search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Convert raw pointers to scoped_ptr in net module.
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
bloba9d34472b6985584bf82186dbe72558852138267
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "net/base/auth.h"
13 #include "net/base/load_timing_info.h"
14 #include "net/base/load_timing_info_test_util.h"
15 #include "net/base/net_errors.h"
16 #include "net/base/test_completion_callback.h"
17 #include "net/cert/cert_verifier.h"
18 #include "net/dns/mock_host_resolver.h"
19 #include "net/http/http_auth_handler_factory.h"
20 #include "net/http/http_network_session.h"
21 #include "net/http/http_request_headers.h"
22 #include "net/http/http_response_headers.h"
23 #include "net/http/http_server_properties_impl.h"
24 #include "net/http/transport_security_state.h"
25 #include "net/proxy/proxy_service.h"
26 #include "net/socket/client_socket_handle.h"
27 #include "net/socket/next_proto.h"
28 #include "net/socket/socket_test_util.h"
29 #include "net/spdy/spdy_session.h"
30 #include "net/spdy/spdy_session_pool.h"
31 #include "net/spdy/spdy_test_util_common.h"
32 #include "net/ssl/ssl_config_service_defaults.h"
33 #include "net/test/test_certificate_data.h"
34 #include "testing/gtest/include/gtest/gtest.h"
35
36 namespace net {
37
38 namespace {
39
40 const int kMaxSockets = 32;
41 const int kMaxSocketsPerGroup = 6;
42
43 // Make sure |handle|'s load times are set correctly. DNS and connect start
44 // times comes from mock client sockets in these tests, so primarily serves to
45 // check those times were copied, and ssl times / connect end are set correctly.
46 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
47 LoadTimingInfo load_timing_info;
48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
49
50 EXPECT_FALSE(load_timing_info.socket_reused);
51 // None of these tests use a NetLog.
52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
53
54 ExpectConnectTimingHasTimes(
55 load_timing_info.connect_timing,
56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
58 }
59
60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
61 // tests over proxies that do DNS lookups themselves.
62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
63 LoadTimingInfo load_timing_info;
64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
65
66 // None of these tests use a NetLog.
67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
68
69 EXPECT_FALSE(load_timing_info.socket_reused);
70
71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
72 CONNECT_TIMING_HAS_SSL_TIMES);
73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
74 }
75
76 class SSLClientSocketPoolTest
77 : public testing::Test,
78 public ::testing::WithParamInterface<NextProto> {
79 protected:
80 SSLClientSocketPoolTest()
81 : transport_security_state_(new TransportSecurityState),
82 proxy_service_(ProxyService::CreateDirect()),
83 ssl_config_service_(new SSLConfigServiceDefaults),
84 http_auth_handler_factory_(
85 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
86 session_(CreateNetworkSession()),
87 direct_transport_socket_params_(new TransportSocketParams(
88 HostPortPair("host", 443),
89 false,
90 false,
91 OnHostResolutionCallback(),
92 TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)),
93 transport_socket_pool_(kMaxSockets,
94 kMaxSocketsPerGroup,
95 &socket_factory_),
96 proxy_transport_socket_params_(new TransportSocketParams(
97 HostPortPair("proxy", 443),
98 false,
99 false,
100 OnHostResolutionCallback(),
101 TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)),
102 socks_socket_params_(
103 new SOCKSSocketParams(proxy_transport_socket_params_,
104 true,
105 HostPortPair("sockshost", 443))),
106 socks_socket_pool_(kMaxSockets,
107 kMaxSocketsPerGroup,
108 &transport_socket_pool_),
109 http_proxy_socket_params_(
110 new HttpProxySocketParams(proxy_transport_socket_params_,
111 NULL,
112 std::string(),
113 HostPortPair("host", 80),
114 session_->http_auth_cache(),
115 session_->http_auth_handler_factory(),
116 session_->spdy_session_pool(),
117 true,
118 NULL)),
119 http_proxy_socket_pool_(kMaxSockets,
120 kMaxSocketsPerGroup,
121 &transport_socket_pool_,
122 NULL,
123 NULL) {
124 scoped_refptr<SSLConfigService> ssl_config_service(
125 new SSLConfigServiceDefaults);
126 ssl_config_service->GetSSLConfig(&ssl_config_);
127 }
128
129 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
130 pool_.reset(new SSLClientSocketPool(
131 kMaxSockets, kMaxSocketsPerGroup, NULL /* cert_verifier */,
132 NULL /* channel_id_service */, NULL /* transport_security_state */,
133 NULL /* cert_transparency_verifier */, NULL /* cert_policy_enforcer */,
134 std::string() /* ssl_session_cache_shard */, &socket_factory_,
135 transport_pool ? &transport_socket_pool_ : NULL,
136 socks_pool ? &socks_socket_pool_ : NULL,
137 http_proxy_pool ? &http_proxy_socket_pool_ : NULL, NULL, NULL));
138 }
139
140 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
141 bool want_spdy_over_npn) {
142 return make_scoped_refptr(new SSLSocketParams(
143 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
144 : NULL,
145 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
146 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
147 HostPortPair("host", 443),
148 ssl_config_,
149 PRIVACY_MODE_DISABLED,
150 0,
151 want_spdy_over_npn));
152 }
153
154 void AddAuthToCache() {
155 const base::string16 kFoo(base::ASCIIToUTF16("foo"));
156 const base::string16 kBar(base::ASCIIToUTF16("bar"));
157 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
158 "MyRealm1",
159 HttpAuth::AUTH_SCHEME_BASIC,
160 "Basic realm=MyRealm1",
161 AuthCredentials(kFoo, kBar),
162 "/");
163 }
164
165 HttpNetworkSession* CreateNetworkSession() {
166 HttpNetworkSession::Params params;
167 params.host_resolver = &host_resolver_;
168 params.cert_verifier = cert_verifier_.get();
169 params.transport_security_state = transport_security_state_.get();
170 params.proxy_service = proxy_service_.get();
171 params.client_socket_factory = &socket_factory_;
172 params.ssl_config_service = ssl_config_service_.get();
173 params.http_auth_handler_factory = http_auth_handler_factory_.get();
174 params.http_server_properties =
175 http_server_properties_.GetWeakPtr();
176 params.enable_spdy_compression = false;
177 params.spdy_default_protocol = GetParam();
178 return new HttpNetworkSession(params);
179 }
180
181 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
182
183 MockClientSocketFactory socket_factory_;
184 MockCachingHostResolver host_resolver_;
185 scoped_ptr<CertVerifier> cert_verifier_;
186 scoped_ptr<TransportSecurityState> transport_security_state_;
187 const scoped_ptr<ProxyService> proxy_service_;
188 const scoped_refptr<SSLConfigService> ssl_config_service_;
189 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
190 HttpServerPropertiesImpl http_server_properties_;
191 const scoped_refptr<HttpNetworkSession> session_;
192
193 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
194 MockTransportClientSocketPool transport_socket_pool_;
195
196 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
197
198 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
199 MockSOCKSClientSocketPool socks_socket_pool_;
200
201 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
202 HttpProxyClientSocketPool http_proxy_socket_pool_;
203
204 SSLConfig ssl_config_;
205 scoped_ptr<SSLClientSocketPool> pool_;
206 };
207
208 INSTANTIATE_TEST_CASE_P(NextProto,
209 SSLClientSocketPoolTest,
210 testing::Values(kProtoSPDY31,
211 kProtoSPDY4_14,
212 kProtoSPDY4));
213
214 TEST_P(SSLClientSocketPoolTest, TCPFail) {
215 StaticSocketDataProvider data;
216 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
217 socket_factory_.AddSocketDataProvider(&data);
218
219 CreatePool(true /* tcp pool */, false, false);
220 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
221 false);
222
223 ClientSocketHandle handle;
224 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
225 BoundNetLog());
226 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
227 EXPECT_FALSE(handle.is_initialized());
228 EXPECT_FALSE(handle.socket());
229 EXPECT_FALSE(handle.is_ssl_error());
230 ASSERT_EQ(1u, handle.connection_attempts().size());
231 EXPECT_EQ(ERR_CONNECTION_FAILED, handle.connection_attempts()[0].result);
232 }
233
234 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
235 StaticSocketDataProvider data;
236 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
237 socket_factory_.AddSocketDataProvider(&data);
238
239 CreatePool(true /* tcp pool */, false, false);
240 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
241 false);
242
243 ClientSocketHandle handle;
244 TestCompletionCallback callback;
245 int rv = handle.Init(
246 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
247 EXPECT_EQ(ERR_IO_PENDING, rv);
248 EXPECT_FALSE(handle.is_initialized());
249 EXPECT_FALSE(handle.socket());
250
251 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
252 EXPECT_FALSE(handle.is_initialized());
253 EXPECT_FALSE(handle.socket());
254 EXPECT_FALSE(handle.is_ssl_error());
255 ASSERT_EQ(1u, handle.connection_attempts().size());
256 EXPECT_EQ(ERR_CONNECTION_FAILED, handle.connection_attempts()[0].result);
257 }
258
259 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
260 StaticSocketDataProvider data;
261 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
262 socket_factory_.AddSocketDataProvider(&data);
263 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
264 socket_factory_.AddSSLSocketDataProvider(&ssl);
265
266 CreatePool(true /* tcp pool */, false, false);
267 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
268 false);
269
270 ClientSocketHandle handle;
271 TestCompletionCallback callback;
272 int rv = handle.Init(
273 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
274 EXPECT_EQ(OK, rv);
275 EXPECT_TRUE(handle.is_initialized());
276 EXPECT_TRUE(handle.socket());
277 TestLoadTimingInfo(handle);
278 EXPECT_EQ(0u, handle.connection_attempts().size());
279 }
280
281 // Make sure that SSLConnectJob passes on its priority to its
282 // socket request on Init (for the DIRECT case).
283 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
284 CreatePool(true /* tcp pool */, false, false);
285 scoped_refptr<SSLSocketParams> params =
286 SSLParams(ProxyServer::SCHEME_DIRECT, false);
287
288 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) {
289 RequestPriority priority = static_cast<RequestPriority>(i);
290 StaticSocketDataProvider data;
291 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
292 socket_factory_.AddSocketDataProvider(&data);
293 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
294 socket_factory_.AddSSLSocketDataProvider(&ssl);
295
296 ClientSocketHandle handle;
297 TestCompletionCallback callback;
298 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
299 pool_.get(), BoundNetLog()));
300 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
301 handle.socket()->Disconnect();
302 }
303 }
304
305 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
306 StaticSocketDataProvider data;
307 socket_factory_.AddSocketDataProvider(&data);
308 SSLSocketDataProvider ssl(ASYNC, OK);
309 socket_factory_.AddSSLSocketDataProvider(&ssl);
310
311 CreatePool(true /* tcp pool */, false, false);
312 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
313 false);
314
315 ClientSocketHandle handle;
316 TestCompletionCallback callback;
317 int rv = handle.Init(
318 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
319 EXPECT_EQ(ERR_IO_PENDING, rv);
320 EXPECT_FALSE(handle.is_initialized());
321 EXPECT_FALSE(handle.socket());
322
323 EXPECT_EQ(OK, callback.WaitForResult());
324 EXPECT_TRUE(handle.is_initialized());
325 EXPECT_TRUE(handle.socket());
326 TestLoadTimingInfo(handle);
327 }
328
329 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
330 StaticSocketDataProvider data;
331 socket_factory_.AddSocketDataProvider(&data);
332 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
333 socket_factory_.AddSSLSocketDataProvider(&ssl);
334
335 CreatePool(true /* tcp pool */, false, false);
336 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
337 false);
338
339 ClientSocketHandle handle;
340 TestCompletionCallback callback;
341 int rv = handle.Init(
342 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
343 EXPECT_EQ(ERR_IO_PENDING, rv);
344 EXPECT_FALSE(handle.is_initialized());
345 EXPECT_FALSE(handle.socket());
346
347 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
348 EXPECT_TRUE(handle.is_initialized());
349 EXPECT_TRUE(handle.socket());
350 TestLoadTimingInfo(handle);
351 }
352
353 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
354 StaticSocketDataProvider data;
355 socket_factory_.AddSocketDataProvider(&data);
356 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
357 socket_factory_.AddSSLSocketDataProvider(&ssl);
358
359 CreatePool(true /* tcp pool */, false, false);
360 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
361 false);
362
363 ClientSocketHandle handle;
364 TestCompletionCallback callback;
365 int rv = handle.Init(
366 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
367 EXPECT_EQ(ERR_IO_PENDING, rv);
368 EXPECT_FALSE(handle.is_initialized());
369 EXPECT_FALSE(handle.socket());
370
371 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
372 EXPECT_FALSE(handle.is_initialized());
373 EXPECT_FALSE(handle.socket());
374 EXPECT_TRUE(handle.is_ssl_error());
375 }
376
377 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
378 StaticSocketDataProvider data;
379 socket_factory_.AddSocketDataProvider(&data);
380 SSLSocketDataProvider ssl(ASYNC, OK);
381 ssl.SetNextProto(kProtoHTTP11);
382 socket_factory_.AddSSLSocketDataProvider(&ssl);
383
384 CreatePool(true /* tcp pool */, false, false);
385 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
386 false);
387
388 ClientSocketHandle handle;
389 TestCompletionCallback callback;
390 int rv = handle.Init(
391 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
392 EXPECT_EQ(ERR_IO_PENDING, rv);
393 EXPECT_FALSE(handle.is_initialized());
394 EXPECT_FALSE(handle.socket());
395
396 EXPECT_EQ(OK, callback.WaitForResult());
397 EXPECT_TRUE(handle.is_initialized());
398 EXPECT_TRUE(handle.socket());
399 TestLoadTimingInfo(handle);
400 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
401 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
402 }
403
404 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
405 StaticSocketDataProvider data;
406 socket_factory_.AddSocketDataProvider(&data);
407 SSLSocketDataProvider ssl(ASYNC, OK);
408 ssl.SetNextProto(kProtoHTTP11);
409 socket_factory_.AddSSLSocketDataProvider(&ssl);
410
411 CreatePool(true /* tcp pool */, false, false);
412 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
413 true);
414
415 ClientSocketHandle handle;
416 TestCompletionCallback callback;
417 int rv = handle.Init(
418 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
419 EXPECT_EQ(ERR_IO_PENDING, rv);
420 EXPECT_FALSE(handle.is_initialized());
421 EXPECT_FALSE(handle.socket());
422
423 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
424 EXPECT_FALSE(handle.is_initialized());
425 EXPECT_FALSE(handle.socket());
426 EXPECT_TRUE(handle.is_ssl_error());
427 }
428
429 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
430 StaticSocketDataProvider data;
431 socket_factory_.AddSocketDataProvider(&data);
432 SSLSocketDataProvider ssl(ASYNC, OK);
433 ssl.SetNextProto(GetParam());
434 socket_factory_.AddSSLSocketDataProvider(&ssl);
435
436 CreatePool(true /* tcp pool */, false, false);
437 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
438 true);
439
440 ClientSocketHandle handle;
441 TestCompletionCallback callback;
442 int rv = handle.Init(
443 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
444 EXPECT_EQ(ERR_IO_PENDING, rv);
445 EXPECT_FALSE(handle.is_initialized());
446 EXPECT_FALSE(handle.socket());
447
448 EXPECT_EQ(OK, callback.WaitForResult());
449 EXPECT_TRUE(handle.is_initialized());
450 EXPECT_TRUE(handle.socket());
451 TestLoadTimingInfo(handle);
452
453 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
454 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
455 std::string proto;
456 ssl_socket->GetNextProto(&proto);
457 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
458 }
459
460 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
461 StaticSocketDataProvider data;
462 socket_factory_.AddSocketDataProvider(&data);
463 SSLSocketDataProvider ssl(ASYNC, OK);
464 ssl.SetNextProto(GetParam());
465 socket_factory_.AddSSLSocketDataProvider(&ssl);
466
467 CreatePool(true /* tcp pool */, false, false);
468 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
469 true);
470
471 ClientSocketHandle handle;
472 TestCompletionCallback callback;
473 int rv = handle.Init(
474 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
475 EXPECT_EQ(ERR_IO_PENDING, rv);
476 EXPECT_FALSE(handle.is_initialized());
477 EXPECT_FALSE(handle.socket());
478
479 EXPECT_EQ(OK, callback.WaitForResult());
480 EXPECT_TRUE(handle.is_initialized());
481 EXPECT_TRUE(handle.socket());
482 TestLoadTimingInfo(handle);
483
484 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
485 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
486 std::string proto;
487 ssl_socket->GetNextProto(&proto);
488 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
489 }
490
491 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
492 StaticSocketDataProvider data;
493 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
494 socket_factory_.AddSocketDataProvider(&data);
495
496 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
497 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
498 false);
499
500 ClientSocketHandle handle;
501 TestCompletionCallback callback;
502 int rv = handle.Init(
503 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
504 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
505 EXPECT_FALSE(handle.is_initialized());
506 EXPECT_FALSE(handle.socket());
507 EXPECT_FALSE(handle.is_ssl_error());
508 }
509
510 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
511 StaticSocketDataProvider data;
512 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
513 socket_factory_.AddSocketDataProvider(&data);
514
515 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
516 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
517 false);
518
519 ClientSocketHandle handle;
520 TestCompletionCallback callback;
521 int rv = handle.Init(
522 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
523 EXPECT_EQ(ERR_IO_PENDING, rv);
524 EXPECT_FALSE(handle.is_initialized());
525 EXPECT_FALSE(handle.socket());
526
527 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
528 EXPECT_FALSE(handle.is_initialized());
529 EXPECT_FALSE(handle.socket());
530 EXPECT_FALSE(handle.is_ssl_error());
531 }
532
533 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
534 StaticSocketDataProvider data;
535 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
536 socket_factory_.AddSocketDataProvider(&data);
537 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
538 socket_factory_.AddSSLSocketDataProvider(&ssl);
539
540 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
541 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
542 false);
543
544 ClientSocketHandle handle;
545 TestCompletionCallback callback;
546 int rv = handle.Init(
547 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
548 EXPECT_EQ(OK, rv);
549 EXPECT_TRUE(handle.is_initialized());
550 EXPECT_TRUE(handle.socket());
551 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
552 // don't go through the real logic, unlike in the HTTP proxy tests.
553 TestLoadTimingInfo(handle);
554 }
555
556 // Make sure that SSLConnectJob passes on its priority to its
557 // transport socket on Init (for the SOCKS_PROXY case).
558 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
559 StaticSocketDataProvider data;
560 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
561 socket_factory_.AddSocketDataProvider(&data);
562 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
563 socket_factory_.AddSSLSocketDataProvider(&ssl);
564
565 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
566 scoped_refptr<SSLSocketParams> params =
567 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
568
569 ClientSocketHandle handle;
570 TestCompletionCallback callback;
571 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
572 pool_.get(), BoundNetLog()));
573 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
574 }
575
576 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
577 StaticSocketDataProvider data;
578 socket_factory_.AddSocketDataProvider(&data);
579 SSLSocketDataProvider ssl(ASYNC, OK);
580 socket_factory_.AddSSLSocketDataProvider(&ssl);
581
582 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
583 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
584 false);
585
586 ClientSocketHandle handle;
587 TestCompletionCallback callback;
588 int rv = handle.Init(
589 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
590 EXPECT_EQ(ERR_IO_PENDING, rv);
591 EXPECT_FALSE(handle.is_initialized());
592 EXPECT_FALSE(handle.socket());
593
594 EXPECT_EQ(OK, callback.WaitForResult());
595 EXPECT_TRUE(handle.is_initialized());
596 EXPECT_TRUE(handle.socket());
597 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
598 // don't go through the real logic, unlike in the HTTP proxy tests.
599 TestLoadTimingInfo(handle);
600 }
601
602 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
603 StaticSocketDataProvider data;
604 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
605 socket_factory_.AddSocketDataProvider(&data);
606
607 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
608 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
609 false);
610
611 ClientSocketHandle handle;
612 TestCompletionCallback callback;
613 int rv = handle.Init(
614 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
615 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
616 EXPECT_FALSE(handle.is_initialized());
617 EXPECT_FALSE(handle.socket());
618 EXPECT_FALSE(handle.is_ssl_error());
619 }
620
621 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
622 StaticSocketDataProvider data;
623 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
624 socket_factory_.AddSocketDataProvider(&data);
625
626 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
627 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
628 false);
629
630 ClientSocketHandle handle;
631 TestCompletionCallback callback;
632 int rv = handle.Init(
633 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
634 EXPECT_EQ(ERR_IO_PENDING, rv);
635 EXPECT_FALSE(handle.is_initialized());
636 EXPECT_FALSE(handle.socket());
637
638 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
639 EXPECT_FALSE(handle.is_initialized());
640 EXPECT_FALSE(handle.socket());
641 EXPECT_FALSE(handle.is_ssl_error());
642 }
643
644 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
645 MockWrite writes[] = {
646 MockWrite(SYNCHRONOUS,
647 "CONNECT host:80 HTTP/1.1\r\n"
648 "Host: host:80\r\n"
649 "Proxy-Connection: keep-alive\r\n"
650 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
651 };
652 MockRead reads[] = {
653 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
654 };
655 StaticSocketDataProvider data(reads, arraysize(reads), writes,
656 arraysize(writes));
657 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
658 socket_factory_.AddSocketDataProvider(&data);
659 AddAuthToCache();
660 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
661 socket_factory_.AddSSLSocketDataProvider(&ssl);
662
663 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
664 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
665 false);
666
667 ClientSocketHandle handle;
668 TestCompletionCallback callback;
669 int rv = handle.Init(
670 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
671 EXPECT_EQ(OK, rv);
672 EXPECT_TRUE(handle.is_initialized());
673 EXPECT_TRUE(handle.socket());
674 TestLoadTimingInfoNoDns(handle);
675 }
676
677 // Make sure that SSLConnectJob passes on its priority to its
678 // transport socket on Init (for the HTTP_PROXY case).
679 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
680 MockWrite writes[] = {
681 MockWrite(SYNCHRONOUS,
682 "CONNECT host:80 HTTP/1.1\r\n"
683 "Host: host:80\r\n"
684 "Proxy-Connection: keep-alive\r\n"
685 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
686 };
687 MockRead reads[] = {
688 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
689 };
690 StaticSocketDataProvider data(reads, arraysize(reads), writes,
691 arraysize(writes));
692 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
693 socket_factory_.AddSocketDataProvider(&data);
694 AddAuthToCache();
695 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
696 socket_factory_.AddSSLSocketDataProvider(&ssl);
697
698 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
699 scoped_refptr<SSLSocketParams> params =
700 SSLParams(ProxyServer::SCHEME_HTTP, false);
701
702 ClientSocketHandle handle;
703 TestCompletionCallback callback;
704 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
705 pool_.get(), BoundNetLog()));
706 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
707 }
708
709 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
710 MockWrite writes[] = {
711 MockWrite(
712 "CONNECT host:80 HTTP/1.1\r\n"
713 "Host: host:80\r\n"
714 "Proxy-Connection: keep-alive\r\n"
715 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
716 };
717 MockRead reads[] = {
718 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
719 };
720 StaticSocketDataProvider data(reads, arraysize(reads), writes,
721 arraysize(writes));
722 socket_factory_.AddSocketDataProvider(&data);
723 AddAuthToCache();
724 SSLSocketDataProvider ssl(ASYNC, OK);
725 socket_factory_.AddSSLSocketDataProvider(&ssl);
726
727 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
728 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
729 false);
730
731 ClientSocketHandle handle;
732 TestCompletionCallback callback;
733 int rv = handle.Init(
734 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
735 EXPECT_EQ(ERR_IO_PENDING, rv);
736 EXPECT_FALSE(handle.is_initialized());
737 EXPECT_FALSE(handle.socket());
738
739 EXPECT_EQ(OK, callback.WaitForResult());
740 EXPECT_TRUE(handle.is_initialized());
741 EXPECT_TRUE(handle.socket());
742 TestLoadTimingInfoNoDns(handle);
743 }
744
745 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
746 MockWrite writes[] = {
747 MockWrite(
748 "CONNECT host:80 HTTP/1.1\r\n"
749 "Host: host:80\r\n"
750 "Proxy-Connection: keep-alive\r\n\r\n"),
751 };
752 MockRead reads[] = {
753 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
754 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
755 MockRead("Content-Length: 10\r\n\r\n"),
756 MockRead("0123456789"),
757 };
758 StaticSocketDataProvider data(reads, arraysize(reads), writes,
759 arraysize(writes));
760 socket_factory_.AddSocketDataProvider(&data);
761 SSLSocketDataProvider ssl(ASYNC, OK);
762 socket_factory_.AddSSLSocketDataProvider(&ssl);
763
764 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
765 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
766 false);
767
768 ClientSocketHandle handle;
769 TestCompletionCallback callback;
770 int rv = handle.Init(
771 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
772 EXPECT_EQ(ERR_IO_PENDING, rv);
773 EXPECT_FALSE(handle.is_initialized());
774 EXPECT_FALSE(handle.socket());
775
776 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
777 EXPECT_FALSE(handle.is_initialized());
778 EXPECT_FALSE(handle.socket());
779 EXPECT_FALSE(handle.is_ssl_error());
780 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
781 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
782 scoped_ptr<ClientSocketHandle> tunnel_handle(
783 handle.release_pending_http_proxy_connection());
784 EXPECT_TRUE(tunnel_handle->socket());
785 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
786 }
787
788 TEST_P(SSLClientSocketPoolTest, IPPooling) {
789 const int kTestPort = 80;
790 struct TestHosts {
791 std::string name;
792 std::string iplist;
793 SpdySessionKey key;
794 AddressList addresses;
795 } test_hosts[] = {
796 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
797 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
798 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
799 };
800
801 host_resolver_.set_synchronous_mode(true);
802 for (size_t i = 0; i < arraysize(test_hosts); i++) {
803 host_resolver_.rules()->AddIPLiteralRule(
804 test_hosts[i].name, test_hosts[i].iplist, std::string());
805
806 // This test requires that the HostResolver cache be populated. Normal
807 // code would have done this already, but we do it manually.
808 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
809 host_resolver_.Resolve(info,
810 DEFAULT_PRIORITY,
811 &test_hosts[i].addresses,
812 CompletionCallback(),
813 NULL,
814 BoundNetLog());
815
816 // Setup a SpdySessionKey
817 test_hosts[i].key = SpdySessionKey(
818 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
819 PRIVACY_MODE_DISABLED);
820 }
821
822 MockRead reads[] = {
823 MockRead(ASYNC, ERR_IO_PENDING),
824 };
825 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
826 socket_factory_.AddSocketDataProvider(&data);
827 SSLSocketDataProvider ssl(ASYNC, OK);
828 ssl.cert = X509Certificate::CreateFromBytes(
829 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
830 ssl.SetNextProto(GetParam());
831 socket_factory_.AddSSLSocketDataProvider(&ssl);
832
833 CreatePool(true /* tcp pool */, false, false);
834 base::WeakPtr<SpdySession> spdy_session =
835 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
836
837 EXPECT_TRUE(
838 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
839 EXPECT_FALSE(
840 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
841 EXPECT_TRUE(
842 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
843
844 session_->spdy_session_pool()->CloseAllSessions();
845 }
846
847 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
848 SSLSocketDataProvider* ssl) {
849 const int kTestPort = 80;
850 struct TestHosts {
851 std::string name;
852 std::string iplist;
853 SpdySessionKey key;
854 AddressList addresses;
855 } test_hosts[] = {
856 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
857 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
858 };
859
860 TestCompletionCallback callback;
861 int rv;
862 for (size_t i = 0; i < arraysize(test_hosts); i++) {
863 host_resolver_.rules()->AddIPLiteralRule(
864 test_hosts[i].name, test_hosts[i].iplist, std::string());
865
866 // This test requires that the HostResolver cache be populated. Normal
867 // code would have done this already, but we do it manually.
868 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
869 rv = host_resolver_.Resolve(info,
870 DEFAULT_PRIORITY,
871 &test_hosts[i].addresses,
872 callback.callback(),
873 NULL,
874 BoundNetLog());
875 EXPECT_EQ(OK, callback.GetResult(rv));
876
877 // Setup a SpdySessionKey
878 test_hosts[i].key = SpdySessionKey(
879 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
880 PRIVACY_MODE_DISABLED);
881 }
882
883 MockRead reads[] = {
884 MockRead(ASYNC, ERR_IO_PENDING),
885 };
886 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
887 socket_factory_.AddSocketDataProvider(&data);
888 socket_factory_.AddSSLSocketDataProvider(ssl);
889
890 CreatePool(true /* tcp pool */, false, false);
891 base::WeakPtr<SpdySession> spdy_session =
892 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
893
894 EXPECT_TRUE(
895 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
896 EXPECT_FALSE(
897 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
898
899 session_->spdy_session_pool()->CloseAllSessions();
900 }
901
902 // Verifies that an SSL connection with client authentication disables SPDY IP
903 // pooling.
904 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
905 SSLSocketDataProvider ssl(ASYNC, OK);
906 ssl.cert = X509Certificate::CreateFromBytes(
907 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
908 ssl.client_cert_sent = true;
909 ssl.SetNextProto(GetParam());
910 TestIPPoolingDisabled(&ssl);
911 }
912
913 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
914 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
915 SSLSocketDataProvider ssl(ASYNC, OK);
916 ssl.channel_id_sent = true;
917 ssl.SetNextProto(GetParam());
918 TestIPPoolingDisabled(&ssl);
919 }
920
921 // It would be nice to also test the timeouts in SSLClientSocketPool.
922
923 } // namespace
924
925 } // namespace net