search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Roll src/third_party/skia 4cf9e7e:8ee06f2
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
blob28a6f09d186bb8836ab404882bb10517eabd8bbb
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "net/base/auth.h"
13 #include "net/base/load_timing_info.h"
14 #include "net/base/load_timing_info_test_util.h"
15 #include "net/base/net_errors.h"
16 #include "net/base/test_completion_callback.h"
17 #include "net/cert/cert_verifier.h"
18 #include "net/dns/mock_host_resolver.h"
19 #include "net/http/http_auth_handler_factory.h"
20 #include "net/http/http_network_session.h"
21 #include "net/http/http_request_headers.h"
22 #include "net/http/http_response_headers.h"
23 #include "net/http/http_server_properties_impl.h"
24 #include "net/http/transport_security_state.h"
25 #include "net/proxy/proxy_service.h"
26 #include "net/socket/client_socket_handle.h"
27 #include "net/socket/next_proto.h"
28 #include "net/socket/socket_test_util.h"
29 #include "net/spdy/spdy_session.h"
30 #include "net/spdy/spdy_session_pool.h"
31 #include "net/spdy/spdy_test_util_common.h"
32 #include "net/ssl/ssl_config_service_defaults.h"
33 #include "net/test/test_certificate_data.h"
34 #include "testing/gtest/include/gtest/gtest.h"
35
36 namespace net {
37
38 namespace {
39
40 const int kMaxSockets = 32;
41 const int kMaxSocketsPerGroup = 6;
42
43 // Make sure |handle|'s load times are set correctly. DNS and connect start
44 // times comes from mock client sockets in these tests, so primarily serves to
45 // check those times were copied, and ssl times / connect end are set correctly.
46 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
47 LoadTimingInfo load_timing_info;
48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
49
50 EXPECT_FALSE(load_timing_info.socket_reused);
51 // None of these tests use a NetLog.
52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
53
54 ExpectConnectTimingHasTimes(
55 load_timing_info.connect_timing,
56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
58 }
59
60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
61 // tests over proxies that do DNS lookups themselves.
62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
63 LoadTimingInfo load_timing_info;
64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
65
66 // None of these tests use a NetLog.
67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
68
69 EXPECT_FALSE(load_timing_info.socket_reused);
70
71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
72 CONNECT_TIMING_HAS_SSL_TIMES);
73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
74 }
75
76 class SSLClientSocketPoolTest
77 : public testing::Test,
78 public ::testing::WithParamInterface<NextProto> {
79 protected:
80 SSLClientSocketPoolTest()
81 : transport_security_state_(new TransportSecurityState),
82 proxy_service_(ProxyService::CreateDirect()),
83 ssl_config_service_(new SSLConfigServiceDefaults),
84 http_auth_handler_factory_(
85 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
86 session_(CreateNetworkSession()),
87 direct_transport_socket_params_(new TransportSocketParams(
88 HostPortPair("host", 443),
89 false,
90 false,
91 OnHostResolutionCallback(),
92 TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)),
93 transport_socket_pool_(kMaxSockets,
94 kMaxSocketsPerGroup,
95 &socket_factory_),
96 proxy_transport_socket_params_(new TransportSocketParams(
97 HostPortPair("proxy", 443),
98 false,
99 false,
100 OnHostResolutionCallback(),
101 TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)),
102 socks_socket_params_(
103 new SOCKSSocketParams(proxy_transport_socket_params_,
104 true,
105 HostPortPair("sockshost", 443))),
106 socks_socket_pool_(kMaxSockets,
107 kMaxSocketsPerGroup,
108 &transport_socket_pool_),
109 http_proxy_socket_params_(
110 new HttpProxySocketParams(proxy_transport_socket_params_,
111 NULL,
112 std::string(),
113 HostPortPair("host", 80),
114 session_->http_auth_cache(),
115 session_->http_auth_handler_factory(),
116 session_->spdy_session_pool(),
117 true,
118 NULL)),
119 http_proxy_socket_pool_(kMaxSockets,
120 kMaxSocketsPerGroup,
121 &transport_socket_pool_,
122 NULL,
123 NULL) {
124 scoped_refptr<SSLConfigService> ssl_config_service(
125 new SSLConfigServiceDefaults);
126 ssl_config_service->GetSSLConfig(&ssl_config_);
127 }
128
129 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
130 pool_.reset(new SSLClientSocketPool(
131 kMaxSockets, kMaxSocketsPerGroup, NULL /* cert_verifier */,
132 NULL /* channel_id_service */, NULL /* transport_security_state */,
133 NULL /* cert_transparency_verifier */, NULL /* cert_policy_enforcer */,
134 std::string() /* ssl_session_cache_shard */, &socket_factory_,
135 transport_pool ? &transport_socket_pool_ : NULL,
136 socks_pool ? &socks_socket_pool_ : NULL,
137 http_proxy_pool ? &http_proxy_socket_pool_ : NULL, NULL, NULL));
138 }
139
140 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
141 bool expect_spdy) {
142 return make_scoped_refptr(new SSLSocketParams(
143 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
144 : NULL,
145 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
146 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
147 HostPortPair("host", 443), ssl_config_, PRIVACY_MODE_DISABLED, 0,
148 expect_spdy));
149 }
150
151 void AddAuthToCache() {
152 const base::string16 kFoo(base::ASCIIToUTF16("foo"));
153 const base::string16 kBar(base::ASCIIToUTF16("bar"));
154 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
155 "MyRealm1",
156 HttpAuth::AUTH_SCHEME_BASIC,
157 "Basic realm=MyRealm1",
158 AuthCredentials(kFoo, kBar),
159 "/");
160 }
161
162 HttpNetworkSession* CreateNetworkSession() {
163 HttpNetworkSession::Params params;
164 params.host_resolver = &host_resolver_;
165 params.cert_verifier = cert_verifier_.get();
166 params.transport_security_state = transport_security_state_.get();
167 params.proxy_service = proxy_service_.get();
168 params.client_socket_factory = &socket_factory_;
169 params.ssl_config_service = ssl_config_service_.get();
170 params.http_auth_handler_factory = http_auth_handler_factory_.get();
171 params.http_server_properties =
172 http_server_properties_.GetWeakPtr();
173 params.enable_spdy_compression = false;
174 params.spdy_default_protocol = GetParam();
175 return new HttpNetworkSession(params);
176 }
177
178 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
179
180 MockClientSocketFactory socket_factory_;
181 MockCachingHostResolver host_resolver_;
182 scoped_ptr<CertVerifier> cert_verifier_;
183 scoped_ptr<TransportSecurityState> transport_security_state_;
184 const scoped_ptr<ProxyService> proxy_service_;
185 const scoped_refptr<SSLConfigService> ssl_config_service_;
186 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
187 HttpServerPropertiesImpl http_server_properties_;
188 const scoped_refptr<HttpNetworkSession> session_;
189
190 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
191 MockTransportClientSocketPool transport_socket_pool_;
192
193 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
194
195 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
196 MockSOCKSClientSocketPool socks_socket_pool_;
197
198 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
199 HttpProxyClientSocketPool http_proxy_socket_pool_;
200
201 SSLConfig ssl_config_;
202 scoped_ptr<SSLClientSocketPool> pool_;
203 };
204
205 INSTANTIATE_TEST_CASE_P(NextProto,
206 SSLClientSocketPoolTest,
207 testing::Values(kProtoSPDY31,
208 kProtoHTTP2_14,
209 kProtoHTTP2));
210
211 TEST_P(SSLClientSocketPoolTest, TCPFail) {
212 StaticSocketDataProvider data;
213 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
214 socket_factory_.AddSocketDataProvider(&data);
215
216 CreatePool(true /* tcp pool */, false, false);
217 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
218 false);
219
220 ClientSocketHandle handle;
221 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
222 BoundNetLog());
223 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
224 EXPECT_FALSE(handle.is_initialized());
225 EXPECT_FALSE(handle.socket());
226 EXPECT_FALSE(handle.is_ssl_error());
227 ASSERT_EQ(1u, handle.connection_attempts().size());
228 EXPECT_EQ(ERR_CONNECTION_FAILED, handle.connection_attempts()[0].result);
229 }
230
231 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
232 StaticSocketDataProvider data;
233 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
234 socket_factory_.AddSocketDataProvider(&data);
235
236 CreatePool(true /* tcp pool */, false, false);
237 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
238 false);
239
240 ClientSocketHandle handle;
241 TestCompletionCallback callback;
242 int rv = handle.Init(
243 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
244 EXPECT_EQ(ERR_IO_PENDING, rv);
245 EXPECT_FALSE(handle.is_initialized());
246 EXPECT_FALSE(handle.socket());
247
248 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
249 EXPECT_FALSE(handle.is_initialized());
250 EXPECT_FALSE(handle.socket());
251 EXPECT_FALSE(handle.is_ssl_error());
252 ASSERT_EQ(1u, handle.connection_attempts().size());
253 EXPECT_EQ(ERR_CONNECTION_FAILED, handle.connection_attempts()[0].result);
254 }
255
256 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
257 StaticSocketDataProvider data;
258 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
259 socket_factory_.AddSocketDataProvider(&data);
260 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
261 socket_factory_.AddSSLSocketDataProvider(&ssl);
262
263 CreatePool(true /* tcp pool */, false, false);
264 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
265 false);
266
267 ClientSocketHandle handle;
268 TestCompletionCallback callback;
269 int rv = handle.Init(
270 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
271 EXPECT_EQ(OK, rv);
272 EXPECT_TRUE(handle.is_initialized());
273 EXPECT_TRUE(handle.socket());
274 TestLoadTimingInfo(handle);
275 EXPECT_EQ(0u, handle.connection_attempts().size());
276 }
277
278 // Make sure that SSLConnectJob passes on its priority to its
279 // socket request on Init (for the DIRECT case).
280 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
281 CreatePool(true /* tcp pool */, false, false);
282 scoped_refptr<SSLSocketParams> params =
283 SSLParams(ProxyServer::SCHEME_DIRECT, false);
284
285 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) {
286 RequestPriority priority = static_cast<RequestPriority>(i);
287 StaticSocketDataProvider data;
288 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
289 socket_factory_.AddSocketDataProvider(&data);
290 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
291 socket_factory_.AddSSLSocketDataProvider(&ssl);
292
293 ClientSocketHandle handle;
294 TestCompletionCallback callback;
295 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
296 pool_.get(), BoundNetLog()));
297 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
298 handle.socket()->Disconnect();
299 }
300 }
301
302 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
303 StaticSocketDataProvider data;
304 socket_factory_.AddSocketDataProvider(&data);
305 SSLSocketDataProvider ssl(ASYNC, OK);
306 socket_factory_.AddSSLSocketDataProvider(&ssl);
307
308 CreatePool(true /* tcp pool */, false, false);
309 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
310 false);
311
312 ClientSocketHandle handle;
313 TestCompletionCallback callback;
314 int rv = handle.Init(
315 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
316 EXPECT_EQ(ERR_IO_PENDING, rv);
317 EXPECT_FALSE(handle.is_initialized());
318 EXPECT_FALSE(handle.socket());
319
320 EXPECT_EQ(OK, callback.WaitForResult());
321 EXPECT_TRUE(handle.is_initialized());
322 EXPECT_TRUE(handle.socket());
323 TestLoadTimingInfo(handle);
324 }
325
326 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
327 StaticSocketDataProvider data;
328 socket_factory_.AddSocketDataProvider(&data);
329 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
330 socket_factory_.AddSSLSocketDataProvider(&ssl);
331
332 CreatePool(true /* tcp pool */, false, false);
333 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
334 false);
335
336 ClientSocketHandle handle;
337 TestCompletionCallback callback;
338 int rv = handle.Init(
339 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
340 EXPECT_EQ(ERR_IO_PENDING, rv);
341 EXPECT_FALSE(handle.is_initialized());
342 EXPECT_FALSE(handle.socket());
343
344 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
345 EXPECT_TRUE(handle.is_initialized());
346 EXPECT_TRUE(handle.socket());
347 TestLoadTimingInfo(handle);
348 }
349
350 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
351 StaticSocketDataProvider data;
352 socket_factory_.AddSocketDataProvider(&data);
353 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
354 socket_factory_.AddSSLSocketDataProvider(&ssl);
355
356 CreatePool(true /* tcp pool */, false, false);
357 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
358 false);
359
360 ClientSocketHandle handle;
361 TestCompletionCallback callback;
362 int rv = handle.Init(
363 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
364 EXPECT_EQ(ERR_IO_PENDING, rv);
365 EXPECT_FALSE(handle.is_initialized());
366 EXPECT_FALSE(handle.socket());
367
368 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
369 EXPECT_FALSE(handle.is_initialized());
370 EXPECT_FALSE(handle.socket());
371 EXPECT_TRUE(handle.is_ssl_error());
372 }
373
374 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
375 StaticSocketDataProvider data;
376 socket_factory_.AddSocketDataProvider(&data);
377 SSLSocketDataProvider ssl(ASYNC, OK);
378 ssl.SetNextProto(kProtoHTTP11);
379 socket_factory_.AddSSLSocketDataProvider(&ssl);
380
381 CreatePool(true /* tcp pool */, false, false);
382 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
383 false);
384
385 ClientSocketHandle handle;
386 TestCompletionCallback callback;
387 int rv = handle.Init(
388 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
389 EXPECT_EQ(ERR_IO_PENDING, rv);
390 EXPECT_FALSE(handle.is_initialized());
391 EXPECT_FALSE(handle.socket());
392
393 EXPECT_EQ(OK, callback.WaitForResult());
394 EXPECT_TRUE(handle.is_initialized());
395 EXPECT_TRUE(handle.socket());
396 TestLoadTimingInfo(handle);
397 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
398 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
399 }
400
401 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
402 StaticSocketDataProvider data;
403 socket_factory_.AddSocketDataProvider(&data);
404 SSLSocketDataProvider ssl(ASYNC, OK);
405 ssl.SetNextProto(kProtoHTTP11);
406 socket_factory_.AddSSLSocketDataProvider(&ssl);
407
408 CreatePool(true /* tcp pool */, false, false);
409 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
410 true);
411
412 ClientSocketHandle handle;
413 TestCompletionCallback callback;
414 int rv = handle.Init(
415 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
416 EXPECT_EQ(ERR_IO_PENDING, rv);
417 EXPECT_FALSE(handle.is_initialized());
418 EXPECT_FALSE(handle.socket());
419
420 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
421 EXPECT_FALSE(handle.is_initialized());
422 EXPECT_FALSE(handle.socket());
423 EXPECT_TRUE(handle.is_ssl_error());
424 }
425
426 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
427 StaticSocketDataProvider data;
428 socket_factory_.AddSocketDataProvider(&data);
429 SSLSocketDataProvider ssl(ASYNC, OK);
430 ssl.SetNextProto(GetParam());
431 socket_factory_.AddSSLSocketDataProvider(&ssl);
432
433 CreatePool(true /* tcp pool */, false, false);
434 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
435 true);
436
437 ClientSocketHandle handle;
438 TestCompletionCallback callback;
439 int rv = handle.Init(
440 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
441 EXPECT_EQ(ERR_IO_PENDING, rv);
442 EXPECT_FALSE(handle.is_initialized());
443 EXPECT_FALSE(handle.socket());
444
445 EXPECT_EQ(OK, callback.WaitForResult());
446 EXPECT_TRUE(handle.is_initialized());
447 EXPECT_TRUE(handle.socket());
448 TestLoadTimingInfo(handle);
449
450 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
451 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
452 std::string proto;
453 ssl_socket->GetNextProto(&proto);
454 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
455 }
456
457 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
458 StaticSocketDataProvider data;
459 socket_factory_.AddSocketDataProvider(&data);
460 SSLSocketDataProvider ssl(ASYNC, OK);
461 ssl.SetNextProto(GetParam());
462 socket_factory_.AddSSLSocketDataProvider(&ssl);
463
464 CreatePool(true /* tcp pool */, false, false);
465 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
466 true);
467
468 ClientSocketHandle handle;
469 TestCompletionCallback callback;
470 int rv = handle.Init(
471 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
472 EXPECT_EQ(ERR_IO_PENDING, rv);
473 EXPECT_FALSE(handle.is_initialized());
474 EXPECT_FALSE(handle.socket());
475
476 EXPECT_EQ(OK, callback.WaitForResult());
477 EXPECT_TRUE(handle.is_initialized());
478 EXPECT_TRUE(handle.socket());
479 TestLoadTimingInfo(handle);
480
481 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
482 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
483 std::string proto;
484 ssl_socket->GetNextProto(&proto);
485 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
486 }
487
488 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
489 StaticSocketDataProvider data;
490 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
491 socket_factory_.AddSocketDataProvider(&data);
492
493 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
494 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
495 false);
496
497 ClientSocketHandle handle;
498 TestCompletionCallback callback;
499 int rv = handle.Init(
500 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
501 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
502 EXPECT_FALSE(handle.is_initialized());
503 EXPECT_FALSE(handle.socket());
504 EXPECT_FALSE(handle.is_ssl_error());
505 }
506
507 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
508 StaticSocketDataProvider data;
509 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
510 socket_factory_.AddSocketDataProvider(&data);
511
512 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
513 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
514 false);
515
516 ClientSocketHandle handle;
517 TestCompletionCallback callback;
518 int rv = handle.Init(
519 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
520 EXPECT_EQ(ERR_IO_PENDING, rv);
521 EXPECT_FALSE(handle.is_initialized());
522 EXPECT_FALSE(handle.socket());
523
524 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
525 EXPECT_FALSE(handle.is_initialized());
526 EXPECT_FALSE(handle.socket());
527 EXPECT_FALSE(handle.is_ssl_error());
528 }
529
530 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
531 StaticSocketDataProvider data;
532 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
533 socket_factory_.AddSocketDataProvider(&data);
534 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
535 socket_factory_.AddSSLSocketDataProvider(&ssl);
536
537 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
538 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
539 false);
540
541 ClientSocketHandle handle;
542 TestCompletionCallback callback;
543 int rv = handle.Init(
544 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
545 EXPECT_EQ(OK, rv);
546 EXPECT_TRUE(handle.is_initialized());
547 EXPECT_TRUE(handle.socket());
548 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
549 // don't go through the real logic, unlike in the HTTP proxy tests.
550 TestLoadTimingInfo(handle);
551 }
552
553 // Make sure that SSLConnectJob passes on its priority to its
554 // transport socket on Init (for the SOCKS_PROXY case).
555 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
556 StaticSocketDataProvider data;
557 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
558 socket_factory_.AddSocketDataProvider(&data);
559 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
560 socket_factory_.AddSSLSocketDataProvider(&ssl);
561
562 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
563 scoped_refptr<SSLSocketParams> params =
564 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
565
566 ClientSocketHandle handle;
567 TestCompletionCallback callback;
568 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
569 pool_.get(), BoundNetLog()));
570 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
571 }
572
573 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
574 StaticSocketDataProvider data;
575 socket_factory_.AddSocketDataProvider(&data);
576 SSLSocketDataProvider ssl(ASYNC, OK);
577 socket_factory_.AddSSLSocketDataProvider(&ssl);
578
579 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
580 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
581 false);
582
583 ClientSocketHandle handle;
584 TestCompletionCallback callback;
585 int rv = handle.Init(
586 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
587 EXPECT_EQ(ERR_IO_PENDING, rv);
588 EXPECT_FALSE(handle.is_initialized());
589 EXPECT_FALSE(handle.socket());
590
591 EXPECT_EQ(OK, callback.WaitForResult());
592 EXPECT_TRUE(handle.is_initialized());
593 EXPECT_TRUE(handle.socket());
594 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
595 // don't go through the real logic, unlike in the HTTP proxy tests.
596 TestLoadTimingInfo(handle);
597 }
598
599 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
600 StaticSocketDataProvider data;
601 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
602 socket_factory_.AddSocketDataProvider(&data);
603
604 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
605 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
606 false);
607
608 ClientSocketHandle handle;
609 TestCompletionCallback callback;
610 int rv = handle.Init(
611 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
612 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
613 EXPECT_FALSE(handle.is_initialized());
614 EXPECT_FALSE(handle.socket());
615 EXPECT_FALSE(handle.is_ssl_error());
616 }
617
618 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
619 StaticSocketDataProvider data;
620 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
621 socket_factory_.AddSocketDataProvider(&data);
622
623 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
624 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
625 false);
626
627 ClientSocketHandle handle;
628 TestCompletionCallback callback;
629 int rv = handle.Init(
630 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
631 EXPECT_EQ(ERR_IO_PENDING, rv);
632 EXPECT_FALSE(handle.is_initialized());
633 EXPECT_FALSE(handle.socket());
634
635 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
636 EXPECT_FALSE(handle.is_initialized());
637 EXPECT_FALSE(handle.socket());
638 EXPECT_FALSE(handle.is_ssl_error());
639 }
640
641 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
642 MockWrite writes[] = {
643 MockWrite(SYNCHRONOUS,
644 "CONNECT host:80 HTTP/1.1\r\n"
645 "Host: host:80\r\n"
646 "Proxy-Connection: keep-alive\r\n"
647 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
648 };
649 MockRead reads[] = {
650 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
651 };
652 StaticSocketDataProvider data(reads, arraysize(reads), writes,
653 arraysize(writes));
654 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
655 socket_factory_.AddSocketDataProvider(&data);
656 AddAuthToCache();
657 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
658 socket_factory_.AddSSLSocketDataProvider(&ssl);
659
660 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
661 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
662 false);
663
664 ClientSocketHandle handle;
665 TestCompletionCallback callback;
666 int rv = handle.Init(
667 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
668 EXPECT_EQ(OK, rv);
669 EXPECT_TRUE(handle.is_initialized());
670 EXPECT_TRUE(handle.socket());
671 TestLoadTimingInfoNoDns(handle);
672 }
673
674 // Make sure that SSLConnectJob passes on its priority to its
675 // transport socket on Init (for the HTTP_PROXY case).
676 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
677 MockWrite writes[] = {
678 MockWrite(SYNCHRONOUS,
679 "CONNECT host:80 HTTP/1.1\r\n"
680 "Host: host:80\r\n"
681 "Proxy-Connection: keep-alive\r\n"
682 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
683 };
684 MockRead reads[] = {
685 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
686 };
687 StaticSocketDataProvider data(reads, arraysize(reads), writes,
688 arraysize(writes));
689 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
690 socket_factory_.AddSocketDataProvider(&data);
691 AddAuthToCache();
692 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
693 socket_factory_.AddSSLSocketDataProvider(&ssl);
694
695 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
696 scoped_refptr<SSLSocketParams> params =
697 SSLParams(ProxyServer::SCHEME_HTTP, false);
698
699 ClientSocketHandle handle;
700 TestCompletionCallback callback;
701 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
702 pool_.get(), BoundNetLog()));
703 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
704 }
705
706 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
707 MockWrite writes[] = {
708 MockWrite(
709 "CONNECT host:80 HTTP/1.1\r\n"
710 "Host: host:80\r\n"
711 "Proxy-Connection: keep-alive\r\n"
712 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
713 };
714 MockRead reads[] = {
715 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
716 };
717 StaticSocketDataProvider data(reads, arraysize(reads), writes,
718 arraysize(writes));
719 socket_factory_.AddSocketDataProvider(&data);
720 AddAuthToCache();
721 SSLSocketDataProvider ssl(ASYNC, OK);
722 socket_factory_.AddSSLSocketDataProvider(&ssl);
723
724 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
725 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
726 false);
727
728 ClientSocketHandle handle;
729 TestCompletionCallback callback;
730 int rv = handle.Init(
731 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
732 EXPECT_EQ(ERR_IO_PENDING, rv);
733 EXPECT_FALSE(handle.is_initialized());
734 EXPECT_FALSE(handle.socket());
735
736 EXPECT_EQ(OK, callback.WaitForResult());
737 EXPECT_TRUE(handle.is_initialized());
738 EXPECT_TRUE(handle.socket());
739 TestLoadTimingInfoNoDns(handle);
740 }
741
742 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
743 MockWrite writes[] = {
744 MockWrite(
745 "CONNECT host:80 HTTP/1.1\r\n"
746 "Host: host:80\r\n"
747 "Proxy-Connection: keep-alive\r\n\r\n"),
748 };
749 MockRead reads[] = {
750 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
751 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
752 MockRead("Content-Length: 10\r\n\r\n"),
753 MockRead("0123456789"),
754 };
755 StaticSocketDataProvider data(reads, arraysize(reads), writes,
756 arraysize(writes));
757 socket_factory_.AddSocketDataProvider(&data);
758 SSLSocketDataProvider ssl(ASYNC, OK);
759 socket_factory_.AddSSLSocketDataProvider(&ssl);
760
761 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
762 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
763 false);
764
765 ClientSocketHandle handle;
766 TestCompletionCallback callback;
767 int rv = handle.Init(
768 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
769 EXPECT_EQ(ERR_IO_PENDING, rv);
770 EXPECT_FALSE(handle.is_initialized());
771 EXPECT_FALSE(handle.socket());
772
773 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
774 EXPECT_FALSE(handle.is_initialized());
775 EXPECT_FALSE(handle.socket());
776 EXPECT_FALSE(handle.is_ssl_error());
777 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
778 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
779 scoped_ptr<ClientSocketHandle> tunnel_handle(
780 handle.release_pending_http_proxy_connection());
781 EXPECT_TRUE(tunnel_handle->socket());
782 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
783 }
784
785 TEST_P(SSLClientSocketPoolTest, IPPooling) {
786 const int kTestPort = 80;
787 struct TestHosts {
788 std::string name;
789 std::string iplist;
790 SpdySessionKey key;
791 AddressList addresses;
792 } test_hosts[] = {
793 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
794 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
795 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
796 };
797
798 host_resolver_.set_synchronous_mode(true);
799 for (size_t i = 0; i < arraysize(test_hosts); i++) {
800 host_resolver_.rules()->AddIPLiteralRule(
801 test_hosts[i].name, test_hosts[i].iplist, std::string());
802
803 // This test requires that the HostResolver cache be populated. Normal
804 // code would have done this already, but we do it manually.
805 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
806 host_resolver_.Resolve(info,
807 DEFAULT_PRIORITY,
808 &test_hosts[i].addresses,
809 CompletionCallback(),
810 NULL,
811 BoundNetLog());
812
813 // Setup a SpdySessionKey
814 test_hosts[i].key = SpdySessionKey(
815 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
816 PRIVACY_MODE_DISABLED);
817 }
818
819 MockRead reads[] = {
820 MockRead(ASYNC, ERR_IO_PENDING),
821 };
822 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
823 socket_factory_.AddSocketDataProvider(&data);
824 SSLSocketDataProvider ssl(ASYNC, OK);
825 ssl.cert = X509Certificate::CreateFromBytes(
826 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
827 ssl.SetNextProto(GetParam());
828 socket_factory_.AddSSLSocketDataProvider(&ssl);
829
830 CreatePool(true /* tcp pool */, false, false);
831 base::WeakPtr<SpdySession> spdy_session =
832 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
833
834 EXPECT_TRUE(
835 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
836 EXPECT_FALSE(
837 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
838 EXPECT_TRUE(
839 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
840
841 session_->spdy_session_pool()->CloseAllSessions();
842 }
843
844 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
845 SSLSocketDataProvider* ssl) {
846 const int kTestPort = 80;
847 struct TestHosts {
848 std::string name;
849 std::string iplist;
850 SpdySessionKey key;
851 AddressList addresses;
852 } test_hosts[] = {
853 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
854 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
855 };
856
857 TestCompletionCallback callback;
858 int rv;
859 for (size_t i = 0; i < arraysize(test_hosts); i++) {
860 host_resolver_.rules()->AddIPLiteralRule(
861 test_hosts[i].name, test_hosts[i].iplist, std::string());
862
863 // This test requires that the HostResolver cache be populated. Normal
864 // code would have done this already, but we do it manually.
865 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
866 rv = host_resolver_.Resolve(info,
867 DEFAULT_PRIORITY,
868 &test_hosts[i].addresses,
869 callback.callback(),
870 NULL,
871 BoundNetLog());
872 EXPECT_EQ(OK, callback.GetResult(rv));
873
874 // Setup a SpdySessionKey
875 test_hosts[i].key = SpdySessionKey(
876 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
877 PRIVACY_MODE_DISABLED);
878 }
879
880 MockRead reads[] = {
881 MockRead(ASYNC, ERR_IO_PENDING),
882 };
883 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
884 socket_factory_.AddSocketDataProvider(&data);
885 socket_factory_.AddSSLSocketDataProvider(ssl);
886
887 CreatePool(true /* tcp pool */, false, false);
888 base::WeakPtr<SpdySession> spdy_session =
889 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
890
891 EXPECT_TRUE(
892 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
893 EXPECT_FALSE(
894 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
895
896 session_->spdy_session_pool()->CloseAllSessions();
897 }
898
899 // Verifies that an SSL connection with client authentication disables SPDY IP
900 // pooling.
901 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
902 SSLSocketDataProvider ssl(ASYNC, OK);
903 ssl.cert = X509Certificate::CreateFromBytes(
904 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
905 ssl.client_cert_sent = true;
906 ssl.SetNextProto(GetParam());
907 TestIPPoolingDisabled(&ssl);
908 }
909
910 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
911 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
912 SSLSocketDataProvider ssl(ASYNC, OK);
913 ssl.channel_id_sent = true;
914 ssl.SetNextProto(GetParam());
915 TestIPPoolingDisabled(&ssl);
916 }
917
918 // It would be nice to also test the timeouts in SSLClientSocketPool.
919
920 } // namespace
921
922 } // namespace net