search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cc: Added inline to Tile::IsReadyToDraw
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
blob8aecb98dd8528cd9bc36c1886f0c13e02ae49a61
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "net/base/auth.h"
13 #include "net/base/load_timing_info.h"
14 #include "net/base/load_timing_info_test_util.h"
15 #include "net/base/net_errors.h"
16 #include "net/base/test_completion_callback.h"
17 #include "net/cert/cert_verifier.h"
18 #include "net/dns/mock_host_resolver.h"
19 #include "net/http/http_auth_handler_factory.h"
20 #include "net/http/http_network_session.h"
21 #include "net/http/http_request_headers.h"
22 #include "net/http/http_response_headers.h"
23 #include "net/http/http_server_properties_impl.h"
24 #include "net/proxy/proxy_service.h"
25 #include "net/socket/client_socket_handle.h"
26 #include "net/socket/client_socket_pool_histograms.h"
27 #include "net/socket/next_proto.h"
28 #include "net/socket/socket_test_util.h"
29 #include "net/spdy/spdy_session.h"
30 #include "net/spdy/spdy_session_pool.h"
31 #include "net/spdy/spdy_test_util_common.h"
32 #include "net/ssl/ssl_config_service_defaults.h"
33 #include "net/test/test_certificate_data.h"
34 #include "testing/gtest/include/gtest/gtest.h"
35
36 namespace net {
37
38 namespace {
39
40 const int kMaxSockets = 32;
41 const int kMaxSocketsPerGroup = 6;
42
43 // Make sure |handle|'s load times are set correctly. DNS and connect start
44 // times comes from mock client sockets in these tests, so primarily serves to
45 // check those times were copied, and ssl times / connect end are set correctly.
46 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
47 LoadTimingInfo load_timing_info;
48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
49
50 EXPECT_FALSE(load_timing_info.socket_reused);
51 // None of these tests use a NetLog.
52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
53
54 ExpectConnectTimingHasTimes(
55 load_timing_info.connect_timing,
56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
58 }
59
60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
61 // tests over proxies that do DNS lookups themselves.
62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
63 LoadTimingInfo load_timing_info;
64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
65
66 // None of these tests use a NetLog.
67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
68
69 EXPECT_FALSE(load_timing_info.socket_reused);
70
71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
72 CONNECT_TIMING_HAS_SSL_TIMES);
73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
74 }
75
76 class SSLClientSocketPoolTest
77 : public testing::Test,
78 public ::testing::WithParamInterface<NextProto> {
79 protected:
80 SSLClientSocketPoolTest()
81 : proxy_service_(ProxyService::CreateDirect()),
82 ssl_config_service_(new SSLConfigServiceDefaults),
83 http_auth_handler_factory_(
84 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
85 session_(CreateNetworkSession()),
86 direct_transport_socket_params_(
87 new TransportSocketParams(HostPortPair("host", 443),
88 false,
89 false,
90 OnHostResolutionCallback())),
91 transport_histograms_("MockTCP"),
92 transport_socket_pool_(kMaxSockets,
93 kMaxSocketsPerGroup,
94 &transport_histograms_,
95 &socket_factory_),
96 proxy_transport_socket_params_(
97 new TransportSocketParams(HostPortPair("proxy", 443),
98 false,
99 false,
100 OnHostResolutionCallback())),
101 socks_socket_params_(
102 new SOCKSSocketParams(proxy_transport_socket_params_,
103 true,
104 HostPortPair("sockshost", 443))),
105 socks_histograms_("MockSOCKS"),
106 socks_socket_pool_(kMaxSockets,
107 kMaxSocketsPerGroup,
108 &socks_histograms_,
109 &transport_socket_pool_),
110 http_proxy_socket_params_(
111 new HttpProxySocketParams(proxy_transport_socket_params_,
112 NULL,
113 GURL("http://host"),
114 std::string(),
115 HostPortPair("host", 80),
116 session_->http_auth_cache(),
117 session_->http_auth_handler_factory(),
118 session_->spdy_session_pool(),
119 true)),
120 http_proxy_histograms_("MockHttpProxy"),
121 http_proxy_socket_pool_(kMaxSockets,
122 kMaxSocketsPerGroup,
123 &http_proxy_histograms_,
124 &host_resolver_,
125 &transport_socket_pool_,
126 NULL,
127 NULL) {
128 scoped_refptr<SSLConfigService> ssl_config_service(
129 new SSLConfigServiceDefaults);
130 ssl_config_service->GetSSLConfig(&ssl_config_);
131 }
132
133 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
134 ssl_histograms_.reset(new ClientSocketPoolHistograms("SSLUnitTest"));
135 pool_.reset(new SSLClientSocketPool(
136 kMaxSockets,
137 kMaxSocketsPerGroup,
138 ssl_histograms_.get(),
139 NULL /* host_resolver */,
140 NULL /* cert_verifier */,
141 NULL /* server_bound_cert_service */,
142 NULL /* transport_security_state */,
143 std::string() /* ssl_session_cache_shard */,
144 &socket_factory_,
145 transport_pool ? &transport_socket_pool_ : NULL,
146 socks_pool ? &socks_socket_pool_ : NULL,
147 http_proxy_pool ? &http_proxy_socket_pool_ : NULL,
148 NULL,
149 NULL));
150 }
151
152 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
153 bool want_spdy_over_npn) {
154 return make_scoped_refptr(new SSLSocketParams(
155 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
156 : NULL,
157 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
158 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
159 HostPortPair("host", 443),
160 ssl_config_,
161 kPrivacyModeDisabled,
162 0,
163 false,
164 want_spdy_over_npn));
165 }
166
167 void AddAuthToCache() {
168 const base::string16 kFoo(ASCIIToUTF16("foo"));
169 const base::string16 kBar(ASCIIToUTF16("bar"));
170 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
171 "MyRealm1",
172 HttpAuth::AUTH_SCHEME_BASIC,
173 "Basic realm=MyRealm1",
174 AuthCredentials(kFoo, kBar),
175 "/");
176 }
177
178 HttpNetworkSession* CreateNetworkSession() {
179 HttpNetworkSession::Params params;
180 params.host_resolver = &host_resolver_;
181 params.cert_verifier = cert_verifier_.get();
182 params.transport_security_state = transport_security_state_.get();
183 params.proxy_service = proxy_service_.get();
184 params.client_socket_factory = &socket_factory_;
185 params.ssl_config_service = ssl_config_service_.get();
186 params.http_auth_handler_factory = http_auth_handler_factory_.get();
187 params.http_server_properties =
188 http_server_properties_.GetWeakPtr();
189 params.enable_spdy_compression = false;
190 params.spdy_default_protocol = GetParam();
191 return new HttpNetworkSession(params);
192 }
193
194 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
195
196 MockClientSocketFactory socket_factory_;
197 MockCachingHostResolver host_resolver_;
198 scoped_ptr<CertVerifier> cert_verifier_;
199 scoped_ptr<TransportSecurityState> transport_security_state_;
200 const scoped_ptr<ProxyService> proxy_service_;
201 const scoped_refptr<SSLConfigService> ssl_config_service_;
202 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
203 HttpServerPropertiesImpl http_server_properties_;
204 const scoped_refptr<HttpNetworkSession> session_;
205
206 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
207 ClientSocketPoolHistograms transport_histograms_;
208 MockTransportClientSocketPool transport_socket_pool_;
209
210 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
211
212 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
213 ClientSocketPoolHistograms socks_histograms_;
214 MockSOCKSClientSocketPool socks_socket_pool_;
215
216 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
217 ClientSocketPoolHistograms http_proxy_histograms_;
218 HttpProxyClientSocketPool http_proxy_socket_pool_;
219
220 SSLConfig ssl_config_;
221 scoped_ptr<ClientSocketPoolHistograms> ssl_histograms_;
222 scoped_ptr<SSLClientSocketPool> pool_;
223 };
224
225 INSTANTIATE_TEST_CASE_P(
226 NextProto,
227 SSLClientSocketPoolTest,
228 testing::Values(kProtoSPDY2, kProtoSPDY3, kProtoSPDY31, kProtoSPDY4a2,
229 kProtoHTTP2Draft04));
230
231 TEST_P(SSLClientSocketPoolTest, TCPFail) {
232 StaticSocketDataProvider data;
233 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
234 socket_factory_.AddSocketDataProvider(&data);
235
236 CreatePool(true /* tcp pool */, false, false);
237 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
238 false);
239
240 ClientSocketHandle handle;
241 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
242 BoundNetLog());
243 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
244 EXPECT_FALSE(handle.is_initialized());
245 EXPECT_FALSE(handle.socket());
246 EXPECT_FALSE(handle.is_ssl_error());
247 }
248
249 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
250 StaticSocketDataProvider data;
251 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
252 socket_factory_.AddSocketDataProvider(&data);
253
254 CreatePool(true /* tcp pool */, false, false);
255 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
256 false);
257
258 ClientSocketHandle handle;
259 TestCompletionCallback callback;
260 int rv = handle.Init(
261 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
262 EXPECT_EQ(ERR_IO_PENDING, rv);
263 EXPECT_FALSE(handle.is_initialized());
264 EXPECT_FALSE(handle.socket());
265
266 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
267 EXPECT_FALSE(handle.is_initialized());
268 EXPECT_FALSE(handle.socket());
269 EXPECT_FALSE(handle.is_ssl_error());
270 }
271
272 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
273 StaticSocketDataProvider data;
274 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
275 socket_factory_.AddSocketDataProvider(&data);
276 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
277 socket_factory_.AddSSLSocketDataProvider(&ssl);
278
279 CreatePool(true /* tcp pool */, false, false);
280 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
281 false);
282
283 ClientSocketHandle handle;
284 TestCompletionCallback callback;
285 int rv = handle.Init(
286 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
287 EXPECT_EQ(OK, rv);
288 EXPECT_TRUE(handle.is_initialized());
289 EXPECT_TRUE(handle.socket());
290 TestLoadTimingInfo(handle);
291 }
292
293 // Make sure that SSLConnectJob passes on its priority to its
294 // socket request on Init (for the DIRECT case).
295 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
296 CreatePool(true /* tcp pool */, false, false);
297 scoped_refptr<SSLSocketParams> params =
298 SSLParams(ProxyServer::SCHEME_DIRECT, false);
299
300 for (int i = MINIMUM_PRIORITY; i < NUM_PRIORITIES; ++i) {
301 RequestPriority priority = static_cast<RequestPriority>(i);
302 StaticSocketDataProvider data;
303 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
304 socket_factory_.AddSocketDataProvider(&data);
305 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
306 socket_factory_.AddSSLSocketDataProvider(&ssl);
307
308 ClientSocketHandle handle;
309 TestCompletionCallback callback;
310 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
311 pool_.get(), BoundNetLog()));
312 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
313 handle.socket()->Disconnect();
314 }
315 }
316
317 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
318 StaticSocketDataProvider data;
319 socket_factory_.AddSocketDataProvider(&data);
320 SSLSocketDataProvider ssl(ASYNC, OK);
321 socket_factory_.AddSSLSocketDataProvider(&ssl);
322
323 CreatePool(true /* tcp pool */, false, false);
324 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
325 false);
326
327 ClientSocketHandle handle;
328 TestCompletionCallback callback;
329 int rv = handle.Init(
330 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
331 EXPECT_EQ(ERR_IO_PENDING, rv);
332 EXPECT_FALSE(handle.is_initialized());
333 EXPECT_FALSE(handle.socket());
334
335 EXPECT_EQ(OK, callback.WaitForResult());
336 EXPECT_TRUE(handle.is_initialized());
337 EXPECT_TRUE(handle.socket());
338 TestLoadTimingInfo(handle);
339 }
340
341 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
342 StaticSocketDataProvider data;
343 socket_factory_.AddSocketDataProvider(&data);
344 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
345 socket_factory_.AddSSLSocketDataProvider(&ssl);
346
347 CreatePool(true /* tcp pool */, false, false);
348 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
349 false);
350
351 ClientSocketHandle handle;
352 TestCompletionCallback callback;
353 int rv = handle.Init(
354 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
355 EXPECT_EQ(ERR_IO_PENDING, rv);
356 EXPECT_FALSE(handle.is_initialized());
357 EXPECT_FALSE(handle.socket());
358
359 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
360 EXPECT_TRUE(handle.is_initialized());
361 EXPECT_TRUE(handle.socket());
362 TestLoadTimingInfo(handle);
363 }
364
365 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
366 StaticSocketDataProvider data;
367 socket_factory_.AddSocketDataProvider(&data);
368 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
369 socket_factory_.AddSSLSocketDataProvider(&ssl);
370
371 CreatePool(true /* tcp pool */, false, false);
372 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
373 false);
374
375 ClientSocketHandle handle;
376 TestCompletionCallback callback;
377 int rv = handle.Init(
378 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
379 EXPECT_EQ(ERR_IO_PENDING, rv);
380 EXPECT_FALSE(handle.is_initialized());
381 EXPECT_FALSE(handle.socket());
382
383 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
384 EXPECT_FALSE(handle.is_initialized());
385 EXPECT_FALSE(handle.socket());
386 EXPECT_TRUE(handle.is_ssl_error());
387 }
388
389 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
390 StaticSocketDataProvider data;
391 socket_factory_.AddSocketDataProvider(&data);
392 SSLSocketDataProvider ssl(ASYNC, OK);
393 ssl.SetNextProto(kProtoHTTP11);
394 socket_factory_.AddSSLSocketDataProvider(&ssl);
395
396 CreatePool(true /* tcp pool */, false, false);
397 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
398 false);
399
400 ClientSocketHandle handle;
401 TestCompletionCallback callback;
402 int rv = handle.Init(
403 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
404 EXPECT_EQ(ERR_IO_PENDING, rv);
405 EXPECT_FALSE(handle.is_initialized());
406 EXPECT_FALSE(handle.socket());
407
408 EXPECT_EQ(OK, callback.WaitForResult());
409 EXPECT_TRUE(handle.is_initialized());
410 EXPECT_TRUE(handle.socket());
411 TestLoadTimingInfo(handle);
412 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
413 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
414 }
415
416 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
417 StaticSocketDataProvider data;
418 socket_factory_.AddSocketDataProvider(&data);
419 SSLSocketDataProvider ssl(ASYNC, OK);
420 ssl.SetNextProto(kProtoHTTP11);
421 socket_factory_.AddSSLSocketDataProvider(&ssl);
422
423 CreatePool(true /* tcp pool */, false, false);
424 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
425 true);
426
427 ClientSocketHandle handle;
428 TestCompletionCallback callback;
429 int rv = handle.Init(
430 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
431 EXPECT_EQ(ERR_IO_PENDING, rv);
432 EXPECT_FALSE(handle.is_initialized());
433 EXPECT_FALSE(handle.socket());
434
435 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
436 EXPECT_FALSE(handle.is_initialized());
437 EXPECT_FALSE(handle.socket());
438 EXPECT_TRUE(handle.is_ssl_error());
439 }
440
441 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
442 StaticSocketDataProvider data;
443 socket_factory_.AddSocketDataProvider(&data);
444 SSLSocketDataProvider ssl(ASYNC, OK);
445 ssl.SetNextProto(GetParam());
446 socket_factory_.AddSSLSocketDataProvider(&ssl);
447
448 CreatePool(true /* tcp pool */, false, false);
449 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
450 true);
451
452 ClientSocketHandle handle;
453 TestCompletionCallback callback;
454 int rv = handle.Init(
455 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
456 EXPECT_EQ(ERR_IO_PENDING, rv);
457 EXPECT_FALSE(handle.is_initialized());
458 EXPECT_FALSE(handle.socket());
459
460 EXPECT_EQ(OK, callback.WaitForResult());
461 EXPECT_TRUE(handle.is_initialized());
462 EXPECT_TRUE(handle.socket());
463 TestLoadTimingInfo(handle);
464
465 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
466 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
467 std::string proto;
468 std::string server_protos;
469 ssl_socket->GetNextProto(&proto, &server_protos);
470 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
471 }
472
473 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
474 StaticSocketDataProvider data;
475 socket_factory_.AddSocketDataProvider(&data);
476 SSLSocketDataProvider ssl(ASYNC, OK);
477 ssl.SetNextProto(GetParam());
478 socket_factory_.AddSSLSocketDataProvider(&ssl);
479
480 CreatePool(true /* tcp pool */, false, false);
481 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
482 true);
483
484 ClientSocketHandle handle;
485 TestCompletionCallback callback;
486 int rv = handle.Init(
487 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
488 EXPECT_EQ(ERR_IO_PENDING, rv);
489 EXPECT_FALSE(handle.is_initialized());
490 EXPECT_FALSE(handle.socket());
491
492 EXPECT_EQ(OK, callback.WaitForResult());
493 EXPECT_TRUE(handle.is_initialized());
494 EXPECT_TRUE(handle.socket());
495 TestLoadTimingInfo(handle);
496
497 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
498 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
499 std::string proto;
500 std::string server_protos;
501 ssl_socket->GetNextProto(&proto, &server_protos);
502 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
503 }
504
505 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
506 StaticSocketDataProvider data;
507 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
508 socket_factory_.AddSocketDataProvider(&data);
509
510 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
511 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
512 false);
513
514 ClientSocketHandle handle;
515 TestCompletionCallback callback;
516 int rv = handle.Init(
517 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
518 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
519 EXPECT_FALSE(handle.is_initialized());
520 EXPECT_FALSE(handle.socket());
521 EXPECT_FALSE(handle.is_ssl_error());
522 }
523
524 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
525 StaticSocketDataProvider data;
526 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
527 socket_factory_.AddSocketDataProvider(&data);
528
529 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
530 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
531 false);
532
533 ClientSocketHandle handle;
534 TestCompletionCallback callback;
535 int rv = handle.Init(
536 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
537 EXPECT_EQ(ERR_IO_PENDING, rv);
538 EXPECT_FALSE(handle.is_initialized());
539 EXPECT_FALSE(handle.socket());
540
541 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
542 EXPECT_FALSE(handle.is_initialized());
543 EXPECT_FALSE(handle.socket());
544 EXPECT_FALSE(handle.is_ssl_error());
545 }
546
547 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
548 StaticSocketDataProvider data;
549 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
550 socket_factory_.AddSocketDataProvider(&data);
551 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
552 socket_factory_.AddSSLSocketDataProvider(&ssl);
553
554 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
555 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
556 false);
557
558 ClientSocketHandle handle;
559 TestCompletionCallback callback;
560 int rv = handle.Init(
561 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
562 EXPECT_EQ(OK, rv);
563 EXPECT_TRUE(handle.is_initialized());
564 EXPECT_TRUE(handle.socket());
565 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
566 // don't go through the real logic, unlike in the HTTP proxy tests.
567 TestLoadTimingInfo(handle);
568 }
569
570 // Make sure that SSLConnectJob passes on its priority to its
571 // transport socket on Init (for the SOCKS_PROXY case).
572 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
573 StaticSocketDataProvider data;
574 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
575 socket_factory_.AddSocketDataProvider(&data);
576 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
577 socket_factory_.AddSSLSocketDataProvider(&ssl);
578
579 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
580 scoped_refptr<SSLSocketParams> params =
581 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
582
583 ClientSocketHandle handle;
584 TestCompletionCallback callback;
585 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
586 pool_.get(), BoundNetLog()));
587 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
588 }
589
590 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
591 StaticSocketDataProvider data;
592 socket_factory_.AddSocketDataProvider(&data);
593 SSLSocketDataProvider ssl(ASYNC, OK);
594 socket_factory_.AddSSLSocketDataProvider(&ssl);
595
596 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
597 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
598 false);
599
600 ClientSocketHandle handle;
601 TestCompletionCallback callback;
602 int rv = handle.Init(
603 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
604 EXPECT_EQ(ERR_IO_PENDING, rv);
605 EXPECT_FALSE(handle.is_initialized());
606 EXPECT_FALSE(handle.socket());
607
608 EXPECT_EQ(OK, callback.WaitForResult());
609 EXPECT_TRUE(handle.is_initialized());
610 EXPECT_TRUE(handle.socket());
611 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
612 // don't go through the real logic, unlike in the HTTP proxy tests.
613 TestLoadTimingInfo(handle);
614 }
615
616 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
617 StaticSocketDataProvider data;
618 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
619 socket_factory_.AddSocketDataProvider(&data);
620
621 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
622 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
623 false);
624
625 ClientSocketHandle handle;
626 TestCompletionCallback callback;
627 int rv = handle.Init(
628 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
629 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
630 EXPECT_FALSE(handle.is_initialized());
631 EXPECT_FALSE(handle.socket());
632 EXPECT_FALSE(handle.is_ssl_error());
633 }
634
635 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
636 StaticSocketDataProvider data;
637 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
638 socket_factory_.AddSocketDataProvider(&data);
639
640 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
641 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
642 false);
643
644 ClientSocketHandle handle;
645 TestCompletionCallback callback;
646 int rv = handle.Init(
647 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
648 EXPECT_EQ(ERR_IO_PENDING, rv);
649 EXPECT_FALSE(handle.is_initialized());
650 EXPECT_FALSE(handle.socket());
651
652 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
653 EXPECT_FALSE(handle.is_initialized());
654 EXPECT_FALSE(handle.socket());
655 EXPECT_FALSE(handle.is_ssl_error());
656 }
657
658 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
659 MockWrite writes[] = {
660 MockWrite(SYNCHRONOUS,
661 "CONNECT host:80 HTTP/1.1\r\n"
662 "Host: host\r\n"
663 "Proxy-Connection: keep-alive\r\n"
664 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
665 };
666 MockRead reads[] = {
667 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
668 };
669 StaticSocketDataProvider data(reads, arraysize(reads), writes,
670 arraysize(writes));
671 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
672 socket_factory_.AddSocketDataProvider(&data);
673 AddAuthToCache();
674 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
675 socket_factory_.AddSSLSocketDataProvider(&ssl);
676
677 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
678 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
679 false);
680
681 ClientSocketHandle handle;
682 TestCompletionCallback callback;
683 int rv = handle.Init(
684 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
685 EXPECT_EQ(OK, rv);
686 EXPECT_TRUE(handle.is_initialized());
687 EXPECT_TRUE(handle.socket());
688 TestLoadTimingInfoNoDns(handle);
689 }
690
691 // Make sure that SSLConnectJob passes on its priority to its
692 // transport socket on Init (for the HTTP_PROXY case).
693 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
694 MockWrite writes[] = {
695 MockWrite(SYNCHRONOUS,
696 "CONNECT host:80 HTTP/1.1\r\n"
697 "Host: host\r\n"
698 "Proxy-Connection: keep-alive\r\n"
699 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
700 };
701 MockRead reads[] = {
702 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
703 };
704 StaticSocketDataProvider data(reads, arraysize(reads), writes,
705 arraysize(writes));
706 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
707 socket_factory_.AddSocketDataProvider(&data);
708 AddAuthToCache();
709 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
710 socket_factory_.AddSSLSocketDataProvider(&ssl);
711
712 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
713 scoped_refptr<SSLSocketParams> params =
714 SSLParams(ProxyServer::SCHEME_HTTP, false);
715
716 ClientSocketHandle handle;
717 TestCompletionCallback callback;
718 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
719 pool_.get(), BoundNetLog()));
720 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
721 }
722
723 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
724 MockWrite writes[] = {
725 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
726 "Host: host\r\n"
727 "Proxy-Connection: keep-alive\r\n"
728 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
729 };
730 MockRead reads[] = {
731 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
732 };
733 StaticSocketDataProvider data(reads, arraysize(reads), writes,
734 arraysize(writes));
735 socket_factory_.AddSocketDataProvider(&data);
736 AddAuthToCache();
737 SSLSocketDataProvider ssl(ASYNC, OK);
738 socket_factory_.AddSSLSocketDataProvider(&ssl);
739
740 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
741 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
742 false);
743
744 ClientSocketHandle handle;
745 TestCompletionCallback callback;
746 int rv = handle.Init(
747 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
748 EXPECT_EQ(ERR_IO_PENDING, rv);
749 EXPECT_FALSE(handle.is_initialized());
750 EXPECT_FALSE(handle.socket());
751
752 EXPECT_EQ(OK, callback.WaitForResult());
753 EXPECT_TRUE(handle.is_initialized());
754 EXPECT_TRUE(handle.socket());
755 TestLoadTimingInfoNoDns(handle);
756 }
757
758 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
759 MockWrite writes[] = {
760 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
761 "Host: host\r\n"
762 "Proxy-Connection: keep-alive\r\n\r\n"),
763 };
764 MockRead reads[] = {
765 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
766 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
767 MockRead("Content-Length: 10\r\n\r\n"),
768 MockRead("0123456789"),
769 };
770 StaticSocketDataProvider data(reads, arraysize(reads), writes,
771 arraysize(writes));
772 socket_factory_.AddSocketDataProvider(&data);
773 SSLSocketDataProvider ssl(ASYNC, OK);
774 socket_factory_.AddSSLSocketDataProvider(&ssl);
775
776 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
777 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
778 false);
779
780 ClientSocketHandle handle;
781 TestCompletionCallback callback;
782 int rv = handle.Init(
783 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
784 EXPECT_EQ(ERR_IO_PENDING, rv);
785 EXPECT_FALSE(handle.is_initialized());
786 EXPECT_FALSE(handle.socket());
787
788 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
789 EXPECT_FALSE(handle.is_initialized());
790 EXPECT_FALSE(handle.socket());
791 EXPECT_FALSE(handle.is_ssl_error());
792 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
793 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
794 scoped_ptr<ClientSocketHandle> tunnel_handle(
795 handle.release_pending_http_proxy_connection());
796 EXPECT_TRUE(tunnel_handle->socket());
797 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
798 }
799
800 TEST_P(SSLClientSocketPoolTest, IPPooling) {
801 const int kTestPort = 80;
802 struct TestHosts {
803 std::string name;
804 std::string iplist;
805 SpdySessionKey key;
806 AddressList addresses;
807 } test_hosts[] = {
808 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
809 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
810 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
811 };
812
813 host_resolver_.set_synchronous_mode(true);
814 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
815 host_resolver_.rules()->AddIPLiteralRule(
816 test_hosts[i].name, test_hosts[i].iplist, std::string());
817
818 // This test requires that the HostResolver cache be populated. Normal
819 // code would have done this already, but we do it manually.
820 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
821 host_resolver_.Resolve(info,
822 DEFAULT_PRIORITY,
823 &test_hosts[i].addresses,
824 CompletionCallback(),
825 NULL,
826 BoundNetLog());
827
828 // Setup a SpdySessionKey
829 test_hosts[i].key = SpdySessionKey(
830 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
831 kPrivacyModeDisabled);
832 }
833
834 MockRead reads[] = {
835 MockRead(ASYNC, ERR_IO_PENDING),
836 };
837 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
838 socket_factory_.AddSocketDataProvider(&data);
839 SSLSocketDataProvider ssl(ASYNC, OK);
840 ssl.cert = X509Certificate::CreateFromBytes(
841 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
842 ssl.SetNextProto(GetParam());
843 socket_factory_.AddSSLSocketDataProvider(&ssl);
844
845 CreatePool(true /* tcp pool */, false, false);
846 base::WeakPtr<SpdySession> spdy_session =
847 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
848
849 EXPECT_TRUE(
850 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
851 EXPECT_FALSE(
852 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
853 EXPECT_TRUE(
854 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
855
856 session_->spdy_session_pool()->CloseAllSessions();
857 }
858
859 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
860 SSLSocketDataProvider* ssl) {
861 const int kTestPort = 80;
862 struct TestHosts {
863 std::string name;
864 std::string iplist;
865 SpdySessionKey key;
866 AddressList addresses;
867 } test_hosts[] = {
868 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
869 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
870 };
871
872 TestCompletionCallback callback;
873 int rv;
874 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
875 host_resolver_.rules()->AddIPLiteralRule(
876 test_hosts[i].name, test_hosts[i].iplist, std::string());
877
878 // This test requires that the HostResolver cache be populated. Normal
879 // code would have done this already, but we do it manually.
880 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
881 rv = host_resolver_.Resolve(info,
882 DEFAULT_PRIORITY,
883 &test_hosts[i].addresses,
884 callback.callback(),
885 NULL,
886 BoundNetLog());
887 EXPECT_EQ(OK, callback.GetResult(rv));
888
889 // Setup a SpdySessionKey
890 test_hosts[i].key = SpdySessionKey(
891 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
892 kPrivacyModeDisabled);
893 }
894
895 MockRead reads[] = {
896 MockRead(ASYNC, ERR_IO_PENDING),
897 };
898 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
899 socket_factory_.AddSocketDataProvider(&data);
900 socket_factory_.AddSSLSocketDataProvider(ssl);
901
902 CreatePool(true /* tcp pool */, false, false);
903 base::WeakPtr<SpdySession> spdy_session =
904 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
905
906 EXPECT_TRUE(
907 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
908 EXPECT_FALSE(
909 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
910
911 session_->spdy_session_pool()->CloseAllSessions();
912 }
913
914 // Verifies that an SSL connection with client authentication disables SPDY IP
915 // pooling.
916 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
917 SSLSocketDataProvider ssl(ASYNC, OK);
918 ssl.cert = X509Certificate::CreateFromBytes(
919 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
920 ssl.client_cert_sent = true;
921 ssl.SetNextProto(GetParam());
922 TestIPPoolingDisabled(&ssl);
923 }
924
925 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
926 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
927 SSLSocketDataProvider ssl(ASYNC, OK);
928 ssl.channel_id_sent = true;
929 ssl.SetNextProto(GetParam());
930 TestIPPoolingDisabled(&ssl);
931 }
932
933 // It would be nice to also test the timeouts in SSLClientSocketPool.
934
935 } // namespace
936
937 } // namespace net