net/quic/quic_client_session_test.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/quic/quic_client_session.h"
   6
   7 #include <vector>
   8
   9 #include "base/base64.h"
  10 #include "base/files/file_path.h"
  11 #include "base/rand_util.h"
  12 #include "net/base/capturing_net_log.h"
  13 #include "net/base/test_completion_callback.h"
  14 #include "net/base/test_data_directory.h"
  15 #include "net/cert/cert_verify_result.h"
  16 #include "net/http/transport_security_state.h"
  17 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
  18 #include "net/quic/crypto/crypto_protocol.h"
  19 #include "net/quic/crypto/proof_verifier_chromium.h"
  20 #include "net/quic/crypto/quic_decrypter.h"
  21 #include "net/quic/crypto/quic_encrypter.h"
  22 #include "net/quic/crypto/quic_server_info.h"
  23 #include "net/quic/test_tools/crypto_test_utils.h"
  24 #include "net/quic/test_tools/quic_client_session_peer.h"
  25 #include "net/quic/test_tools/quic_test_utils.h"
  26 #include "net/quic/test_tools/simple_quic_framer.h"
  27 #include "net/socket/socket_test_util.h"
  28 #include "net/spdy/spdy_test_utils.h"
  29 #include "net/test/cert_test_util.h"
  30 #include "net/udp/datagram_client_socket.h"
  31
  32 using testing::_;
  33
  34 namespace net {
  35 namespace test {
  36 namespace {
  37
  38 const char kServerHostname[] = "www.example.org";
  39 const uint16 kServerPort = 80;
  40
  41 class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> {
  42  protected:
  43   QuicClientSessionTest()
  44       : connection_(
  45             new PacketSavingConnection(false, SupportedVersions(GetParam()))),
  46         session_(connection_, GetSocket().Pass(), nullptr,
  47                  &transport_security_state_,
  48                  make_scoped_ptr((QuicServerInfo*)nullptr), DefaultQuicConfig(),
  49                  base::MessageLoop::current()->message_loop_proxy().get(),
  50                  &net_log_) {
  51     session_.InitializeSession(QuicServerId(kServerHostname, kServerPort, false,
  52                                             PRIVACY_MODE_DISABLED),
  53                                 &crypto_config_, nullptr);
  54   }
  55
  56   virtual void TearDown() override {
  57     session_.CloseSessionOnError(ERR_ABORTED);
  58   }
  59
  60   scoped_ptr<DatagramClientSocket> GetSocket() {
  61     socket_factory_.AddSocketDataProvider(&socket_data_);
  62     return socket_factory_.CreateDatagramClientSocket(
  63         DatagramSocket::DEFAULT_BIND, base::Bind(&base::RandInt),
  64         &net_log_, NetLog::Source());
  65   }
  66
  67   void CompleteCryptoHandshake() {
  68     ASSERT_EQ(ERR_IO_PENDING,
  69               session_.CryptoConnect(false, callback_.callback()));
  70     CryptoTestUtils::HandshakeWithFakeServer(
  71         connection_, session_.GetCryptoStream());
  72     ASSERT_EQ(OK, callback_.WaitForResult());
  73   }
  74
  75   PacketSavingConnection* connection_;
  76   CapturingNetLog net_log_;
  77   MockClientSocketFactory socket_factory_;
  78   StaticSocketDataProvider socket_data_;
  79   TransportSecurityState transport_security_state_;
  80   QuicClientSession session_;
  81   MockClock clock_;
  82   MockRandom random_;
  83   QuicConnectionVisitorInterface* visitor_;
  84   TestCompletionCallback callback_;
  85   QuicCryptoClientConfig crypto_config_;
  86 };
  87
  88 INSTANTIATE_TEST_CASE_P(Tests, QuicClientSessionTest,
  89                         ::testing::ValuesIn(QuicSupportedVersions()));
  90
  91 TEST_P(QuicClientSessionTest, CryptoConnect) {
  92   CompleteCryptoHandshake();
  93 }
  94
  95 TEST_P(QuicClientSessionTest, MaxNumStreams) {
  96   CompleteCryptoHandshake();
  97
  98   std::vector<QuicReliableClientStream*> streams;
  99   for (size_t i = 0; i < kDefaultMaxStreamsPerConnection; i++) {
 100     QuicReliableClientStream* stream = session_.CreateOutgoingDataStream();
 101     EXPECT_TRUE(stream);
 102     streams.push_back(stream);
 103   }
 104   EXPECT_FALSE(session_.CreateOutgoingDataStream());
 105
 106   // Close a stream and ensure I can now open a new one.
 107   session_.CloseStream(streams[0]->id());
 108   EXPECT_TRUE(session_.CreateOutgoingDataStream());
 109 }
 110
 111 TEST_P(QuicClientSessionTest, MaxNumStreamsViaRequest) {
 112   CompleteCryptoHandshake();
 113
 114   std::vector<QuicReliableClientStream*> streams;
 115   for (size_t i = 0; i < kDefaultMaxStreamsPerConnection; i++) {
 116     QuicReliableClientStream* stream = session_.CreateOutgoingDataStream();
 117     EXPECT_TRUE(stream);
 118     streams.push_back(stream);
 119   }
 120
 121   QuicReliableClientStream* stream;
 122   QuicClientSession::StreamRequest stream_request;
 123   TestCompletionCallback callback;
 124   ASSERT_EQ(ERR_IO_PENDING,
 125             stream_request.StartRequest(session_.GetWeakPtr(), &stream,
 126                                         callback.callback()));
 127
 128   // Close a stream and ensure I can now open a new one.
 129   session_.CloseStream(streams[0]->id());
 130   ASSERT_TRUE(callback.have_result());
 131   EXPECT_EQ(OK, callback.WaitForResult());
 132   EXPECT_TRUE(stream != nullptr);
 133 }
 134
 135 TEST_P(QuicClientSessionTest, GoAwayReceived) {
 136   CompleteCryptoHandshake();
 137
 138   // After receiving a GoAway, I should no longer be able to create outgoing
 139   // streams.
 140   session_.OnGoAway(QuicGoAwayFrame(QUIC_PEER_GOING_AWAY, 1u, "Going away."));
 141   EXPECT_EQ(nullptr, session_.CreateOutgoingDataStream());
 142 }
 143
 144 TEST_P(QuicClientSessionTest, CanPool) {
 145   // Load a cert that is valid for:
 146   //   www.example.org
 147   //   mail.example.org
 148   //   www.example.com
 149
 150   ProofVerifyDetailsChromium details;
 151   details.cert_verify_result.verified_cert =
 152       ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
 153   ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
 154
 155   session_.OnProofVerifyDetailsAvailable(details);
 156   CompleteCryptoHandshake();
 157
 158
 159   EXPECT_TRUE(session_.CanPool("www.example.org"));
 160   EXPECT_TRUE(session_.CanPool("mail.example.org"));
 161   EXPECT_TRUE(session_.CanPool("mail.example.com"));
 162   EXPECT_FALSE(session_.CanPool("mail.google.com"));
 163 }
 164
 165 TEST_P(QuicClientSessionTest, ConnectionPooledWithTlsChannelId) {
 166   // Load a cert that is valid for:
 167   //   www.example.org
 168   //   mail.example.org
 169   //   www.example.com
 170
 171   ProofVerifyDetailsChromium details;
 172   details.cert_verify_result.verified_cert =
 173       ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
 174   ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
 175
 176   session_.OnProofVerifyDetailsAvailable(details);
 177   CompleteCryptoHandshake();
 178   QuicClientSessionPeer::SetChannelIDSent(&session_, true);
 179
 180   EXPECT_TRUE(session_.CanPool("www.example.org"));
 181   EXPECT_TRUE(session_.CanPool("mail.example.org"));
 182   EXPECT_FALSE(session_.CanPool("mail.example.com"));
 183   EXPECT_FALSE(session_.CanPool("mail.google.com"));
 184 }
 185
 186 TEST_P(QuicClientSessionTest, ConnectionNotPooledWithDifferentPin) {
 187   uint8 primary_pin = 1;
 188   uint8 backup_pin = 2;
 189   uint8 bad_pin = 3;
 190   AddPin(&transport_security_state_, "mail.example.org", primary_pin,
 191          backup_pin);
 192
 193   ProofVerifyDetailsChromium details;
 194   details.cert_verify_result.verified_cert =
 195       ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
 196   details.cert_verify_result.is_issued_by_known_root = true;
 197   details.cert_verify_result.public_key_hashes.push_back(
 198       GetTestHashValue(bad_pin));
 199
 200   ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
 201
 202   session_.OnProofVerifyDetailsAvailable(details);
 203   CompleteCryptoHandshake();
 204   QuicClientSessionPeer::SetChannelIDSent(&session_, true);
 205
 206   EXPECT_FALSE(session_.CanPool("mail.example.org"));
 207 }
 208
 209 TEST_P(QuicClientSessionTest, ConnectionPooledWithMatchingPin) {
 210   uint8 primary_pin = 1;
 211   uint8 backup_pin = 2;
 212   AddPin(&transport_security_state_, "mail.example.org", primary_pin,
 213          backup_pin);
 214
 215   ProofVerifyDetailsChromium details;
 216   details.cert_verify_result.verified_cert =
 217       ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
 218   details.cert_verify_result.is_issued_by_known_root = true;
 219   details.cert_verify_result.public_key_hashes.push_back(
 220       GetTestHashValue(primary_pin));
 221
 222   ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
 223
 224   session_.OnProofVerifyDetailsAvailable(details);
 225   CompleteCryptoHandshake();
 226   QuicClientSessionPeer::SetChannelIDSent(&session_, true);
 227
 228   EXPECT_TRUE(session_.CanPool("mail.example.org"));
 229 }
 230
 231 }  // namespace
 232 }  // namespace test
 233 }  // namespace net