search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "Fix broken channel icon in chrome://help on CrOS" and try again
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
blob48d667025b5cf6ef8efd9cd860f3a2f586455b3d
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "net/base/auth.h"
13 #include "net/base/load_timing_info.h"
14 #include "net/base/load_timing_info_test_util.h"
15 #include "net/base/net_errors.h"
16 #include "net/base/test_completion_callback.h"
17 #include "net/cert/cert_verifier.h"
18 #include "net/dns/mock_host_resolver.h"
19 #include "net/http/http_auth_handler_factory.h"
20 #include "net/http/http_network_session.h"
21 #include "net/http/http_request_headers.h"
22 #include "net/http/http_response_headers.h"
23 #include "net/http/http_server_properties_impl.h"
24 #include "net/http/transport_security_state.h"
25 #include "net/proxy/proxy_service.h"
26 #include "net/socket/client_socket_handle.h"
27 #include "net/socket/next_proto.h"
28 #include "net/socket/socket_test_util.h"
29 #include "net/spdy/spdy_session.h"
30 #include "net/spdy/spdy_session_pool.h"
31 #include "net/spdy/spdy_test_util_common.h"
32 #include "net/ssl/ssl_config_service_defaults.h"
33 #include "net/test/test_certificate_data.h"
34 #include "testing/gtest/include/gtest/gtest.h"
35
36 namespace net {
37
38 namespace {
39
40 const int kMaxSockets = 32;
41 const int kMaxSocketsPerGroup = 6;
42
43 // Make sure |handle|'s load times are set correctly. DNS and connect start
44 // times comes from mock client sockets in these tests, so primarily serves to
45 // check those times were copied, and ssl times / connect end are set correctly.
46 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
47 LoadTimingInfo load_timing_info;
48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
49
50 EXPECT_FALSE(load_timing_info.socket_reused);
51 // None of these tests use a NetLog.
52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
53
54 ExpectConnectTimingHasTimes(
55 load_timing_info.connect_timing,
56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
58 }
59
60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
61 // tests over proxies that do DNS lookups themselves.
62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
63 LoadTimingInfo load_timing_info;
64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
65
66 // None of these tests use a NetLog.
67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
68
69 EXPECT_FALSE(load_timing_info.socket_reused);
70
71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
72 CONNECT_TIMING_HAS_SSL_TIMES);
73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
74 }
75
76 class SSLClientSocketPoolTest
77 : public testing::Test,
78 public ::testing::WithParamInterface<NextProto> {
79 protected:
80 SSLClientSocketPoolTest()
81 : transport_security_state_(new TransportSecurityState),
82 proxy_service_(ProxyService::CreateDirect()),
83 ssl_config_service_(new SSLConfigServiceDefaults),
84 http_auth_handler_factory_(
85 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
86 session_(CreateNetworkSession()),
87 direct_transport_socket_params_(new TransportSocketParams(
88 HostPortPair("host", 443),
89 false,
90 false,
91 OnHostResolutionCallback(),
92 TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)),
93 transport_socket_pool_(kMaxSockets,
94 kMaxSocketsPerGroup,
95 &socket_factory_),
96 proxy_transport_socket_params_(new TransportSocketParams(
97 HostPortPair("proxy", 443),
98 false,
99 false,
100 OnHostResolutionCallback(),
101 TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)),
102 socks_socket_params_(
103 new SOCKSSocketParams(proxy_transport_socket_params_,
104 true,
105 HostPortPair("sockshost", 443))),
106 socks_socket_pool_(kMaxSockets,
107 kMaxSocketsPerGroup,
108 &transport_socket_pool_),
109 http_proxy_socket_params_(
110 new HttpProxySocketParams(proxy_transport_socket_params_,
111 NULL,
112 std::string(),
113 HostPortPair("host", 80),
114 session_->http_auth_cache(),
115 session_->http_auth_handler_factory(),
116 session_->spdy_session_pool(),
117 true,
118 NULL)),
119 http_proxy_socket_pool_(kMaxSockets,
120 kMaxSocketsPerGroup,
121 &transport_socket_pool_,
122 NULL,
123 NULL) {
124 scoped_refptr<SSLConfigService> ssl_config_service(
125 new SSLConfigServiceDefaults);
126 ssl_config_service->GetSSLConfig(&ssl_config_);
127 }
128
129 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
130 pool_.reset(new SSLClientSocketPool(
131 kMaxSockets, kMaxSocketsPerGroup, NULL /* cert_verifier */,
132 NULL /* channel_id_service */, NULL /* transport_security_state */,
133 NULL /* cert_transparency_verifier */, NULL /* cert_policy_enforcer */,
134 std::string() /* ssl_session_cache_shard */, &socket_factory_,
135 transport_pool ? &transport_socket_pool_ : NULL,
136 socks_pool ? &socks_socket_pool_ : NULL,
137 http_proxy_pool ? &http_proxy_socket_pool_ : NULL, NULL, NULL));
138 }
139
140 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
141 bool expect_spdy) {
142 return make_scoped_refptr(new SSLSocketParams(
143 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
144 : NULL,
145 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
146 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
147 HostPortPair("host", 443), ssl_config_, PRIVACY_MODE_DISABLED, 0,
148 expect_spdy));
149 }
150
151 void AddAuthToCache() {
152 const base::string16 kFoo(base::ASCIIToUTF16("foo"));
153 const base::string16 kBar(base::ASCIIToUTF16("bar"));
154 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
155 "MyRealm1",
156 HttpAuth::AUTH_SCHEME_BASIC,
157 "Basic realm=MyRealm1",
158 AuthCredentials(kFoo, kBar),
159 "/");
160 }
161
162 HttpNetworkSession* CreateNetworkSession() {
163 HttpNetworkSession::Params params;
164 params.host_resolver = &host_resolver_;
165 params.cert_verifier = cert_verifier_.get();
166 params.transport_security_state = transport_security_state_.get();
167 params.proxy_service = proxy_service_.get();
168 params.client_socket_factory = &socket_factory_;
169 params.ssl_config_service = ssl_config_service_.get();
170 params.http_auth_handler_factory = http_auth_handler_factory_.get();
171 params.http_server_properties =
172 http_server_properties_.GetWeakPtr();
173 params.enable_spdy_compression = false;
174 params.spdy_default_protocol = GetParam();
175 return new HttpNetworkSession(params);
176 }
177
178 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
179
180 MockClientSocketFactory socket_factory_;
181 MockCachingHostResolver host_resolver_;
182 scoped_ptr<CertVerifier> cert_verifier_;
183 scoped_ptr<TransportSecurityState> transport_security_state_;
184 const scoped_ptr<ProxyService> proxy_service_;
185 const scoped_refptr<SSLConfigService> ssl_config_service_;
186 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
187 HttpServerPropertiesImpl http_server_properties_;
188 const scoped_refptr<HttpNetworkSession> session_;
189
190 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
191 MockTransportClientSocketPool transport_socket_pool_;
192
193 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
194
195 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
196 MockSOCKSClientSocketPool socks_socket_pool_;
197
198 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
199 HttpProxyClientSocketPool http_proxy_socket_pool_;
200
201 SSLConfig ssl_config_;
202 scoped_ptr<SSLClientSocketPool> pool_;
203 };
204
205 INSTANTIATE_TEST_CASE_P(NextProto,
206 SSLClientSocketPoolTest,
207 testing::Values(kProtoSPDY31,
208 kProtoHTTP2));
209
210 TEST_P(SSLClientSocketPoolTest, TCPFail) {
211 StaticSocketDataProvider data;
212 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
213 socket_factory_.AddSocketDataProvider(&data);
214
215 CreatePool(true /* tcp pool */, false, false);
216 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
217 false);
218
219 ClientSocketHandle handle;
220 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
221 BoundNetLog());
222 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
223 EXPECT_FALSE(handle.is_initialized());
224 EXPECT_FALSE(handle.socket());
225 EXPECT_FALSE(handle.is_ssl_error());
226 ASSERT_EQ(1u, handle.connection_attempts().size());
227 EXPECT_EQ(ERR_CONNECTION_FAILED, handle.connection_attempts()[0].result);
228 }
229
230 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
231 StaticSocketDataProvider data;
232 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
233 socket_factory_.AddSocketDataProvider(&data);
234
235 CreatePool(true /* tcp pool */, false, false);
236 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
237 false);
238
239 ClientSocketHandle handle;
240 TestCompletionCallback callback;
241 int rv = handle.Init(
242 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
243 EXPECT_EQ(ERR_IO_PENDING, rv);
244 EXPECT_FALSE(handle.is_initialized());
245 EXPECT_FALSE(handle.socket());
246
247 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
248 EXPECT_FALSE(handle.is_initialized());
249 EXPECT_FALSE(handle.socket());
250 EXPECT_FALSE(handle.is_ssl_error());
251 ASSERT_EQ(1u, handle.connection_attempts().size());
252 EXPECT_EQ(ERR_CONNECTION_FAILED, handle.connection_attempts()[0].result);
253 }
254
255 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
256 StaticSocketDataProvider data;
257 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
258 socket_factory_.AddSocketDataProvider(&data);
259 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
260 socket_factory_.AddSSLSocketDataProvider(&ssl);
261
262 CreatePool(true /* tcp pool */, false, false);
263 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
264 false);
265
266 ClientSocketHandle handle;
267 TestCompletionCallback callback;
268 int rv = handle.Init(
269 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
270 EXPECT_EQ(OK, rv);
271 EXPECT_TRUE(handle.is_initialized());
272 EXPECT_TRUE(handle.socket());
273 TestLoadTimingInfo(handle);
274 EXPECT_EQ(0u, handle.connection_attempts().size());
275 }
276
277 // Make sure that SSLConnectJob passes on its priority to its
278 // socket request on Init (for the DIRECT case).
279 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
280 CreatePool(true /* tcp pool */, false, false);
281 scoped_refptr<SSLSocketParams> params =
282 SSLParams(ProxyServer::SCHEME_DIRECT, false);
283
284 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) {
285 RequestPriority priority = static_cast<RequestPriority>(i);
286 StaticSocketDataProvider data;
287 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
288 socket_factory_.AddSocketDataProvider(&data);
289 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
290 socket_factory_.AddSSLSocketDataProvider(&ssl);
291
292 ClientSocketHandle handle;
293 TestCompletionCallback callback;
294 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
295 pool_.get(), BoundNetLog()));
296 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
297 handle.socket()->Disconnect();
298 }
299 }
300
301 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
302 StaticSocketDataProvider data;
303 socket_factory_.AddSocketDataProvider(&data);
304 SSLSocketDataProvider ssl(ASYNC, OK);
305 socket_factory_.AddSSLSocketDataProvider(&ssl);
306
307 CreatePool(true /* tcp pool */, false, false);
308 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
309 false);
310
311 ClientSocketHandle handle;
312 TestCompletionCallback callback;
313 int rv = handle.Init(
314 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
315 EXPECT_EQ(ERR_IO_PENDING, rv);
316 EXPECT_FALSE(handle.is_initialized());
317 EXPECT_FALSE(handle.socket());
318
319 EXPECT_EQ(OK, callback.WaitForResult());
320 EXPECT_TRUE(handle.is_initialized());
321 EXPECT_TRUE(handle.socket());
322 TestLoadTimingInfo(handle);
323 }
324
325 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
326 StaticSocketDataProvider data;
327 socket_factory_.AddSocketDataProvider(&data);
328 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
329 socket_factory_.AddSSLSocketDataProvider(&ssl);
330
331 CreatePool(true /* tcp pool */, false, false);
332 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
333 false);
334
335 ClientSocketHandle handle;
336 TestCompletionCallback callback;
337 int rv = handle.Init(
338 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
339 EXPECT_EQ(ERR_IO_PENDING, rv);
340 EXPECT_FALSE(handle.is_initialized());
341 EXPECT_FALSE(handle.socket());
342
343 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
344 EXPECT_TRUE(handle.is_initialized());
345 EXPECT_TRUE(handle.socket());
346 TestLoadTimingInfo(handle);
347 }
348
349 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
350 StaticSocketDataProvider data;
351 socket_factory_.AddSocketDataProvider(&data);
352 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
353 socket_factory_.AddSSLSocketDataProvider(&ssl);
354
355 CreatePool(true /* tcp pool */, false, false);
356 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
357 false);
358
359 ClientSocketHandle handle;
360 TestCompletionCallback callback;
361 int rv = handle.Init(
362 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
363 EXPECT_EQ(ERR_IO_PENDING, rv);
364 EXPECT_FALSE(handle.is_initialized());
365 EXPECT_FALSE(handle.socket());
366
367 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
368 EXPECT_FALSE(handle.is_initialized());
369 EXPECT_FALSE(handle.socket());
370 EXPECT_TRUE(handle.is_ssl_error());
371 }
372
373 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
374 StaticSocketDataProvider data;
375 socket_factory_.AddSocketDataProvider(&data);
376 SSLSocketDataProvider ssl(ASYNC, OK);
377 ssl.SetNextProto(kProtoHTTP11);
378 socket_factory_.AddSSLSocketDataProvider(&ssl);
379
380 CreatePool(true /* tcp pool */, false, false);
381 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
382 false);
383
384 ClientSocketHandle handle;
385 TestCompletionCallback callback;
386 int rv = handle.Init(
387 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
388 EXPECT_EQ(ERR_IO_PENDING, rv);
389 EXPECT_FALSE(handle.is_initialized());
390 EXPECT_FALSE(handle.socket());
391
392 EXPECT_EQ(OK, callback.WaitForResult());
393 EXPECT_TRUE(handle.is_initialized());
394 EXPECT_TRUE(handle.socket());
395 TestLoadTimingInfo(handle);
396 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
397 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
398 }
399
400 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
401 StaticSocketDataProvider data;
402 socket_factory_.AddSocketDataProvider(&data);
403 SSLSocketDataProvider ssl(ASYNC, OK);
404 ssl.SetNextProto(kProtoHTTP11);
405 socket_factory_.AddSSLSocketDataProvider(&ssl);
406
407 CreatePool(true /* tcp pool */, false, false);
408 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
409 true);
410
411 ClientSocketHandle handle;
412 TestCompletionCallback callback;
413 int rv = handle.Init(
414 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
415 EXPECT_EQ(ERR_IO_PENDING, rv);
416 EXPECT_FALSE(handle.is_initialized());
417 EXPECT_FALSE(handle.socket());
418
419 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
420 EXPECT_FALSE(handle.is_initialized());
421 EXPECT_FALSE(handle.socket());
422 EXPECT_TRUE(handle.is_ssl_error());
423 }
424
425 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
426 StaticSocketDataProvider data;
427 socket_factory_.AddSocketDataProvider(&data);
428 SSLSocketDataProvider ssl(ASYNC, OK);
429 ssl.SetNextProto(GetParam());
430 socket_factory_.AddSSLSocketDataProvider(&ssl);
431
432 CreatePool(true /* tcp pool */, false, false);
433 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
434 true);
435
436 ClientSocketHandle handle;
437 TestCompletionCallback callback;
438 int rv = handle.Init(
439 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
440 EXPECT_EQ(ERR_IO_PENDING, rv);
441 EXPECT_FALSE(handle.is_initialized());
442 EXPECT_FALSE(handle.socket());
443
444 EXPECT_EQ(OK, callback.WaitForResult());
445 EXPECT_TRUE(handle.is_initialized());
446 EXPECT_TRUE(handle.socket());
447 TestLoadTimingInfo(handle);
448
449 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
450 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
451 std::string proto;
452 ssl_socket->GetNextProto(&proto);
453 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
454 }
455
456 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
457 StaticSocketDataProvider data;
458 socket_factory_.AddSocketDataProvider(&data);
459 SSLSocketDataProvider ssl(ASYNC, OK);
460 ssl.SetNextProto(GetParam());
461 socket_factory_.AddSSLSocketDataProvider(&ssl);
462
463 CreatePool(true /* tcp pool */, false, false);
464 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
465 true);
466
467 ClientSocketHandle handle;
468 TestCompletionCallback callback;
469 int rv = handle.Init(
470 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
471 EXPECT_EQ(ERR_IO_PENDING, rv);
472 EXPECT_FALSE(handle.is_initialized());
473 EXPECT_FALSE(handle.socket());
474
475 EXPECT_EQ(OK, callback.WaitForResult());
476 EXPECT_TRUE(handle.is_initialized());
477 EXPECT_TRUE(handle.socket());
478 TestLoadTimingInfo(handle);
479
480 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
481 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
482 std::string proto;
483 ssl_socket->GetNextProto(&proto);
484 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
485 }
486
487 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
488 StaticSocketDataProvider data;
489 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
490 socket_factory_.AddSocketDataProvider(&data);
491
492 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
493 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
494 false);
495
496 ClientSocketHandle handle;
497 TestCompletionCallback callback;
498 int rv = handle.Init(
499 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
500 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
501 EXPECT_FALSE(handle.is_initialized());
502 EXPECT_FALSE(handle.socket());
503 EXPECT_FALSE(handle.is_ssl_error());
504 }
505
506 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
507 StaticSocketDataProvider data;
508 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
509 socket_factory_.AddSocketDataProvider(&data);
510
511 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
512 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
513 false);
514
515 ClientSocketHandle handle;
516 TestCompletionCallback callback;
517 int rv = handle.Init(
518 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
519 EXPECT_EQ(ERR_IO_PENDING, rv);
520 EXPECT_FALSE(handle.is_initialized());
521 EXPECT_FALSE(handle.socket());
522
523 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
524 EXPECT_FALSE(handle.is_initialized());
525 EXPECT_FALSE(handle.socket());
526 EXPECT_FALSE(handle.is_ssl_error());
527 }
528
529 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
530 StaticSocketDataProvider data;
531 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
532 socket_factory_.AddSocketDataProvider(&data);
533 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
534 socket_factory_.AddSSLSocketDataProvider(&ssl);
535
536 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
537 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
538 false);
539
540 ClientSocketHandle handle;
541 TestCompletionCallback callback;
542 int rv = handle.Init(
543 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
544 EXPECT_EQ(OK, rv);
545 EXPECT_TRUE(handle.is_initialized());
546 EXPECT_TRUE(handle.socket());
547 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
548 // don't go through the real logic, unlike in the HTTP proxy tests.
549 TestLoadTimingInfo(handle);
550 }
551
552 // Make sure that SSLConnectJob passes on its priority to its
553 // transport socket on Init (for the SOCKS_PROXY case).
554 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
555 StaticSocketDataProvider data;
556 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
557 socket_factory_.AddSocketDataProvider(&data);
558 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
559 socket_factory_.AddSSLSocketDataProvider(&ssl);
560
561 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
562 scoped_refptr<SSLSocketParams> params =
563 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
564
565 ClientSocketHandle handle;
566 TestCompletionCallback callback;
567 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
568 pool_.get(), BoundNetLog()));
569 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
570 }
571
572 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
573 StaticSocketDataProvider data;
574 socket_factory_.AddSocketDataProvider(&data);
575 SSLSocketDataProvider ssl(ASYNC, OK);
576 socket_factory_.AddSSLSocketDataProvider(&ssl);
577
578 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
579 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
580 false);
581
582 ClientSocketHandle handle;
583 TestCompletionCallback callback;
584 int rv = handle.Init(
585 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
586 EXPECT_EQ(ERR_IO_PENDING, rv);
587 EXPECT_FALSE(handle.is_initialized());
588 EXPECT_FALSE(handle.socket());
589
590 EXPECT_EQ(OK, callback.WaitForResult());
591 EXPECT_TRUE(handle.is_initialized());
592 EXPECT_TRUE(handle.socket());
593 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
594 // don't go through the real logic, unlike in the HTTP proxy tests.
595 TestLoadTimingInfo(handle);
596 }
597
598 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
599 StaticSocketDataProvider data;
600 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
601 socket_factory_.AddSocketDataProvider(&data);
602
603 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
604 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
605 false);
606
607 ClientSocketHandle handle;
608 TestCompletionCallback callback;
609 int rv = handle.Init(
610 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
611 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
612 EXPECT_FALSE(handle.is_initialized());
613 EXPECT_FALSE(handle.socket());
614 EXPECT_FALSE(handle.is_ssl_error());
615 }
616
617 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
618 StaticSocketDataProvider data;
619 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
620 socket_factory_.AddSocketDataProvider(&data);
621
622 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
623 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
624 false);
625
626 ClientSocketHandle handle;
627 TestCompletionCallback callback;
628 int rv = handle.Init(
629 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
630 EXPECT_EQ(ERR_IO_PENDING, rv);
631 EXPECT_FALSE(handle.is_initialized());
632 EXPECT_FALSE(handle.socket());
633
634 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
635 EXPECT_FALSE(handle.is_initialized());
636 EXPECT_FALSE(handle.socket());
637 EXPECT_FALSE(handle.is_ssl_error());
638 }
639
640 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
641 MockWrite writes[] = {
642 MockWrite(SYNCHRONOUS,
643 "CONNECT host:80 HTTP/1.1\r\n"
644 "Host: host:80\r\n"
645 "Proxy-Connection: keep-alive\r\n"
646 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
647 };
648 MockRead reads[] = {
649 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
650 };
651 StaticSocketDataProvider data(reads, arraysize(reads), writes,
652 arraysize(writes));
653 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
654 socket_factory_.AddSocketDataProvider(&data);
655 AddAuthToCache();
656 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
657 socket_factory_.AddSSLSocketDataProvider(&ssl);
658
659 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
660 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
661 false);
662
663 ClientSocketHandle handle;
664 TestCompletionCallback callback;
665 int rv = handle.Init(
666 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
667 EXPECT_EQ(OK, rv);
668 EXPECT_TRUE(handle.is_initialized());
669 EXPECT_TRUE(handle.socket());
670 TestLoadTimingInfoNoDns(handle);
671 }
672
673 // Make sure that SSLConnectJob passes on its priority to its
674 // transport socket on Init (for the HTTP_PROXY case).
675 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
676 MockWrite writes[] = {
677 MockWrite(SYNCHRONOUS,
678 "CONNECT host:80 HTTP/1.1\r\n"
679 "Host: host:80\r\n"
680 "Proxy-Connection: keep-alive\r\n"
681 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
682 };
683 MockRead reads[] = {
684 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
685 };
686 StaticSocketDataProvider data(reads, arraysize(reads), writes,
687 arraysize(writes));
688 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
689 socket_factory_.AddSocketDataProvider(&data);
690 AddAuthToCache();
691 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
692 socket_factory_.AddSSLSocketDataProvider(&ssl);
693
694 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
695 scoped_refptr<SSLSocketParams> params =
696 SSLParams(ProxyServer::SCHEME_HTTP, false);
697
698 ClientSocketHandle handle;
699 TestCompletionCallback callback;
700 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
701 pool_.get(), BoundNetLog()));
702 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
703 }
704
705 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
706 MockWrite writes[] = {
707 MockWrite(
708 "CONNECT host:80 HTTP/1.1\r\n"
709 "Host: host:80\r\n"
710 "Proxy-Connection: keep-alive\r\n"
711 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
712 };
713 MockRead reads[] = {
714 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
715 };
716 StaticSocketDataProvider data(reads, arraysize(reads), writes,
717 arraysize(writes));
718 socket_factory_.AddSocketDataProvider(&data);
719 AddAuthToCache();
720 SSLSocketDataProvider ssl(ASYNC, OK);
721 socket_factory_.AddSSLSocketDataProvider(&ssl);
722
723 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
724 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
725 false);
726
727 ClientSocketHandle handle;
728 TestCompletionCallback callback;
729 int rv = handle.Init(
730 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
731 EXPECT_EQ(ERR_IO_PENDING, rv);
732 EXPECT_FALSE(handle.is_initialized());
733 EXPECT_FALSE(handle.socket());
734
735 EXPECT_EQ(OK, callback.WaitForResult());
736 EXPECT_TRUE(handle.is_initialized());
737 EXPECT_TRUE(handle.socket());
738 TestLoadTimingInfoNoDns(handle);
739 }
740
741 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
742 MockWrite writes[] = {
743 MockWrite(
744 "CONNECT host:80 HTTP/1.1\r\n"
745 "Host: host:80\r\n"
746 "Proxy-Connection: keep-alive\r\n\r\n"),
747 };
748 MockRead reads[] = {
749 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
750 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
751 MockRead("Content-Length: 10\r\n\r\n"),
752 MockRead("0123456789"),
753 };
754 StaticSocketDataProvider data(reads, arraysize(reads), writes,
755 arraysize(writes));
756 socket_factory_.AddSocketDataProvider(&data);
757 SSLSocketDataProvider ssl(ASYNC, OK);
758 socket_factory_.AddSSLSocketDataProvider(&ssl);
759
760 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
761 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
762 false);
763
764 ClientSocketHandle handle;
765 TestCompletionCallback callback;
766 int rv = handle.Init(
767 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
768 EXPECT_EQ(ERR_IO_PENDING, rv);
769 EXPECT_FALSE(handle.is_initialized());
770 EXPECT_FALSE(handle.socket());
771
772 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
773 EXPECT_FALSE(handle.is_initialized());
774 EXPECT_FALSE(handle.socket());
775 EXPECT_FALSE(handle.is_ssl_error());
776 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
777 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
778 scoped_ptr<ClientSocketHandle> tunnel_handle(
779 handle.release_pending_http_proxy_connection());
780 EXPECT_TRUE(tunnel_handle->socket());
781 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
782 }
783
784 TEST_P(SSLClientSocketPoolTest, IPPooling) {
785 const int kTestPort = 80;
786 struct TestHosts {
787 std::string name;
788 std::string iplist;
789 SpdySessionKey key;
790 AddressList addresses;
791 } test_hosts[] = {
792 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
793 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
794 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
795 };
796
797 host_resolver_.set_synchronous_mode(true);
798 for (size_t i = 0; i < arraysize(test_hosts); i++) {
799 host_resolver_.rules()->AddIPLiteralRule(
800 test_hosts[i].name, test_hosts[i].iplist, std::string());
801
802 // This test requires that the HostResolver cache be populated. Normal
803 // code would have done this already, but we do it manually.
804 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
805 host_resolver_.Resolve(info,
806 DEFAULT_PRIORITY,
807 &test_hosts[i].addresses,
808 CompletionCallback(),
809 NULL,
810 BoundNetLog());
811
812 // Setup a SpdySessionKey
813 test_hosts[i].key = SpdySessionKey(
814 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
815 PRIVACY_MODE_DISABLED);
816 }
817
818 MockRead reads[] = {
819 MockRead(ASYNC, ERR_IO_PENDING),
820 };
821 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
822 socket_factory_.AddSocketDataProvider(&data);
823 SSLSocketDataProvider ssl(ASYNC, OK);
824 ssl.cert = X509Certificate::CreateFromBytes(
825 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
826 ssl.SetNextProto(GetParam());
827 socket_factory_.AddSSLSocketDataProvider(&ssl);
828
829 CreatePool(true /* tcp pool */, false, false);
830 base::WeakPtr<SpdySession> spdy_session =
831 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
832
833 EXPECT_TRUE(
834 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
835 EXPECT_FALSE(
836 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
837 EXPECT_TRUE(
838 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
839
840 session_->spdy_session_pool()->CloseAllSessions();
841 }
842
843 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
844 SSLSocketDataProvider* ssl) {
845 const int kTestPort = 80;
846 struct TestHosts {
847 std::string name;
848 std::string iplist;
849 SpdySessionKey key;
850 AddressList addresses;
851 } test_hosts[] = {
852 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
853 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
854 };
855
856 TestCompletionCallback callback;
857 int rv;
858 for (size_t i = 0; i < arraysize(test_hosts); i++) {
859 host_resolver_.rules()->AddIPLiteralRule(
860 test_hosts[i].name, test_hosts[i].iplist, std::string());
861
862 // This test requires that the HostResolver cache be populated. Normal
863 // code would have done this already, but we do it manually.
864 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
865 rv = host_resolver_.Resolve(info,
866 DEFAULT_PRIORITY,
867 &test_hosts[i].addresses,
868 callback.callback(),
869 NULL,
870 BoundNetLog());
871 EXPECT_EQ(OK, callback.GetResult(rv));
872
873 // Setup a SpdySessionKey
874 test_hosts[i].key = SpdySessionKey(
875 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
876 PRIVACY_MODE_DISABLED);
877 }
878
879 MockRead reads[] = {
880 MockRead(ASYNC, ERR_IO_PENDING),
881 };
882 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
883 socket_factory_.AddSocketDataProvider(&data);
884 socket_factory_.AddSSLSocketDataProvider(ssl);
885
886 CreatePool(true /* tcp pool */, false, false);
887 base::WeakPtr<SpdySession> spdy_session =
888 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
889
890 EXPECT_TRUE(
891 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
892 EXPECT_FALSE(
893 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
894
895 session_->spdy_session_pool()->CloseAllSessions();
896 }
897
898 // Verifies that an SSL connection with client authentication disables SPDY IP
899 // pooling.
900 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
901 SSLSocketDataProvider ssl(ASYNC, OK);
902 ssl.cert = X509Certificate::CreateFromBytes(
903 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
904 ssl.client_cert_sent = true;
905 ssl.SetNextProto(GetParam());
906 TestIPPoolingDisabled(&ssl);
907 }
908
909 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
910 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
911 SSLSocketDataProvider ssl(ASYNC, OK);
912 ssl.channel_id_sent = true;
913 ssl.SetNextProto(GetParam());
914 TestIPPoolingDisabled(&ssl);
915 }
916
917 // It would be nice to also test the timeouts in SSLClientSocketPool.
918
919 } // namespace
920
921 } // namespace net