search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add integration browser tests for settings hardening.
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
blob55b94bf2c6bf25ce83fde485f05efbe605a9525d
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/run_loop.h"
10 #include "base/strings/string_util.h"
11 #include "base/strings/utf_string_conversions.h"
12 #include "base/time/time.h"
13 #include "net/base/auth.h"
14 #include "net/base/load_timing_info.h"
15 #include "net/base/load_timing_info_test_util.h"
16 #include "net/base/net_errors.h"
17 #include "net/base/test_completion_callback.h"
18 #include "net/cert/cert_verifier.h"
19 #include "net/dns/mock_host_resolver.h"
20 #include "net/http/http_auth_handler_factory.h"
21 #include "net/http/http_network_session.h"
22 #include "net/http/http_request_headers.h"
23 #include "net/http/http_response_headers.h"
24 #include "net/http/http_server_properties_impl.h"
25 #include "net/proxy/proxy_service.h"
26 #include "net/socket/client_socket_handle.h"
27 #include "net/socket/client_socket_pool_histograms.h"
28 #include "net/socket/next_proto.h"
29 #include "net/socket/socket_test_util.h"
30 #include "net/spdy/spdy_session.h"
31 #include "net/spdy/spdy_session_pool.h"
32 #include "net/spdy/spdy_test_util_common.h"
33 #include "net/ssl/ssl_config_service_defaults.h"
34 #include "net/test/test_certificate_data.h"
35 #include "testing/gtest/include/gtest/gtest.h"
36
37 namespace net {
38
39 namespace {
40
41 const int kMaxSockets = 32;
42 const int kMaxSocketsPerGroup = 6;
43
44 // Make sure |handle|'s load times are set correctly. DNS and connect start
45 // times comes from mock client sockets in these tests, so primarily serves to
46 // check those times were copied, and ssl times / connect end are set correctly.
47 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
48 LoadTimingInfo load_timing_info;
49 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
50
51 EXPECT_FALSE(load_timing_info.socket_reused);
52 // None of these tests use a NetLog.
53 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
54
55 ExpectConnectTimingHasTimes(
56 load_timing_info.connect_timing,
57 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
58 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
59 }
60
61 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
62 // tests over proxies that do DNS lookups themselves.
63 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
64 LoadTimingInfo load_timing_info;
65 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
66
67 // None of these tests use a NetLog.
68 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
69
70 EXPECT_FALSE(load_timing_info.socket_reused);
71
72 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
73 CONNECT_TIMING_HAS_SSL_TIMES);
74 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
75 }
76
77 class SSLClientSocketPoolTest
78 : public testing::Test,
79 public ::testing::WithParamInterface<NextProto> {
80 protected:
81 SSLClientSocketPoolTest()
82 : proxy_service_(ProxyService::CreateDirect()),
83 ssl_config_service_(new SSLConfigServiceDefaults),
84 http_auth_handler_factory_(
85 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
86 session_(CreateNetworkSession()),
87 direct_transport_socket_params_(
88 new TransportSocketParams(HostPortPair("host", 443),
89 false,
90 false,
91 OnHostResolutionCallback())),
92 transport_histograms_("MockTCP"),
93 transport_socket_pool_(kMaxSockets,
94 kMaxSocketsPerGroup,
95 &transport_histograms_,
96 &socket_factory_),
97 proxy_transport_socket_params_(
98 new TransportSocketParams(HostPortPair("proxy", 443),
99 false,
100 false,
101 OnHostResolutionCallback())),
102 socks_socket_params_(
103 new SOCKSSocketParams(proxy_transport_socket_params_,
104 true,
105 HostPortPair("sockshost", 443))),
106 socks_histograms_("MockSOCKS"),
107 socks_socket_pool_(kMaxSockets,
108 kMaxSocketsPerGroup,
109 &socks_histograms_,
110 &transport_socket_pool_),
111 http_proxy_socket_params_(
112 new HttpProxySocketParams(proxy_transport_socket_params_,
113 NULL,
114 GURL("http://host"),
115 std::string(),
116 HostPortPair("host", 80),
117 session_->http_auth_cache(),
118 session_->http_auth_handler_factory(),
119 session_->spdy_session_pool(),
120 true)),
121 http_proxy_histograms_("MockHttpProxy"),
122 http_proxy_socket_pool_(kMaxSockets,
123 kMaxSocketsPerGroup,
124 &http_proxy_histograms_,
125 &host_resolver_,
126 &transport_socket_pool_,
127 NULL,
128 NULL),
129 enable_ssl_connect_job_waiting_(false) {
130 scoped_refptr<SSLConfigService> ssl_config_service(
131 new SSLConfigServiceDefaults);
132 ssl_config_service->GetSSLConfig(&ssl_config_);
133 }
134
135 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
136 ssl_histograms_.reset(new ClientSocketPoolHistograms("SSLUnitTest"));
137 pool_.reset(new SSLClientSocketPool(
138 kMaxSockets,
139 kMaxSocketsPerGroup,
140 ssl_histograms_.get(),
141 NULL /* host_resolver */,
142 NULL /* cert_verifier */,
143 NULL /* channel_id_service */,
144 NULL /* transport_security_state */,
145 NULL /* cert_transparency_verifier */,
146 std::string() /* ssl_session_cache_shard */,
147 &socket_factory_,
148 transport_pool ? &transport_socket_pool_ : NULL,
149 socks_pool ? &socks_socket_pool_ : NULL,
150 http_proxy_pool ? &http_proxy_socket_pool_ : NULL,
151 NULL,
152 enable_ssl_connect_job_waiting_,
153 NULL));
154 }
155
156 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
157 bool want_spdy_over_npn) {
158 return make_scoped_refptr(new SSLSocketParams(
159 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
160 : NULL,
161 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
162 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
163 HostPortPair("host", 443),
164 ssl_config_,
165 PRIVACY_MODE_DISABLED,
166 0,
167 false,
168 want_spdy_over_npn));
169 }
170
171 void AddAuthToCache() {
172 const base::string16 kFoo(base::ASCIIToUTF16("foo"));
173 const base::string16 kBar(base::ASCIIToUTF16("bar"));
174 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
175 "MyRealm1",
176 HttpAuth::AUTH_SCHEME_BASIC,
177 "Basic realm=MyRealm1",
178 AuthCredentials(kFoo, kBar),
179 "/");
180 }
181
182 HttpNetworkSession* CreateNetworkSession() {
183 HttpNetworkSession::Params params;
184 params.host_resolver = &host_resolver_;
185 params.cert_verifier = cert_verifier_.get();
186 params.transport_security_state = transport_security_state_.get();
187 params.proxy_service = proxy_service_.get();
188 params.client_socket_factory = &socket_factory_;
189 params.ssl_config_service = ssl_config_service_.get();
190 params.http_auth_handler_factory = http_auth_handler_factory_.get();
191 params.http_server_properties =
192 http_server_properties_.GetWeakPtr();
193 params.enable_spdy_compression = false;
194 params.spdy_default_protocol = GetParam();
195 return new HttpNetworkSession(params);
196 }
197
198 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
199
200 MockClientSocketFactory socket_factory_;
201 MockCachingHostResolver host_resolver_;
202 scoped_ptr<CertVerifier> cert_verifier_;
203 scoped_ptr<TransportSecurityState> transport_security_state_;
204 const scoped_ptr<ProxyService> proxy_service_;
205 const scoped_refptr<SSLConfigService> ssl_config_service_;
206 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
207 HttpServerPropertiesImpl http_server_properties_;
208 const scoped_refptr<HttpNetworkSession> session_;
209
210 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
211 ClientSocketPoolHistograms transport_histograms_;
212 MockTransportClientSocketPool transport_socket_pool_;
213
214 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
215
216 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
217 ClientSocketPoolHistograms socks_histograms_;
218 MockSOCKSClientSocketPool socks_socket_pool_;
219
220 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
221 ClientSocketPoolHistograms http_proxy_histograms_;
222 HttpProxyClientSocketPool http_proxy_socket_pool_;
223
224 SSLConfig ssl_config_;
225 scoped_ptr<ClientSocketPoolHistograms> ssl_histograms_;
226 scoped_ptr<SSLClientSocketPool> pool_;
227
228 bool enable_ssl_connect_job_waiting_;
229 };
230
231 INSTANTIATE_TEST_CASE_P(
232 NextProto,
233 SSLClientSocketPoolTest,
234 testing::Values(kProtoDeprecatedSPDY2,
235 kProtoSPDY3, kProtoSPDY31, kProtoSPDY4));
236
237 // Tests that the final socket will connect even if all sockets
238 // prior to it fail.
239 //
240 // All sockets should wait for the first socket to attempt to
241 // connect. Once it fails to connect, all other sockets should
242 // attempt to connect. All should fail, except the final socket.
243 TEST_P(SSLClientSocketPoolTest, AllSocketsFailButLast) {
244 // Although we request four sockets, the first three socket connect
245 // failures cause the socket pool to create three more sockets because
246 // there are pending requests.
247 StaticSocketDataProvider data1;
248 StaticSocketDataProvider data2;
249 StaticSocketDataProvider data3;
250 StaticSocketDataProvider data4;
251 StaticSocketDataProvider data5;
252 StaticSocketDataProvider data6;
253 StaticSocketDataProvider data7;
254 socket_factory_.AddSocketDataProvider(&data1);
255 socket_factory_.AddSocketDataProvider(&data2);
256 socket_factory_.AddSocketDataProvider(&data3);
257 socket_factory_.AddSocketDataProvider(&data4);
258 socket_factory_.AddSocketDataProvider(&data5);
259 socket_factory_.AddSocketDataProvider(&data6);
260 socket_factory_.AddSocketDataProvider(&data7);
261 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
262 ssl.is_in_session_cache = false;
263 SSLSocketDataProvider ssl2(ASYNC, ERR_SSL_PROTOCOL_ERROR);
264 ssl2.is_in_session_cache = false;
265 SSLSocketDataProvider ssl3(ASYNC, ERR_SSL_PROTOCOL_ERROR);
266 ssl3.is_in_session_cache = false;
267 SSLSocketDataProvider ssl4(ASYNC, OK);
268 ssl4.is_in_session_cache = false;
269 SSLSocketDataProvider ssl5(ASYNC, OK);
270 ssl5.is_in_session_cache = false;
271 SSLSocketDataProvider ssl6(ASYNC, OK);
272 ssl6.is_in_session_cache = false;
273 SSLSocketDataProvider ssl7(ASYNC, OK);
274 ssl7.is_in_session_cache = false;
275
276 socket_factory_.AddSSLSocketDataProvider(&ssl);
277 socket_factory_.AddSSLSocketDataProvider(&ssl2);
278 socket_factory_.AddSSLSocketDataProvider(&ssl3);
279 socket_factory_.AddSSLSocketDataProvider(&ssl4);
280 socket_factory_.AddSSLSocketDataProvider(&ssl5);
281 socket_factory_.AddSSLSocketDataProvider(&ssl6);
282 socket_factory_.AddSSLSocketDataProvider(&ssl7);
283
284 enable_ssl_connect_job_waiting_ = true;
285 CreatePool(true, false, false);
286
287 scoped_refptr<SSLSocketParams> params1 =
288 SSLParams(ProxyServer::SCHEME_DIRECT, false);
289 scoped_refptr<SSLSocketParams> params2 =
290 SSLParams(ProxyServer::SCHEME_DIRECT, false);
291 scoped_refptr<SSLSocketParams> params3 =
292 SSLParams(ProxyServer::SCHEME_DIRECT, false);
293 scoped_refptr<SSLSocketParams> params4 =
294 SSLParams(ProxyServer::SCHEME_DIRECT, false);
295 ClientSocketHandle handle1;
296 ClientSocketHandle handle2;
297 ClientSocketHandle handle3;
298 ClientSocketHandle handle4;
299 TestCompletionCallback callback1;
300 TestCompletionCallback callback2;
301 TestCompletionCallback callback3;
302 TestCompletionCallback callback4;
303
304 handle1.Init(
305 "b", params1, MEDIUM, callback1.callback(), pool_.get(), BoundNetLog());
306 handle2.Init(
307 "b", params2, MEDIUM, callback2.callback(), pool_.get(), BoundNetLog());
308 handle3.Init(
309 "b", params3, MEDIUM, callback3.callback(), pool_.get(), BoundNetLog());
310 handle4.Init(
311 "b", params4, MEDIUM, callback4.callback(), pool_.get(), BoundNetLog());
312
313 base::RunLoop().RunUntilIdle();
314
315 // Only the last socket should have connected.
316 EXPECT_FALSE(handle1.socket());
317 EXPECT_FALSE(handle2.socket());
318 EXPECT_FALSE(handle3.socket());
319 EXPECT_TRUE(handle4.socket()->IsConnected());
320 }
321
322 // Tests that sockets will still connect in parallel if the
323 // EnableSSLConnectJobWaiting flag is not enabled.
324 TEST_P(SSLClientSocketPoolTest, SocketsConnectWithoutFlag) {
325 StaticSocketDataProvider data1;
326 StaticSocketDataProvider data2;
327 StaticSocketDataProvider data3;
328 socket_factory_.AddSocketDataProvider(&data1);
329 socket_factory_.AddSocketDataProvider(&data2);
330 socket_factory_.AddSocketDataProvider(&data3);
331
332 SSLSocketDataProvider ssl(ASYNC, OK);
333 ssl.is_in_session_cache = false;
334 ssl.should_block_on_connect = true;
335 SSLSocketDataProvider ssl2(ASYNC, OK);
336 ssl2.is_in_session_cache = false;
337 ssl2.should_block_on_connect = true;
338 SSLSocketDataProvider ssl3(ASYNC, OK);
339 ssl3.is_in_session_cache = false;
340 ssl3.should_block_on_connect = true;
341 socket_factory_.AddSSLSocketDataProvider(&ssl);
342 socket_factory_.AddSSLSocketDataProvider(&ssl2);
343 socket_factory_.AddSSLSocketDataProvider(&ssl3);
344
345 CreatePool(true, false, false);
346
347 scoped_refptr<SSLSocketParams> params1 =
348 SSLParams(ProxyServer::SCHEME_DIRECT, false);
349 scoped_refptr<SSLSocketParams> params2 =
350 SSLParams(ProxyServer::SCHEME_DIRECT, false);
351 scoped_refptr<SSLSocketParams> params3 =
352 SSLParams(ProxyServer::SCHEME_DIRECT, false);
353 ClientSocketHandle handle1;
354 ClientSocketHandle handle2;
355 ClientSocketHandle handle3;
356 TestCompletionCallback callback1;
357 TestCompletionCallback callback2;
358 TestCompletionCallback callback3;
359
360 handle1.Init(
361 "b", params1, MEDIUM, callback1.callback(), pool_.get(), BoundNetLog());
362 handle2.Init(
363 "b", params2, MEDIUM, callback2.callback(), pool_.get(), BoundNetLog());
364 handle3.Init(
365 "b", params3, MEDIUM, callback3.callback(), pool_.get(), BoundNetLog());
366
367 base::RunLoop().RunUntilIdle();
368
369 std::vector<MockSSLClientSocket*> sockets =
370 socket_factory_.ssl_client_sockets();
371
372 // All sockets should have started their connections.
373 for (std::vector<MockSSLClientSocket*>::iterator it = sockets.begin();
374 it != sockets.end();
375 ++it) {
376 EXPECT_TRUE((*it)->reached_connect());
377 }
378
379 // Resume connecting all of the sockets.
380 for (std::vector<MockSSLClientSocket*>::iterator it = sockets.begin();
381 it != sockets.end();
382 ++it) {
383 (*it)->RestartPausedConnect();
384 }
385
386 callback1.WaitForResult();
387 callback2.WaitForResult();
388 callback3.WaitForResult();
389
390 EXPECT_TRUE(handle1.socket()->IsConnected());
391 EXPECT_TRUE(handle2.socket()->IsConnected());
392 EXPECT_TRUE(handle3.socket()->IsConnected());
393 }
394
395 // Tests that the pool deleting an SSLConnectJob will not cause a crash,
396 // or prevent pending sockets from connecting.
397 TEST_P(SSLClientSocketPoolTest, DeletedSSLConnectJob) {
398 StaticSocketDataProvider data1;
399 StaticSocketDataProvider data2;
400 StaticSocketDataProvider data3;
401 socket_factory_.AddSocketDataProvider(&data1);
402 socket_factory_.AddSocketDataProvider(&data2);
403 socket_factory_.AddSocketDataProvider(&data3);
404
405 SSLSocketDataProvider ssl(ASYNC, OK);
406 ssl.is_in_session_cache = false;
407 ssl.should_block_on_connect = true;
408 SSLSocketDataProvider ssl2(ASYNC, OK);
409 ssl2.is_in_session_cache = false;
410 SSLSocketDataProvider ssl3(ASYNC, OK);
411 ssl3.is_in_session_cache = false;
412 socket_factory_.AddSSLSocketDataProvider(&ssl);
413 socket_factory_.AddSSLSocketDataProvider(&ssl2);
414 socket_factory_.AddSSLSocketDataProvider(&ssl3);
415
416 enable_ssl_connect_job_waiting_ = true;
417 CreatePool(true, false, false);
418
419 scoped_refptr<SSLSocketParams> params1 =
420 SSLParams(ProxyServer::SCHEME_DIRECT, false);
421 scoped_refptr<SSLSocketParams> params2 =
422 SSLParams(ProxyServer::SCHEME_DIRECT, false);
423 scoped_refptr<SSLSocketParams> params3 =
424 SSLParams(ProxyServer::SCHEME_DIRECT, false);
425 ClientSocketHandle handle1;
426 ClientSocketHandle handle2;
427 ClientSocketHandle handle3;
428 TestCompletionCallback callback1;
429 TestCompletionCallback callback2;
430 TestCompletionCallback callback3;
431
432 handle1.Init(
433 "b", params1, MEDIUM, callback1.callback(), pool_.get(), BoundNetLog());
434 handle2.Init(
435 "b", params2, MEDIUM, callback2.callback(), pool_.get(), BoundNetLog());
436 handle3.Init(
437 "b", params3, MEDIUM, callback3.callback(), pool_.get(), BoundNetLog());
438
439 // Allow the connections to proceed until the first socket has started
440 // connecting.
441 base::RunLoop().RunUntilIdle();
442
443 std::vector<MockSSLClientSocket*> sockets =
444 socket_factory_.ssl_client_sockets();
445
446 pool_->CancelRequest("b", &handle2);
447
448 sockets[0]->RestartPausedConnect();
449
450 callback1.WaitForResult();
451 callback3.WaitForResult();
452
453 EXPECT_TRUE(handle1.socket()->IsConnected());
454 EXPECT_FALSE(handle2.socket());
455 EXPECT_TRUE(handle3.socket()->IsConnected());
456 }
457
458 // Tests that all pending sockets still connect when the pool deletes a pending
459 // SSLConnectJob which immediately followed a failed leading connection.
460 TEST_P(SSLClientSocketPoolTest, DeletedSocketAfterFail) {
461 StaticSocketDataProvider data1;
462 StaticSocketDataProvider data2;
463 StaticSocketDataProvider data3;
464 StaticSocketDataProvider data4;
465 socket_factory_.AddSocketDataProvider(&data1);
466 socket_factory_.AddSocketDataProvider(&data2);
467 socket_factory_.AddSocketDataProvider(&data3);
468 socket_factory_.AddSocketDataProvider(&data4);
469
470 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
471 ssl.is_in_session_cache = false;
472 ssl.should_block_on_connect = true;
473 SSLSocketDataProvider ssl2(ASYNC, OK);
474 ssl2.is_in_session_cache = false;
475 SSLSocketDataProvider ssl3(ASYNC, OK);
476 ssl3.is_in_session_cache = false;
477 SSLSocketDataProvider ssl4(ASYNC, OK);
478 ssl4.is_in_session_cache = false;
479 socket_factory_.AddSSLSocketDataProvider(&ssl);
480 socket_factory_.AddSSLSocketDataProvider(&ssl2);
481 socket_factory_.AddSSLSocketDataProvider(&ssl3);
482 socket_factory_.AddSSLSocketDataProvider(&ssl4);
483
484 enable_ssl_connect_job_waiting_ = true;
485 CreatePool(true, false, false);
486
487 scoped_refptr<SSLSocketParams> params1 =
488 SSLParams(ProxyServer::SCHEME_DIRECT, false);
489 scoped_refptr<SSLSocketParams> params2 =
490 SSLParams(ProxyServer::SCHEME_DIRECT, false);
491 scoped_refptr<SSLSocketParams> params3 =
492 SSLParams(ProxyServer::SCHEME_DIRECT, false);
493 ClientSocketHandle handle1;
494 ClientSocketHandle handle2;
495 ClientSocketHandle handle3;
496 TestCompletionCallback callback1;
497 TestCompletionCallback callback2;
498 TestCompletionCallback callback3;
499
500 handle1.Init(
501 "b", params1, MEDIUM, callback1.callback(), pool_.get(), BoundNetLog());
502 handle2.Init(
503 "b", params2, MEDIUM, callback2.callback(), pool_.get(), BoundNetLog());
504 handle3.Init(
505 "b", params3, MEDIUM, callback3.callback(), pool_.get(), BoundNetLog());
506
507 // Allow the connections to proceed until the first socket has started
508 // connecting.
509 base::RunLoop().RunUntilIdle();
510
511 std::vector<MockSSLClientSocket*> sockets =
512 socket_factory_.ssl_client_sockets();
513
514 EXPECT_EQ(3u, sockets.size());
515 EXPECT_TRUE(sockets[0]->reached_connect());
516 EXPECT_FALSE(handle1.socket());
517
518 pool_->CancelRequest("b", &handle2);
519
520 sockets[0]->RestartPausedConnect();
521
522 callback1.WaitForResult();
523 callback3.WaitForResult();
524
525 EXPECT_FALSE(handle1.socket());
526 EXPECT_FALSE(handle2.socket());
527 EXPECT_TRUE(handle3.socket()->IsConnected());
528 }
529
530 // Make sure that sockets still connect after the leader socket's
531 // connection fails.
532 TEST_P(SSLClientSocketPoolTest, SimultaneousConnectJobsFail) {
533 StaticSocketDataProvider data1;
534 StaticSocketDataProvider data2;
535 StaticSocketDataProvider data3;
536 StaticSocketDataProvider data4;
537 StaticSocketDataProvider data5;
538 socket_factory_.AddSocketDataProvider(&data1);
539 socket_factory_.AddSocketDataProvider(&data2);
540 socket_factory_.AddSocketDataProvider(&data3);
541 socket_factory_.AddSocketDataProvider(&data4);
542 socket_factory_.AddSocketDataProvider(&data5);
543 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
544 ssl.is_in_session_cache = false;
545 ssl.should_block_on_connect = true;
546 SSLSocketDataProvider ssl2(ASYNC, OK);
547 ssl2.is_in_session_cache = false;
548 ssl2.should_block_on_connect = true;
549 SSLSocketDataProvider ssl3(ASYNC, OK);
550 ssl3.is_in_session_cache = false;
551 SSLSocketDataProvider ssl4(ASYNC, OK);
552 ssl4.is_in_session_cache = false;
553 SSLSocketDataProvider ssl5(ASYNC, OK);
554 ssl5.is_in_session_cache = false;
555
556 socket_factory_.AddSSLSocketDataProvider(&ssl);
557 socket_factory_.AddSSLSocketDataProvider(&ssl2);
558 socket_factory_.AddSSLSocketDataProvider(&ssl3);
559 socket_factory_.AddSSLSocketDataProvider(&ssl4);
560 socket_factory_.AddSSLSocketDataProvider(&ssl5);
561
562 enable_ssl_connect_job_waiting_ = true;
563 CreatePool(true, false, false);
564 scoped_refptr<SSLSocketParams> params1 =
565 SSLParams(ProxyServer::SCHEME_DIRECT, false);
566 scoped_refptr<SSLSocketParams> params2 =
567 SSLParams(ProxyServer::SCHEME_DIRECT, false);
568 scoped_refptr<SSLSocketParams> params3 =
569 SSLParams(ProxyServer::SCHEME_DIRECT, false);
570 scoped_refptr<SSLSocketParams> params4 =
571 SSLParams(ProxyServer::SCHEME_DIRECT, false);
572 ClientSocketHandle handle1;
573 ClientSocketHandle handle2;
574 ClientSocketHandle handle3;
575 ClientSocketHandle handle4;
576 TestCompletionCallback callback1;
577 TestCompletionCallback callback2;
578 TestCompletionCallback callback3;
579 TestCompletionCallback callback4;
580 handle1.Init(
581 "b", params1, MEDIUM, callback1.callback(), pool_.get(), BoundNetLog());
582 handle2.Init(
583 "b", params2, MEDIUM, callback2.callback(), pool_.get(), BoundNetLog());
584 handle3.Init(
585 "b", params3, MEDIUM, callback3.callback(), pool_.get(), BoundNetLog());
586 handle4.Init(
587 "b", params4, MEDIUM, callback4.callback(), pool_.get(), BoundNetLog());
588
589 base::RunLoop().RunUntilIdle();
590
591 std::vector<MockSSLClientSocket*> sockets =
592 socket_factory_.ssl_client_sockets();
593
594 std::vector<MockSSLClientSocket*>::const_iterator it = sockets.begin();
595
596 // The first socket should have had Connect called on it.
597 EXPECT_TRUE((*it)->reached_connect());
598 ++it;
599
600 // No other socket should have reached connect yet.
601 for (; it != sockets.end(); ++it)
602 EXPECT_FALSE((*it)->reached_connect());
603
604 // Allow the first socket to resume it's connection process.
605 sockets[0]->RestartPausedConnect();
606
607 base::RunLoop().RunUntilIdle();
608
609 // The second socket should have reached connect.
610 EXPECT_TRUE(sockets[1]->reached_connect());
611
612 // Allow the second socket to continue its connection.
613 sockets[1]->RestartPausedConnect();
614
615 base::RunLoop().RunUntilIdle();
616
617 EXPECT_FALSE(handle1.socket());
618 EXPECT_TRUE(handle2.socket()->IsConnected());
619 EXPECT_TRUE(handle3.socket()->IsConnected());
620 EXPECT_TRUE(handle4.socket()->IsConnected());
621 }
622
623 // Make sure that no sockets connect before the "leader" socket,
624 // given that the leader has a successful connection.
625 TEST_P(SSLClientSocketPoolTest, SimultaneousConnectJobsSuccess) {
626 StaticSocketDataProvider data1;
627 StaticSocketDataProvider data2;
628 StaticSocketDataProvider data3;
629 socket_factory_.AddSocketDataProvider(&data1);
630 socket_factory_.AddSocketDataProvider(&data2);
631 socket_factory_.AddSocketDataProvider(&data3);
632
633 SSLSocketDataProvider ssl(ASYNC, OK);
634 ssl.is_in_session_cache = false;
635 ssl.should_block_on_connect = true;
636 SSLSocketDataProvider ssl2(ASYNC, OK);
637 ssl2.is_in_session_cache = false;
638 SSLSocketDataProvider ssl3(ASYNC, OK);
639 ssl3.is_in_session_cache = false;
640 socket_factory_.AddSSLSocketDataProvider(&ssl);
641 socket_factory_.AddSSLSocketDataProvider(&ssl2);
642 socket_factory_.AddSSLSocketDataProvider(&ssl3);
643
644 enable_ssl_connect_job_waiting_ = true;
645 CreatePool(true, false, false);
646
647 scoped_refptr<SSLSocketParams> params1 =
648 SSLParams(ProxyServer::SCHEME_DIRECT, false);
649 scoped_refptr<SSLSocketParams> params2 =
650 SSLParams(ProxyServer::SCHEME_DIRECT, false);
651 scoped_refptr<SSLSocketParams> params3 =
652 SSLParams(ProxyServer::SCHEME_DIRECT, false);
653 ClientSocketHandle handle1;
654 ClientSocketHandle handle2;
655 ClientSocketHandle handle3;
656 TestCompletionCallback callback1;
657 TestCompletionCallback callback2;
658 TestCompletionCallback callback3;
659
660 handle1.Init(
661 "b", params1, MEDIUM, callback1.callback(), pool_.get(), BoundNetLog());
662 handle2.Init(
663 "b", params2, MEDIUM, callback2.callback(), pool_.get(), BoundNetLog());
664 handle3.Init(
665 "b", params3, MEDIUM, callback3.callback(), pool_.get(), BoundNetLog());
666
667 // Allow the connections to proceed until the first socket has finished
668 // connecting.
669 base::RunLoop().RunUntilIdle();
670
671 std::vector<MockSSLClientSocket*> sockets =
672 socket_factory_.ssl_client_sockets();
673
674 std::vector<MockSSLClientSocket*>::const_iterator it = sockets.begin();
675 // The first socket should have reached connect.
676 EXPECT_TRUE((*it)->reached_connect());
677 ++it;
678 // No other socket should have reached connect yet.
679 for (; it != sockets.end(); ++it)
680 EXPECT_FALSE((*it)->reached_connect());
681
682 sockets[0]->RestartPausedConnect();
683
684 callback1.WaitForResult();
685 callback2.WaitForResult();
686 callback3.WaitForResult();
687
688 EXPECT_TRUE(handle1.socket()->IsConnected());
689 EXPECT_TRUE(handle2.socket()->IsConnected());
690 EXPECT_TRUE(handle3.socket()->IsConnected());
691 }
692
693 TEST_P(SSLClientSocketPoolTest, TCPFail) {
694 StaticSocketDataProvider data;
695 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
696 socket_factory_.AddSocketDataProvider(&data);
697
698 CreatePool(true /* tcp pool */, false, false);
699 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
700 false);
701
702 ClientSocketHandle handle;
703 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
704 BoundNetLog());
705 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
706 EXPECT_FALSE(handle.is_initialized());
707 EXPECT_FALSE(handle.socket());
708 EXPECT_FALSE(handle.is_ssl_error());
709 }
710
711 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
712 StaticSocketDataProvider data;
713 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
714 socket_factory_.AddSocketDataProvider(&data);
715
716 CreatePool(true /* tcp pool */, false, false);
717 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
718 false);
719
720 ClientSocketHandle handle;
721 TestCompletionCallback callback;
722 int rv = handle.Init(
723 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
724 EXPECT_EQ(ERR_IO_PENDING, rv);
725 EXPECT_FALSE(handle.is_initialized());
726 EXPECT_FALSE(handle.socket());
727
728 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
729 EXPECT_FALSE(handle.is_initialized());
730 EXPECT_FALSE(handle.socket());
731 EXPECT_FALSE(handle.is_ssl_error());
732 }
733
734 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
735 StaticSocketDataProvider data;
736 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
737 socket_factory_.AddSocketDataProvider(&data);
738 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
739 socket_factory_.AddSSLSocketDataProvider(&ssl);
740
741 CreatePool(true /* tcp pool */, false, false);
742 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
743 false);
744
745 ClientSocketHandle handle;
746 TestCompletionCallback callback;
747 int rv = handle.Init(
748 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
749 EXPECT_EQ(OK, rv);
750 EXPECT_TRUE(handle.is_initialized());
751 EXPECT_TRUE(handle.socket());
752 TestLoadTimingInfo(handle);
753 }
754
755 // Make sure that SSLConnectJob passes on its priority to its
756 // socket request on Init (for the DIRECT case).
757 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
758 CreatePool(true /* tcp pool */, false, false);
759 scoped_refptr<SSLSocketParams> params =
760 SSLParams(ProxyServer::SCHEME_DIRECT, false);
761
762 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) {
763 RequestPriority priority = static_cast<RequestPriority>(i);
764 StaticSocketDataProvider data;
765 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
766 socket_factory_.AddSocketDataProvider(&data);
767 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
768 socket_factory_.AddSSLSocketDataProvider(&ssl);
769
770 ClientSocketHandle handle;
771 TestCompletionCallback callback;
772 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
773 pool_.get(), BoundNetLog()));
774 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
775 handle.socket()->Disconnect();
776 }
777 }
778
779 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
780 StaticSocketDataProvider data;
781 socket_factory_.AddSocketDataProvider(&data);
782 SSLSocketDataProvider ssl(ASYNC, OK);
783 socket_factory_.AddSSLSocketDataProvider(&ssl);
784
785 CreatePool(true /* tcp pool */, false, false);
786 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
787 false);
788
789 ClientSocketHandle handle;
790 TestCompletionCallback callback;
791 int rv = handle.Init(
792 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
793 EXPECT_EQ(ERR_IO_PENDING, rv);
794 EXPECT_FALSE(handle.is_initialized());
795 EXPECT_FALSE(handle.socket());
796
797 EXPECT_EQ(OK, callback.WaitForResult());
798 EXPECT_TRUE(handle.is_initialized());
799 EXPECT_TRUE(handle.socket());
800 TestLoadTimingInfo(handle);
801 }
802
803 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
804 StaticSocketDataProvider data;
805 socket_factory_.AddSocketDataProvider(&data);
806 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
807 socket_factory_.AddSSLSocketDataProvider(&ssl);
808
809 CreatePool(true /* tcp pool */, false, false);
810 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
811 false);
812
813 ClientSocketHandle handle;
814 TestCompletionCallback callback;
815 int rv = handle.Init(
816 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
817 EXPECT_EQ(ERR_IO_PENDING, rv);
818 EXPECT_FALSE(handle.is_initialized());
819 EXPECT_FALSE(handle.socket());
820
821 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
822 EXPECT_TRUE(handle.is_initialized());
823 EXPECT_TRUE(handle.socket());
824 TestLoadTimingInfo(handle);
825 }
826
827 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
828 StaticSocketDataProvider data;
829 socket_factory_.AddSocketDataProvider(&data);
830 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
831 socket_factory_.AddSSLSocketDataProvider(&ssl);
832
833 CreatePool(true /* tcp pool */, false, false);
834 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
835 false);
836
837 ClientSocketHandle handle;
838 TestCompletionCallback callback;
839 int rv = handle.Init(
840 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
841 EXPECT_EQ(ERR_IO_PENDING, rv);
842 EXPECT_FALSE(handle.is_initialized());
843 EXPECT_FALSE(handle.socket());
844
845 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
846 EXPECT_FALSE(handle.is_initialized());
847 EXPECT_FALSE(handle.socket());
848 EXPECT_TRUE(handle.is_ssl_error());
849 }
850
851 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
852 StaticSocketDataProvider data;
853 socket_factory_.AddSocketDataProvider(&data);
854 SSLSocketDataProvider ssl(ASYNC, OK);
855 ssl.SetNextProto(kProtoHTTP11);
856 socket_factory_.AddSSLSocketDataProvider(&ssl);
857
858 CreatePool(true /* tcp pool */, false, false);
859 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
860 false);
861
862 ClientSocketHandle handle;
863 TestCompletionCallback callback;
864 int rv = handle.Init(
865 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
866 EXPECT_EQ(ERR_IO_PENDING, rv);
867 EXPECT_FALSE(handle.is_initialized());
868 EXPECT_FALSE(handle.socket());
869
870 EXPECT_EQ(OK, callback.WaitForResult());
871 EXPECT_TRUE(handle.is_initialized());
872 EXPECT_TRUE(handle.socket());
873 TestLoadTimingInfo(handle);
874 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
875 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
876 }
877
878 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
879 StaticSocketDataProvider data;
880 socket_factory_.AddSocketDataProvider(&data);
881 SSLSocketDataProvider ssl(ASYNC, OK);
882 ssl.SetNextProto(kProtoHTTP11);
883 socket_factory_.AddSSLSocketDataProvider(&ssl);
884
885 CreatePool(true /* tcp pool */, false, false);
886 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
887 true);
888
889 ClientSocketHandle handle;
890 TestCompletionCallback callback;
891 int rv = handle.Init(
892 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
893 EXPECT_EQ(ERR_IO_PENDING, rv);
894 EXPECT_FALSE(handle.is_initialized());
895 EXPECT_FALSE(handle.socket());
896
897 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
898 EXPECT_FALSE(handle.is_initialized());
899 EXPECT_FALSE(handle.socket());
900 EXPECT_TRUE(handle.is_ssl_error());
901 }
902
903 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
904 StaticSocketDataProvider data;
905 socket_factory_.AddSocketDataProvider(&data);
906 SSLSocketDataProvider ssl(ASYNC, OK);
907 ssl.SetNextProto(GetParam());
908 socket_factory_.AddSSLSocketDataProvider(&ssl);
909
910 CreatePool(true /* tcp pool */, false, false);
911 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
912 true);
913
914 ClientSocketHandle handle;
915 TestCompletionCallback callback;
916 int rv = handle.Init(
917 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
918 EXPECT_EQ(ERR_IO_PENDING, rv);
919 EXPECT_FALSE(handle.is_initialized());
920 EXPECT_FALSE(handle.socket());
921
922 EXPECT_EQ(OK, callback.WaitForResult());
923 EXPECT_TRUE(handle.is_initialized());
924 EXPECT_TRUE(handle.socket());
925 TestLoadTimingInfo(handle);
926
927 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
928 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
929 std::string proto;
930 ssl_socket->GetNextProto(&proto);
931 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
932 }
933
934 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
935 StaticSocketDataProvider data;
936 socket_factory_.AddSocketDataProvider(&data);
937 SSLSocketDataProvider ssl(ASYNC, OK);
938 ssl.SetNextProto(GetParam());
939 socket_factory_.AddSSLSocketDataProvider(&ssl);
940
941 CreatePool(true /* tcp pool */, false, false);
942 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
943 true);
944
945 ClientSocketHandle handle;
946 TestCompletionCallback callback;
947 int rv = handle.Init(
948 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
949 EXPECT_EQ(ERR_IO_PENDING, rv);
950 EXPECT_FALSE(handle.is_initialized());
951 EXPECT_FALSE(handle.socket());
952
953 EXPECT_EQ(OK, callback.WaitForResult());
954 EXPECT_TRUE(handle.is_initialized());
955 EXPECT_TRUE(handle.socket());
956 TestLoadTimingInfo(handle);
957
958 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
959 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
960 std::string proto;
961 ssl_socket->GetNextProto(&proto);
962 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
963 }
964
965 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
966 StaticSocketDataProvider data;
967 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
968 socket_factory_.AddSocketDataProvider(&data);
969
970 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
971 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
972 false);
973
974 ClientSocketHandle handle;
975 TestCompletionCallback callback;
976 int rv = handle.Init(
977 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
978 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
979 EXPECT_FALSE(handle.is_initialized());
980 EXPECT_FALSE(handle.socket());
981 EXPECT_FALSE(handle.is_ssl_error());
982 }
983
984 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
985 StaticSocketDataProvider data;
986 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
987 socket_factory_.AddSocketDataProvider(&data);
988
989 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
990 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
991 false);
992
993 ClientSocketHandle handle;
994 TestCompletionCallback callback;
995 int rv = handle.Init(
996 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
997 EXPECT_EQ(ERR_IO_PENDING, rv);
998 EXPECT_FALSE(handle.is_initialized());
999 EXPECT_FALSE(handle.socket());
1000
1001 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
1002 EXPECT_FALSE(handle.is_initialized());
1003 EXPECT_FALSE(handle.socket());
1004 EXPECT_FALSE(handle.is_ssl_error());
1005 }
1006
1007 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
1008 StaticSocketDataProvider data;
1009 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
1010 socket_factory_.AddSocketDataProvider(&data);
1011 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
1012 socket_factory_.AddSSLSocketDataProvider(&ssl);
1013
1014 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1015 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
1016 false);
1017
1018 ClientSocketHandle handle;
1019 TestCompletionCallback callback;
1020 int rv = handle.Init(
1021 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1022 EXPECT_EQ(OK, rv);
1023 EXPECT_TRUE(handle.is_initialized());
1024 EXPECT_TRUE(handle.socket());
1025 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
1026 // don't go through the real logic, unlike in the HTTP proxy tests.
1027 TestLoadTimingInfo(handle);
1028 }
1029
1030 // Make sure that SSLConnectJob passes on its priority to its
1031 // transport socket on Init (for the SOCKS_PROXY case).
1032 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
1033 StaticSocketDataProvider data;
1034 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
1035 socket_factory_.AddSocketDataProvider(&data);
1036 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
1037 socket_factory_.AddSSLSocketDataProvider(&ssl);
1038
1039 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1040 scoped_refptr<SSLSocketParams> params =
1041 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
1042
1043 ClientSocketHandle handle;
1044 TestCompletionCallback callback;
1045 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
1046 pool_.get(), BoundNetLog()));
1047 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
1048 }
1049
1050 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
1051 StaticSocketDataProvider data;
1052 socket_factory_.AddSocketDataProvider(&data);
1053 SSLSocketDataProvider ssl(ASYNC, OK);
1054 socket_factory_.AddSSLSocketDataProvider(&ssl);
1055
1056 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1057 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
1058 false);
1059
1060 ClientSocketHandle handle;
1061 TestCompletionCallback callback;
1062 int rv = handle.Init(
1063 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1064 EXPECT_EQ(ERR_IO_PENDING, rv);
1065 EXPECT_FALSE(handle.is_initialized());
1066 EXPECT_FALSE(handle.socket());
1067
1068 EXPECT_EQ(OK, callback.WaitForResult());
1069 EXPECT_TRUE(handle.is_initialized());
1070 EXPECT_TRUE(handle.socket());
1071 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
1072 // don't go through the real logic, unlike in the HTTP proxy tests.
1073 TestLoadTimingInfo(handle);
1074 }
1075
1076 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
1077 StaticSocketDataProvider data;
1078 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
1079 socket_factory_.AddSocketDataProvider(&data);
1080
1081 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1082 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
1083 false);
1084
1085 ClientSocketHandle handle;
1086 TestCompletionCallback callback;
1087 int rv = handle.Init(
1088 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1089 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
1090 EXPECT_FALSE(handle.is_initialized());
1091 EXPECT_FALSE(handle.socket());
1092 EXPECT_FALSE(handle.is_ssl_error());
1093 }
1094
1095 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
1096 StaticSocketDataProvider data;
1097 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
1098 socket_factory_.AddSocketDataProvider(&data);
1099
1100 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1101 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
1102 false);
1103
1104 ClientSocketHandle handle;
1105 TestCompletionCallback callback;
1106 int rv = handle.Init(
1107 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1108 EXPECT_EQ(ERR_IO_PENDING, rv);
1109 EXPECT_FALSE(handle.is_initialized());
1110 EXPECT_FALSE(handle.socket());
1111
1112 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
1113 EXPECT_FALSE(handle.is_initialized());
1114 EXPECT_FALSE(handle.socket());
1115 EXPECT_FALSE(handle.is_ssl_error());
1116 }
1117
1118 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
1119 MockWrite writes[] = {
1120 MockWrite(SYNCHRONOUS,
1121 "CONNECT host:80 HTTP/1.1\r\n"
1122 "Host: host\r\n"
1123 "Proxy-Connection: keep-alive\r\n"
1124 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
1125 };
1126 MockRead reads[] = {
1127 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
1128 };
1129 StaticSocketDataProvider data(reads, arraysize(reads), writes,
1130 arraysize(writes));
1131 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
1132 socket_factory_.AddSocketDataProvider(&data);
1133 AddAuthToCache();
1134 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
1135 socket_factory_.AddSSLSocketDataProvider(&ssl);
1136
1137 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1138 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
1139 false);
1140
1141 ClientSocketHandle handle;
1142 TestCompletionCallback callback;
1143 int rv = handle.Init(
1144 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1145 EXPECT_EQ(OK, rv);
1146 EXPECT_TRUE(handle.is_initialized());
1147 EXPECT_TRUE(handle.socket());
1148 TestLoadTimingInfoNoDns(handle);
1149 }
1150
1151 // Make sure that SSLConnectJob passes on its priority to its
1152 // transport socket on Init (for the HTTP_PROXY case).
1153 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
1154 MockWrite writes[] = {
1155 MockWrite(SYNCHRONOUS,
1156 "CONNECT host:80 HTTP/1.1\r\n"
1157 "Host: host\r\n"
1158 "Proxy-Connection: keep-alive\r\n"
1159 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
1160 };
1161 MockRead reads[] = {
1162 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
1163 };
1164 StaticSocketDataProvider data(reads, arraysize(reads), writes,
1165 arraysize(writes));
1166 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
1167 socket_factory_.AddSocketDataProvider(&data);
1168 AddAuthToCache();
1169 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
1170 socket_factory_.AddSSLSocketDataProvider(&ssl);
1171
1172 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1173 scoped_refptr<SSLSocketParams> params =
1174 SSLParams(ProxyServer::SCHEME_HTTP, false);
1175
1176 ClientSocketHandle handle;
1177 TestCompletionCallback callback;
1178 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
1179 pool_.get(), BoundNetLog()));
1180 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
1181 }
1182
1183 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
1184 MockWrite writes[] = {
1185 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
1186 "Host: host\r\n"
1187 "Proxy-Connection: keep-alive\r\n"
1188 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
1189 };
1190 MockRead reads[] = {
1191 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
1192 };
1193 StaticSocketDataProvider data(reads, arraysize(reads), writes,
1194 arraysize(writes));
1195 socket_factory_.AddSocketDataProvider(&data);
1196 AddAuthToCache();
1197 SSLSocketDataProvider ssl(ASYNC, OK);
1198 socket_factory_.AddSSLSocketDataProvider(&ssl);
1199
1200 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1201 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
1202 false);
1203
1204 ClientSocketHandle handle;
1205 TestCompletionCallback callback;
1206 int rv = handle.Init(
1207 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1208 EXPECT_EQ(ERR_IO_PENDING, rv);
1209 EXPECT_FALSE(handle.is_initialized());
1210 EXPECT_FALSE(handle.socket());
1211
1212 EXPECT_EQ(OK, callback.WaitForResult());
1213 EXPECT_TRUE(handle.is_initialized());
1214 EXPECT_TRUE(handle.socket());
1215 TestLoadTimingInfoNoDns(handle);
1216 }
1217
1218 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
1219 MockWrite writes[] = {
1220 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
1221 "Host: host\r\n"
1222 "Proxy-Connection: keep-alive\r\n\r\n"),
1223 };
1224 MockRead reads[] = {
1225 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
1226 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
1227 MockRead("Content-Length: 10\r\n\r\n"),
1228 MockRead("0123456789"),
1229 };
1230 StaticSocketDataProvider data(reads, arraysize(reads), writes,
1231 arraysize(writes));
1232 socket_factory_.AddSocketDataProvider(&data);
1233 SSLSocketDataProvider ssl(ASYNC, OK);
1234 socket_factory_.AddSSLSocketDataProvider(&ssl);
1235
1236 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
1237 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
1238 false);
1239
1240 ClientSocketHandle handle;
1241 TestCompletionCallback callback;
1242 int rv = handle.Init(
1243 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
1244 EXPECT_EQ(ERR_IO_PENDING, rv);
1245 EXPECT_FALSE(handle.is_initialized());
1246 EXPECT_FALSE(handle.socket());
1247
1248 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
1249 EXPECT_FALSE(handle.is_initialized());
1250 EXPECT_FALSE(handle.socket());
1251 EXPECT_FALSE(handle.is_ssl_error());
1252 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
1253 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
1254 scoped_ptr<ClientSocketHandle> tunnel_handle(
1255 handle.release_pending_http_proxy_connection());
1256 EXPECT_TRUE(tunnel_handle->socket());
1257 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
1258 }
1259
1260 // TODO(rch): re-enable this.
1261 TEST_P(SSLClientSocketPoolTest, DISABLED_IPPooling) {
1262 const int kTestPort = 80;
1263 struct TestHosts {
1264 std::string name;
1265 std::string iplist;
1266 SpdySessionKey key;
1267 AddressList addresses;
1268 } test_hosts[] = {
1269 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
1270 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
1271 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
1272 };
1273
1274 host_resolver_.set_synchronous_mode(true);
1275 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
1276 host_resolver_.rules()->AddIPLiteralRule(
1277 test_hosts[i].name, test_hosts[i].iplist, std::string());
1278
1279 // This test requires that the HostResolver cache be populated. Normal
1280 // code would have done this already, but we do it manually.
1281 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
1282 host_resolver_.Resolve(info,
1283 DEFAULT_PRIORITY,
1284 &test_hosts[i].addresses,
1285 CompletionCallback(),
1286 NULL,
1287 BoundNetLog());
1288
1289 // Setup a SpdySessionKey
1290 test_hosts[i].key = SpdySessionKey(
1291 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
1292 PRIVACY_MODE_DISABLED);
1293 }
1294
1295 MockRead reads[] = {
1296 MockRead(ASYNC, ERR_IO_PENDING),
1297 };
1298 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
1299 socket_factory_.AddSocketDataProvider(&data);
1300 SSLSocketDataProvider ssl(ASYNC, OK);
1301 ssl.cert = X509Certificate::CreateFromBytes(
1302 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
1303 ssl.SetNextProto(GetParam());
1304 socket_factory_.AddSSLSocketDataProvider(&ssl);
1305
1306 CreatePool(true /* tcp pool */, false, false);
1307 base::WeakPtr<SpdySession> spdy_session =
1308 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
1309
1310 EXPECT_TRUE(
1311 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
1312 EXPECT_FALSE(
1313 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
1314 EXPECT_TRUE(
1315 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
1316
1317 session_->spdy_session_pool()->CloseAllSessions();
1318 }
1319
1320 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
1321 SSLSocketDataProvider* ssl) {
1322 const int kTestPort = 80;
1323 struct TestHosts {
1324 std::string name;
1325 std::string iplist;
1326 SpdySessionKey key;
1327 AddressList addresses;
1328 } test_hosts[] = {
1329 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
1330 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
1331 };
1332
1333 TestCompletionCallback callback;
1334 int rv;
1335 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
1336 host_resolver_.rules()->AddIPLiteralRule(
1337 test_hosts[i].name, test_hosts[i].iplist, std::string());
1338
1339 // This test requires that the HostResolver cache be populated. Normal
1340 // code would have done this already, but we do it manually.
1341 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
1342 rv = host_resolver_.Resolve(info,
1343 DEFAULT_PRIORITY,
1344 &test_hosts[i].addresses,
1345 callback.callback(),
1346 NULL,
1347 BoundNetLog());
1348 EXPECT_EQ(OK, callback.GetResult(rv));
1349
1350 // Setup a SpdySessionKey
1351 test_hosts[i].key = SpdySessionKey(
1352 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
1353 PRIVACY_MODE_DISABLED);
1354 }
1355
1356 MockRead reads[] = {
1357 MockRead(ASYNC, ERR_IO_PENDING),
1358 };
1359 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
1360 socket_factory_.AddSocketDataProvider(&data);
1361 socket_factory_.AddSSLSocketDataProvider(ssl);
1362
1363 CreatePool(true /* tcp pool */, false, false);
1364 base::WeakPtr<SpdySession> spdy_session =
1365 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
1366
1367 EXPECT_TRUE(
1368 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
1369 EXPECT_FALSE(
1370 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
1371
1372 session_->spdy_session_pool()->CloseAllSessions();
1373 }
1374
1375 // Verifies that an SSL connection with client authentication disables SPDY IP
1376 // pooling.
1377 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
1378 SSLSocketDataProvider ssl(ASYNC, OK);
1379 ssl.cert = X509Certificate::CreateFromBytes(
1380 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
1381 ssl.client_cert_sent = true;
1382 ssl.SetNextProto(GetParam());
1383 TestIPPoolingDisabled(&ssl);
1384 }
1385
1386 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
1387 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
1388 SSLSocketDataProvider ssl(ASYNC, OK);
1389 ssl.channel_id_sent = true;
1390 ssl.SetNextProto(GetParam());
1391 TestIPPoolingDisabled(&ssl);
1392 }
1393
1394 // It would be nice to also test the timeouts in SSLClientSocketPool.
1395
1396 } // namespace
1397
1398 } // namespace net