] [blame]253 scoped_ptr<crypto::RSAPrivateKey> private_key(
254 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]255
256 net::SSLConfig ssl_config;
[email protected]2fb7e3ba2011-06-22 19:24:38[diff] [blame]257 ssl_config.cached_info_enabled = false;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]258 ssl_config.false_start_enabled = false;
[email protected]2619d3312011-07-20 23:50:34[diff] [blame]259 ssl_config.origin_bound_certs_enabled = false;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]260 ssl_config.ssl3_enabled = true;
261 ssl_config.tls1_enabled = true;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]262
263 // Certificate provided by the host doesn't need authority.
264 net::SSLConfig::CertAndStatus cert_and_status;
[email protected]4dc832e2011-04-28 22:04:24[diff] [blame]265 cert_and_status.cert_status = CERT_STATUS_AUTHORITY_INVALID;
[email protected]3d5c1bd2011-07-20 02:14:01[diff] [blame]266 cert_and_status.der_cert = cert_der;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]267 ssl_config.allowed_bad_certs.push_back(cert_and_status);
268
269 net::HostPortPair host_and_pair("unittest", 0);
[email protected]feb79bcd2011-07-21 16:55:17[diff] [blame^]270 net::SSLClientSocketContext context;
271 context.cert_verifier = &cert_verifier_;
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]272 client_socket_.reset(
273 socket_factory_->CreateSSLClientSocket(
[email protected]feb79bcd2011-07-21 16:55:17[diff] [blame^]274 fake_client_socket, host_and_pair, ssl_config, NULL, context));
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]275 server_socket_.reset(net::CreateSSLServerSocket(fake_server_socket,
276 cert, private_key.get(),
277 net::SSLConfig()));
278 }
279
280 FakeDataChannel channel_1_;
281 FakeDataChannel channel_2_;
282 scoped_ptr<net::SSLClientSocket> client_socket_;
283 scoped_ptr<net::SSLServerSocket> server_socket_;
284 net::ClientSocketFactory* socket_factory_;
285 net::CertVerifier cert_verifier_;
286};
287
288// SSLServerSocket is only implemented using NSS.
289#if defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX)
290
291// This test only executes creation of client and server sockets. This is to
292// test that creation of sockets doesn't crash and have minimal code to run
293// under valgrind in order to help debugging memory problems.
294TEST_F(SSLServerSocketTest, Initialize) {
295 Initialize();
296}
297
[email protected]a7ac3c32011-06-17 19:10:15[diff] [blame]298// This test executes Connect() on SSLClientSocket and Handshake() on
299// SSLServerSocket to make sure handshaking between the two sockets is
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]300// completed successfully.
301TEST_F(SSLServerSocketTest, Handshake) {
302 Initialize();
303
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]304 TestCompletionCallback connect_callback;
305 TestCompletionCallback accept_callback;
306
[email protected]a7ac3c32011-06-17 19:10:15[diff] [blame]307 int server_ret = server_socket_->Handshake(&accept_callback);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]308 EXPECT_TRUE(server_ret == net::OK || server_ret == net::ERR_IO_PENDING);
309
310 int client_ret = client_socket_->Connect(&connect_callback);
311 EXPECT_TRUE(client_ret == net::OK || client_ret == net::ERR_IO_PENDING);
312
313 if (client_ret == net::ERR_IO_PENDING) {
314 EXPECT_EQ(net::OK, connect_callback.WaitForResult());
315 }
316 if (server_ret == net::ERR_IO_PENDING) {
317 EXPECT_EQ(net::OK, accept_callback.WaitForResult());
318 }
[email protected]4dc832e2011-04-28 22:04:24[diff] [blame]319
320 // Make sure the cert status is expected.
321 SSLInfo ssl_info;
322 client_socket_->GetSSLInfo(&ssl_info);
323 EXPECT_EQ(CERT_STATUS_AUTHORITY_INVALID, ssl_info.cert_status);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]324}
325
326TEST_F(SSLServerSocketTest, DataTransfer) {
327 Initialize();
328
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]329 TestCompletionCallback connect_callback;
330 TestCompletionCallback accept_callback;
331
332 // Establish connection.
333 int client_ret = client_socket_->Connect(&connect_callback);
[email protected]302b6272011-01-19 01:27:22[diff] [blame]334 ASSERT_TRUE(client_ret == net::OK || client_ret == net::ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]335
[email protected]a7ac3c32011-06-17 19:10:15[diff] [blame]336 int server_ret = server_socket_->Handshake(&accept_callback);
[email protected]302b6272011-01-19 01:27:22[diff] [blame]337 ASSERT_TRUE(server_ret == net::OK || server_ret == net::ERR_IO_PENDING);
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]338
339 if (client_ret == net::ERR_IO_PENDING) {
[email protected]302b6272011-01-19 01:27:22[diff] [blame]340 ASSERT_EQ(net::OK, connect_callback.WaitForResult());
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]341 }
342 if (server_ret == net::ERR_IO_PENDING) {
[email protected]302b6272011-01-19 01:27:22[diff] [blame]343 ASSERT_EQ(net::OK, accept_callback.WaitForResult());
[email protected]f61c3972010-12-23 09:54:15[diff] [blame]344 }
345
346 const int kReadBufSize = 1024;
347 scoped_refptr<net::StringIOBuffer> write_buf =
348 new net::StringIOBuffer("testing123");
349 scoped_refptr<net::IOBuffer> read_buf = new net::IOBuffer(kReadBufSize);
350
351 // Write then read.
352 TestCompletionCallback write_callback;
353 TestCompletionCallback read_callback;
354 server_ret = server_socket_->Write(write_buf, write_buf->size(),
355 &write_callback);
356 EXPECT_TRUE(server_ret > 0 || server_ret == net::ERR_IO_PENDING);
357 client_ret = client_socket_->Read(read_buf, kReadBufSize, &read_callback);
358 EXPECT_TRUE(client_ret > 0 || client_ret == net::ERR_IO_PENDING);
359
360 if (server_ret == net::ERR_IO_PENDING) {
361 EXPECT_GT(write_callback.WaitForResult(), 0);
362 }
363 if (client_ret == net::ERR_IO_PENDING) {
364 EXPECT_GT(read_callback.WaitForResult(), 0);
365 }
366 EXPECT_EQ(0, memcmp(write_buf->data(), read_buf->data(), write_buf->size()));
367
368 // Read then write.
369 write_buf = new net::StringIOBuffer("hello123");
370 server_ret = server_socket_->Read(read_buf, kReadBufSize, &read_callback);
371 EXPECT_TRUE(server_ret > 0 || server_ret == net::ERR_IO_PENDING);
372 client_ret = client_socket_->Write(write_buf, write_buf->size(),
373 &write_callback);
374 EXPECT_TRUE(client_ret > 0 || client_ret == net::ERR_IO_PENDING);
375
376 if (server_ret == net::ERR_IO_PENDING) {
377 EXPECT_GT(read_callback.WaitForResult(), 0);
378 }
379 if (client_ret == net::ERR_IO_PENDING) {
380 EXPECT_GT(write_callback.WaitForResult(), 0);
381 }
382 EXPECT_EQ(0, memcmp(write_buf->data(), read_buf->data(), write_buf->size()));
383}
384#endif
385
386} // namespace net