search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Don't show supervised user as "already on this device" while they're being imported.
[chromium-blink-merge.git] / net / quic / quic_client_session_test.cc
blobb6457ec2dbf6a824947c04a4ceedcbbbffb92a5b
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/quic_client_session.h"
6
7 #include <vector>
8
9 #include "base/base64.h"
10 #include "base/files/file_path.h"
11 #include "base/rand_util.h"
12 #include "net/base/test_completion_callback.h"
13 #include "net/base/test_data_directory.h"
14 #include "net/cert/cert_verify_result.h"
15 #include "net/http/transport_security_state.h"
16 #include "net/log/test_net_log.h"
17 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
18 #include "net/quic/crypto/crypto_protocol.h"
19 #include "net/quic/crypto/proof_verifier_chromium.h"
20 #include "net/quic/crypto/quic_decrypter.h"
21 #include "net/quic/crypto/quic_encrypter.h"
22 #include "net/quic/crypto/quic_server_info.h"
23 #include "net/quic/test_tools/crypto_test_utils.h"
24 #include "net/quic/test_tools/quic_client_session_peer.h"
25 #include "net/quic/test_tools/quic_test_utils.h"
26 #include "net/quic/test_tools/simple_quic_framer.h"
27 #include "net/socket/socket_test_util.h"
28 #include "net/spdy/spdy_test_utils.h"
29 #include "net/test/cert_test_util.h"
30 #include "net/udp/datagram_client_socket.h"
31
32 using testing::_;
33
34 namespace net {
35 namespace test {
36 namespace {
37
38 const char kServerHostname[] = "www.example.org";
39 const uint16 kServerPort = 80;
40
41 class QuicClientSessionTest : public ::testing::TestWithParam<QuicVersion> {
42 protected:
43 QuicClientSessionTest()
44 : connection_(new PacketSavingConnection(Perspective::IS_CLIENT,
45 SupportedVersions(GetParam()))),
46 session_(connection_,
47 GetSocket().Pass(),
48 nullptr,
49 &transport_security_state_,
50 make_scoped_ptr((QuicServerInfo*)nullptr),
51 DefaultQuicConfig(),
52 "CONNECTION_UNKNOWN",
53 base::TimeTicks::Now(),
54 base::MessageLoop::current()->message_loop_proxy().get(),
55 &net_log_) {
56 session_.InitializeSession(QuicServerId(kServerHostname, kServerPort,
57 /*is_secure=*/false,
58 PRIVACY_MODE_DISABLED),
59 &crypto_config_, nullptr);
60 // Advance the time, because timers do not like uninitialized times.
61 connection_->AdvanceTime(QuicTime::Delta::FromSeconds(1));
62 }
63
64 void TearDown() override {
65 session_.CloseSessionOnError(ERR_ABORTED, QUIC_INTERNAL_ERROR);
66 }
67
68 scoped_ptr<DatagramClientSocket> GetSocket() {
69 socket_factory_.AddSocketDataProvider(&socket_data_);
70 return socket_factory_.CreateDatagramClientSocket(
71 DatagramSocket::DEFAULT_BIND, base::Bind(&base::RandInt),
72 &net_log_, NetLog::Source());
73 }
74
75 void CompleteCryptoHandshake() {
76 ASSERT_EQ(ERR_IO_PENDING,
77 session_.CryptoConnect(false, callback_.callback()));
78 CryptoTestUtils::HandshakeWithFakeServer(
79 connection_, session_.GetCryptoStream());
80 ASSERT_EQ(OK, callback_.WaitForResult());
81 }
82
83 PacketSavingConnection* connection_;
84 TestNetLog net_log_;
85 MockClientSocketFactory socket_factory_;
86 StaticSocketDataProvider socket_data_;
87 TransportSecurityState transport_security_state_;
88 QuicClientSession session_;
89 MockClock clock_;
90 MockRandom random_;
91 QuicConnectionVisitorInterface* visitor_;
92 TestCompletionCallback callback_;
93 QuicCryptoClientConfig crypto_config_;
94 };
95
96 INSTANTIATE_TEST_CASE_P(Tests, QuicClientSessionTest,
97 ::testing::ValuesIn(QuicSupportedVersions()));
98
99 TEST_P(QuicClientSessionTest, CryptoConnect) {
100 CompleteCryptoHandshake();
101 }
102
103 TEST_P(QuicClientSessionTest, MaxNumStreams) {
104 CompleteCryptoHandshake();
105
106 std::vector<QuicReliableClientStream*> streams;
107 for (size_t i = 0; i < kDefaultMaxStreamsPerConnection; i++) {
108 QuicReliableClientStream* stream = session_.CreateOutgoingDataStream();
109 EXPECT_TRUE(stream);
110 streams.push_back(stream);
111 }
112 EXPECT_FALSE(session_.CreateOutgoingDataStream());
113
114 // Close a stream and ensure I can now open a new one.
115 session_.CloseStream(streams[0]->id());
116 EXPECT_TRUE(session_.CreateOutgoingDataStream());
117 }
118
119 TEST_P(QuicClientSessionTest, MaxNumStreamsViaRequest) {
120 CompleteCryptoHandshake();
121
122 std::vector<QuicReliableClientStream*> streams;
123 for (size_t i = 0; i < kDefaultMaxStreamsPerConnection; i++) {
124 QuicReliableClientStream* stream = session_.CreateOutgoingDataStream();
125 EXPECT_TRUE(stream);
126 streams.push_back(stream);
127 }
128
129 QuicReliableClientStream* stream;
130 QuicClientSession::StreamRequest stream_request;
131 TestCompletionCallback callback;
132 ASSERT_EQ(ERR_IO_PENDING,
133 stream_request.StartRequest(session_.GetWeakPtr(), &stream,
134 callback.callback()));
135
136 // Close a stream and ensure I can now open a new one.
137 session_.CloseStream(streams[0]->id());
138 ASSERT_TRUE(callback.have_result());
139 EXPECT_EQ(OK, callback.WaitForResult());
140 EXPECT_TRUE(stream != nullptr);
141 }
142
143 TEST_P(QuicClientSessionTest, GoAwayReceived) {
144 CompleteCryptoHandshake();
145
146 // After receiving a GoAway, I should no longer be able to create outgoing
147 // streams.
148 session_.OnGoAway(QuicGoAwayFrame(QUIC_PEER_GOING_AWAY, 1u, "Going away."));
149 EXPECT_EQ(nullptr, session_.CreateOutgoingDataStream());
150 }
151
152 TEST_P(QuicClientSessionTest, CanPool) {
153 // Load a cert that is valid for:
154 // www.example.org
155 // mail.example.org
156 // www.example.com
157
158 ProofVerifyDetailsChromium details;
159 details.cert_verify_result.verified_cert =
160 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
161 ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
162
163 session_.OnProofVerifyDetailsAvailable(details);
164 CompleteCryptoHandshake();
165
166 EXPECT_TRUE(session_.CanPool("www.example.org", PRIVACY_MODE_DISABLED));
167 EXPECT_FALSE(session_.CanPool("www.example.org", PRIVACY_MODE_ENABLED));
168 EXPECT_TRUE(session_.CanPool("mail.example.org", PRIVACY_MODE_DISABLED));
169 EXPECT_TRUE(session_.CanPool("mail.example.com", PRIVACY_MODE_DISABLED));
170 EXPECT_FALSE(session_.CanPool("mail.google.com", PRIVACY_MODE_DISABLED));
171 }
172
173 TEST_P(QuicClientSessionTest, ConnectionPooledWithTlsChannelId) {
174 // Load a cert that is valid for:
175 // www.example.org
176 // mail.example.org
177 // www.example.com
178
179 ProofVerifyDetailsChromium details;
180 details.cert_verify_result.verified_cert =
181 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
182 ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
183
184 session_.OnProofVerifyDetailsAvailable(details);
185 CompleteCryptoHandshake();
186 QuicClientSessionPeer::SetChannelIDSent(&session_, true);
187
188 EXPECT_TRUE(session_.CanPool("www.example.org", PRIVACY_MODE_DISABLED));
189 EXPECT_TRUE(session_.CanPool("mail.example.org", PRIVACY_MODE_DISABLED));
190 EXPECT_FALSE(session_.CanPool("mail.example.com", PRIVACY_MODE_DISABLED));
191 EXPECT_FALSE(session_.CanPool("mail.google.com", PRIVACY_MODE_DISABLED));
192 }
193
194 TEST_P(QuicClientSessionTest, ConnectionNotPooledWithDifferentPin) {
195 uint8 primary_pin = 1;
196 uint8 backup_pin = 2;
197 uint8 bad_pin = 3;
198 AddPin(&transport_security_state_, "mail.example.org", primary_pin,
199 backup_pin);
200
201 ProofVerifyDetailsChromium details;
202 details.cert_verify_result.verified_cert =
203 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
204 details.cert_verify_result.is_issued_by_known_root = true;
205 details.cert_verify_result.public_key_hashes.push_back(
206 GetTestHashValue(bad_pin));
207
208 ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
209
210 session_.OnProofVerifyDetailsAvailable(details);
211 CompleteCryptoHandshake();
212 QuicClientSessionPeer::SetChannelIDSent(&session_, true);
213
214 EXPECT_FALSE(session_.CanPool("mail.example.org", PRIVACY_MODE_DISABLED));
215 }
216
217 TEST_P(QuicClientSessionTest, ConnectionPooledWithMatchingPin) {
218 uint8 primary_pin = 1;
219 uint8 backup_pin = 2;
220 AddPin(&transport_security_state_, "mail.example.org", primary_pin,
221 backup_pin);
222
223 ProofVerifyDetailsChromium details;
224 details.cert_verify_result.verified_cert =
225 ImportCertFromFile(GetTestCertsDirectory(), "spdy_pooling.pem");
226 details.cert_verify_result.is_issued_by_known_root = true;
227 details.cert_verify_result.public_key_hashes.push_back(
228 GetTestHashValue(primary_pin));
229
230 ASSERT_TRUE(details.cert_verify_result.verified_cert.get());
231
232 session_.OnProofVerifyDetailsAvailable(details);
233 CompleteCryptoHandshake();
234 QuicClientSessionPeer::SetChannelIDSent(&session_, true);
235
236 EXPECT_TRUE(session_.CanPool("mail.example.org", PRIVACY_MODE_DISABLED));
237 }
238
239 } // namespace
240 } // namespace test
241 } // namespace net