search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert 268405 "Make sure that ScratchBuffer::Allocate() always r..."
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
blobe71d0b2c2357683bd4547d075f71d5f4ffcc5209
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "net/base/auth.h"
13 #include "net/base/load_timing_info.h"
14 #include "net/base/load_timing_info_test_util.h"
15 #include "net/base/net_errors.h"
16 #include "net/base/test_completion_callback.h"
17 #include "net/cert/cert_verifier.h"
18 #include "net/dns/mock_host_resolver.h"
19 #include "net/http/http_auth_handler_factory.h"
20 #include "net/http/http_network_session.h"
21 #include "net/http/http_request_headers.h"
22 #include "net/http/http_response_headers.h"
23 #include "net/http/http_server_properties_impl.h"
24 #include "net/proxy/proxy_service.h"
25 #include "net/socket/client_socket_handle.h"
26 #include "net/socket/client_socket_pool_histograms.h"
27 #include "net/socket/next_proto.h"
28 #include "net/socket/socket_test_util.h"
29 #include "net/spdy/spdy_session.h"
30 #include "net/spdy/spdy_session_pool.h"
31 #include "net/spdy/spdy_test_util_common.h"
32 #include "net/ssl/ssl_config_service_defaults.h"
33 #include "net/test/test_certificate_data.h"
34 #include "testing/gtest/include/gtest/gtest.h"
35
36 namespace net {
37
38 namespace {
39
40 const int kMaxSockets = 32;
41 const int kMaxSocketsPerGroup = 6;
42
43 // Make sure |handle|'s load times are set correctly. DNS and connect start
44 // times comes from mock client sockets in these tests, so primarily serves to
45 // check those times were copied, and ssl times / connect end are set correctly.
46 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
47 LoadTimingInfo load_timing_info;
48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
49
50 EXPECT_FALSE(load_timing_info.socket_reused);
51 // None of these tests use a NetLog.
52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
53
54 ExpectConnectTimingHasTimes(
55 load_timing_info.connect_timing,
56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
58 }
59
60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
61 // tests over proxies that do DNS lookups themselves.
62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
63 LoadTimingInfo load_timing_info;
64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
65
66 // None of these tests use a NetLog.
67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
68
69 EXPECT_FALSE(load_timing_info.socket_reused);
70
71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
72 CONNECT_TIMING_HAS_SSL_TIMES);
73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
74 }
75
76 class SSLClientSocketPoolTest
77 : public testing::Test,
78 public ::testing::WithParamInterface<NextProto> {
79 protected:
80 SSLClientSocketPoolTest()
81 : proxy_service_(ProxyService::CreateDirect()),
82 ssl_config_service_(new SSLConfigServiceDefaults),
83 http_auth_handler_factory_(
84 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
85 session_(CreateNetworkSession()),
86 direct_transport_socket_params_(
87 new TransportSocketParams(HostPortPair("host", 443),
88 false,
89 false,
90 OnHostResolutionCallback())),
91 transport_histograms_("MockTCP"),
92 transport_socket_pool_(kMaxSockets,
93 kMaxSocketsPerGroup,
94 &transport_histograms_,
95 &socket_factory_),
96 proxy_transport_socket_params_(
97 new TransportSocketParams(HostPortPair("proxy", 443),
98 false,
99 false,
100 OnHostResolutionCallback())),
101 socks_socket_params_(
102 new SOCKSSocketParams(proxy_transport_socket_params_,
103 true,
104 HostPortPair("sockshost", 443))),
105 socks_histograms_("MockSOCKS"),
106 socks_socket_pool_(kMaxSockets,
107 kMaxSocketsPerGroup,
108 &socks_histograms_,
109 &transport_socket_pool_),
110 http_proxy_socket_params_(
111 new HttpProxySocketParams(proxy_transport_socket_params_,
112 NULL,
113 GURL("http://host"),
114 std::string(),
115 HostPortPair("host", 80),
116 session_->http_auth_cache(),
117 session_->http_auth_handler_factory(),
118 session_->spdy_session_pool(),
119 true)),
120 http_proxy_histograms_("MockHttpProxy"),
121 http_proxy_socket_pool_(kMaxSockets,
122 kMaxSocketsPerGroup,
123 &http_proxy_histograms_,
124 &host_resolver_,
125 &transport_socket_pool_,
126 NULL,
127 NULL) {
128 scoped_refptr<SSLConfigService> ssl_config_service(
129 new SSLConfigServiceDefaults);
130 ssl_config_service->GetSSLConfig(&ssl_config_);
131 }
132
133 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
134 ssl_histograms_.reset(new ClientSocketPoolHistograms("SSLUnitTest"));
135 pool_.reset(new SSLClientSocketPool(
136 kMaxSockets,
137 kMaxSocketsPerGroup,
138 ssl_histograms_.get(),
139 NULL /* host_resolver */,
140 NULL /* cert_verifier */,
141 NULL /* server_bound_cert_service */,
142 NULL /* transport_security_state */,
143 NULL /* cert_transparency_verifier */,
144 std::string() /* ssl_session_cache_shard */,
145 &socket_factory_,
146 transport_pool ? &transport_socket_pool_ : NULL,
147 socks_pool ? &socks_socket_pool_ : NULL,
148 http_proxy_pool ? &http_proxy_socket_pool_ : NULL,
149 NULL,
150 NULL));
151 }
152
153 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
154 bool want_spdy_over_npn) {
155 return make_scoped_refptr(new SSLSocketParams(
156 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
157 : NULL,
158 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
159 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
160 HostPortPair("host", 443),
161 ssl_config_,
162 PRIVACY_MODE_DISABLED,
163 0,
164 false,
165 want_spdy_over_npn));
166 }
167
168 void AddAuthToCache() {
169 const base::string16 kFoo(base::ASCIIToUTF16("foo"));
170 const base::string16 kBar(base::ASCIIToUTF16("bar"));
171 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
172 "MyRealm1",
173 HttpAuth::AUTH_SCHEME_BASIC,
174 "Basic realm=MyRealm1",
175 AuthCredentials(kFoo, kBar),
176 "/");
177 }
178
179 HttpNetworkSession* CreateNetworkSession() {
180 HttpNetworkSession::Params params;
181 params.host_resolver = &host_resolver_;
182 params.cert_verifier = cert_verifier_.get();
183 params.transport_security_state = transport_security_state_.get();
184 params.proxy_service = proxy_service_.get();
185 params.client_socket_factory = &socket_factory_;
186 params.ssl_config_service = ssl_config_service_.get();
187 params.http_auth_handler_factory = http_auth_handler_factory_.get();
188 params.http_server_properties =
189 http_server_properties_.GetWeakPtr();
190 params.enable_spdy_compression = false;
191 params.spdy_default_protocol = GetParam();
192 return new HttpNetworkSession(params);
193 }
194
195 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
196
197 MockClientSocketFactory socket_factory_;
198 MockCachingHostResolver host_resolver_;
199 scoped_ptr<CertVerifier> cert_verifier_;
200 scoped_ptr<TransportSecurityState> transport_security_state_;
201 const scoped_ptr<ProxyService> proxy_service_;
202 const scoped_refptr<SSLConfigService> ssl_config_service_;
203 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
204 HttpServerPropertiesImpl http_server_properties_;
205 const scoped_refptr<HttpNetworkSession> session_;
206
207 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
208 ClientSocketPoolHistograms transport_histograms_;
209 MockTransportClientSocketPool transport_socket_pool_;
210
211 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
212
213 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
214 ClientSocketPoolHistograms socks_histograms_;
215 MockSOCKSClientSocketPool socks_socket_pool_;
216
217 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
218 ClientSocketPoolHistograms http_proxy_histograms_;
219 HttpProxyClientSocketPool http_proxy_socket_pool_;
220
221 SSLConfig ssl_config_;
222 scoped_ptr<ClientSocketPoolHistograms> ssl_histograms_;
223 scoped_ptr<SSLClientSocketPool> pool_;
224 };
225
226 INSTANTIATE_TEST_CASE_P(
227 NextProto,
228 SSLClientSocketPoolTest,
229 testing::Values(kProtoDeprecatedSPDY2,
230 kProtoSPDY3, kProtoSPDY31, kProtoSPDY4));
231
232 TEST_P(SSLClientSocketPoolTest, TCPFail) {
233 StaticSocketDataProvider data;
234 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
235 socket_factory_.AddSocketDataProvider(&data);
236
237 CreatePool(true /* tcp pool */, false, false);
238 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
239 false);
240
241 ClientSocketHandle handle;
242 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
243 BoundNetLog());
244 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
245 EXPECT_FALSE(handle.is_initialized());
246 EXPECT_FALSE(handle.socket());
247 EXPECT_FALSE(handle.is_ssl_error());
248 }
249
250 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
251 StaticSocketDataProvider data;
252 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
253 socket_factory_.AddSocketDataProvider(&data);
254
255 CreatePool(true /* tcp pool */, false, false);
256 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
257 false);
258
259 ClientSocketHandle handle;
260 TestCompletionCallback callback;
261 int rv = handle.Init(
262 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
263 EXPECT_EQ(ERR_IO_PENDING, rv);
264 EXPECT_FALSE(handle.is_initialized());
265 EXPECT_FALSE(handle.socket());
266
267 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
268 EXPECT_FALSE(handle.is_initialized());
269 EXPECT_FALSE(handle.socket());
270 EXPECT_FALSE(handle.is_ssl_error());
271 }
272
273 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
274 StaticSocketDataProvider data;
275 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
276 socket_factory_.AddSocketDataProvider(&data);
277 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
278 socket_factory_.AddSSLSocketDataProvider(&ssl);
279
280 CreatePool(true /* tcp pool */, false, false);
281 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
282 false);
283
284 ClientSocketHandle handle;
285 TestCompletionCallback callback;
286 int rv = handle.Init(
287 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
288 EXPECT_EQ(OK, rv);
289 EXPECT_TRUE(handle.is_initialized());
290 EXPECT_TRUE(handle.socket());
291 TestLoadTimingInfo(handle);
292 }
293
294 // Make sure that SSLConnectJob passes on its priority to its
295 // socket request on Init (for the DIRECT case).
296 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
297 CreatePool(true /* tcp pool */, false, false);
298 scoped_refptr<SSLSocketParams> params =
299 SSLParams(ProxyServer::SCHEME_DIRECT, false);
300
301 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) {
302 RequestPriority priority = static_cast<RequestPriority>(i);
303 StaticSocketDataProvider data;
304 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
305 socket_factory_.AddSocketDataProvider(&data);
306 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
307 socket_factory_.AddSSLSocketDataProvider(&ssl);
308
309 ClientSocketHandle handle;
310 TestCompletionCallback callback;
311 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
312 pool_.get(), BoundNetLog()));
313 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
314 handle.socket()->Disconnect();
315 }
316 }
317
318 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
319 StaticSocketDataProvider data;
320 socket_factory_.AddSocketDataProvider(&data);
321 SSLSocketDataProvider ssl(ASYNC, OK);
322 socket_factory_.AddSSLSocketDataProvider(&ssl);
323
324 CreatePool(true /* tcp pool */, false, false);
325 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
326 false);
327
328 ClientSocketHandle handle;
329 TestCompletionCallback callback;
330 int rv = handle.Init(
331 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
332 EXPECT_EQ(ERR_IO_PENDING, rv);
333 EXPECT_FALSE(handle.is_initialized());
334 EXPECT_FALSE(handle.socket());
335
336 EXPECT_EQ(OK, callback.WaitForResult());
337 EXPECT_TRUE(handle.is_initialized());
338 EXPECT_TRUE(handle.socket());
339 TestLoadTimingInfo(handle);
340 }
341
342 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
343 StaticSocketDataProvider data;
344 socket_factory_.AddSocketDataProvider(&data);
345 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
346 socket_factory_.AddSSLSocketDataProvider(&ssl);
347
348 CreatePool(true /* tcp pool */, false, false);
349 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
350 false);
351
352 ClientSocketHandle handle;
353 TestCompletionCallback callback;
354 int rv = handle.Init(
355 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
356 EXPECT_EQ(ERR_IO_PENDING, rv);
357 EXPECT_FALSE(handle.is_initialized());
358 EXPECT_FALSE(handle.socket());
359
360 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
361 EXPECT_TRUE(handle.is_initialized());
362 EXPECT_TRUE(handle.socket());
363 TestLoadTimingInfo(handle);
364 }
365
366 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
367 StaticSocketDataProvider data;
368 socket_factory_.AddSocketDataProvider(&data);
369 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
370 socket_factory_.AddSSLSocketDataProvider(&ssl);
371
372 CreatePool(true /* tcp pool */, false, false);
373 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
374 false);
375
376 ClientSocketHandle handle;
377 TestCompletionCallback callback;
378 int rv = handle.Init(
379 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
380 EXPECT_EQ(ERR_IO_PENDING, rv);
381 EXPECT_FALSE(handle.is_initialized());
382 EXPECT_FALSE(handle.socket());
383
384 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
385 EXPECT_FALSE(handle.is_initialized());
386 EXPECT_FALSE(handle.socket());
387 EXPECT_TRUE(handle.is_ssl_error());
388 }
389
390 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
391 StaticSocketDataProvider data;
392 socket_factory_.AddSocketDataProvider(&data);
393 SSLSocketDataProvider ssl(ASYNC, OK);
394 ssl.SetNextProto(kProtoHTTP11);
395 socket_factory_.AddSSLSocketDataProvider(&ssl);
396
397 CreatePool(true /* tcp pool */, false, false);
398 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
399 false);
400
401 ClientSocketHandle handle;
402 TestCompletionCallback callback;
403 int rv = handle.Init(
404 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
405 EXPECT_EQ(ERR_IO_PENDING, rv);
406 EXPECT_FALSE(handle.is_initialized());
407 EXPECT_FALSE(handle.socket());
408
409 EXPECT_EQ(OK, callback.WaitForResult());
410 EXPECT_TRUE(handle.is_initialized());
411 EXPECT_TRUE(handle.socket());
412 TestLoadTimingInfo(handle);
413 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
414 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
415 }
416
417 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
418 StaticSocketDataProvider data;
419 socket_factory_.AddSocketDataProvider(&data);
420 SSLSocketDataProvider ssl(ASYNC, OK);
421 ssl.SetNextProto(kProtoHTTP11);
422 socket_factory_.AddSSLSocketDataProvider(&ssl);
423
424 CreatePool(true /* tcp pool */, false, false);
425 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
426 true);
427
428 ClientSocketHandle handle;
429 TestCompletionCallback callback;
430 int rv = handle.Init(
431 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
432 EXPECT_EQ(ERR_IO_PENDING, rv);
433 EXPECT_FALSE(handle.is_initialized());
434 EXPECT_FALSE(handle.socket());
435
436 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
437 EXPECT_FALSE(handle.is_initialized());
438 EXPECT_FALSE(handle.socket());
439 EXPECT_TRUE(handle.is_ssl_error());
440 }
441
442 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
443 StaticSocketDataProvider data;
444 socket_factory_.AddSocketDataProvider(&data);
445 SSLSocketDataProvider ssl(ASYNC, OK);
446 ssl.SetNextProto(GetParam());
447 socket_factory_.AddSSLSocketDataProvider(&ssl);
448
449 CreatePool(true /* tcp pool */, false, false);
450 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
451 true);
452
453 ClientSocketHandle handle;
454 TestCompletionCallback callback;
455 int rv = handle.Init(
456 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
457 EXPECT_EQ(ERR_IO_PENDING, rv);
458 EXPECT_FALSE(handle.is_initialized());
459 EXPECT_FALSE(handle.socket());
460
461 EXPECT_EQ(OK, callback.WaitForResult());
462 EXPECT_TRUE(handle.is_initialized());
463 EXPECT_TRUE(handle.socket());
464 TestLoadTimingInfo(handle);
465
466 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
467 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
468 std::string proto;
469 std::string server_protos;
470 ssl_socket->GetNextProto(&proto, &server_protos);
471 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
472 }
473
474 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
475 StaticSocketDataProvider data;
476 socket_factory_.AddSocketDataProvider(&data);
477 SSLSocketDataProvider ssl(ASYNC, OK);
478 ssl.SetNextProto(GetParam());
479 socket_factory_.AddSSLSocketDataProvider(&ssl);
480
481 CreatePool(true /* tcp pool */, false, false);
482 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
483 true);
484
485 ClientSocketHandle handle;
486 TestCompletionCallback callback;
487 int rv = handle.Init(
488 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
489 EXPECT_EQ(ERR_IO_PENDING, rv);
490 EXPECT_FALSE(handle.is_initialized());
491 EXPECT_FALSE(handle.socket());
492
493 EXPECT_EQ(OK, callback.WaitForResult());
494 EXPECT_TRUE(handle.is_initialized());
495 EXPECT_TRUE(handle.socket());
496 TestLoadTimingInfo(handle);
497
498 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
499 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
500 std::string proto;
501 std::string server_protos;
502 ssl_socket->GetNextProto(&proto, &server_protos);
503 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
504 }
505
506 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
507 StaticSocketDataProvider data;
508 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
509 socket_factory_.AddSocketDataProvider(&data);
510
511 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
512 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
513 false);
514
515 ClientSocketHandle handle;
516 TestCompletionCallback callback;
517 int rv = handle.Init(
518 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
519 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
520 EXPECT_FALSE(handle.is_initialized());
521 EXPECT_FALSE(handle.socket());
522 EXPECT_FALSE(handle.is_ssl_error());
523 }
524
525 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
526 StaticSocketDataProvider data;
527 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
528 socket_factory_.AddSocketDataProvider(&data);
529
530 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
531 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
532 false);
533
534 ClientSocketHandle handle;
535 TestCompletionCallback callback;
536 int rv = handle.Init(
537 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
538 EXPECT_EQ(ERR_IO_PENDING, rv);
539 EXPECT_FALSE(handle.is_initialized());
540 EXPECT_FALSE(handle.socket());
541
542 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
543 EXPECT_FALSE(handle.is_initialized());
544 EXPECT_FALSE(handle.socket());
545 EXPECT_FALSE(handle.is_ssl_error());
546 }
547
548 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
549 StaticSocketDataProvider data;
550 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
551 socket_factory_.AddSocketDataProvider(&data);
552 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
553 socket_factory_.AddSSLSocketDataProvider(&ssl);
554
555 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
556 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
557 false);
558
559 ClientSocketHandle handle;
560 TestCompletionCallback callback;
561 int rv = handle.Init(
562 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
563 EXPECT_EQ(OK, rv);
564 EXPECT_TRUE(handle.is_initialized());
565 EXPECT_TRUE(handle.socket());
566 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
567 // don't go through the real logic, unlike in the HTTP proxy tests.
568 TestLoadTimingInfo(handle);
569 }
570
571 // Make sure that SSLConnectJob passes on its priority to its
572 // transport socket on Init (for the SOCKS_PROXY case).
573 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
574 StaticSocketDataProvider data;
575 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
576 socket_factory_.AddSocketDataProvider(&data);
577 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
578 socket_factory_.AddSSLSocketDataProvider(&ssl);
579
580 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
581 scoped_refptr<SSLSocketParams> params =
582 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
583
584 ClientSocketHandle handle;
585 TestCompletionCallback callback;
586 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
587 pool_.get(), BoundNetLog()));
588 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
589 }
590
591 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
592 StaticSocketDataProvider data;
593 socket_factory_.AddSocketDataProvider(&data);
594 SSLSocketDataProvider ssl(ASYNC, OK);
595 socket_factory_.AddSSLSocketDataProvider(&ssl);
596
597 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
598 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
599 false);
600
601 ClientSocketHandle handle;
602 TestCompletionCallback callback;
603 int rv = handle.Init(
604 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
605 EXPECT_EQ(ERR_IO_PENDING, rv);
606 EXPECT_FALSE(handle.is_initialized());
607 EXPECT_FALSE(handle.socket());
608
609 EXPECT_EQ(OK, callback.WaitForResult());
610 EXPECT_TRUE(handle.is_initialized());
611 EXPECT_TRUE(handle.socket());
612 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
613 // don't go through the real logic, unlike in the HTTP proxy tests.
614 TestLoadTimingInfo(handle);
615 }
616
617 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
618 StaticSocketDataProvider data;
619 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
620 socket_factory_.AddSocketDataProvider(&data);
621
622 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
623 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
624 false);
625
626 ClientSocketHandle handle;
627 TestCompletionCallback callback;
628 int rv = handle.Init(
629 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
630 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
631 EXPECT_FALSE(handle.is_initialized());
632 EXPECT_FALSE(handle.socket());
633 EXPECT_FALSE(handle.is_ssl_error());
634 }
635
636 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
637 StaticSocketDataProvider data;
638 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
639 socket_factory_.AddSocketDataProvider(&data);
640
641 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
642 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
643 false);
644
645 ClientSocketHandle handle;
646 TestCompletionCallback callback;
647 int rv = handle.Init(
648 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
649 EXPECT_EQ(ERR_IO_PENDING, rv);
650 EXPECT_FALSE(handle.is_initialized());
651 EXPECT_FALSE(handle.socket());
652
653 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
654 EXPECT_FALSE(handle.is_initialized());
655 EXPECT_FALSE(handle.socket());
656 EXPECT_FALSE(handle.is_ssl_error());
657 }
658
659 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
660 MockWrite writes[] = {
661 MockWrite(SYNCHRONOUS,
662 "CONNECT host:80 HTTP/1.1\r\n"
663 "Host: host\r\n"
664 "Proxy-Connection: keep-alive\r\n"
665 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
666 };
667 MockRead reads[] = {
668 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
669 };
670 StaticSocketDataProvider data(reads, arraysize(reads), writes,
671 arraysize(writes));
672 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
673 socket_factory_.AddSocketDataProvider(&data);
674 AddAuthToCache();
675 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
676 socket_factory_.AddSSLSocketDataProvider(&ssl);
677
678 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
679 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
680 false);
681
682 ClientSocketHandle handle;
683 TestCompletionCallback callback;
684 int rv = handle.Init(
685 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
686 EXPECT_EQ(OK, rv);
687 EXPECT_TRUE(handle.is_initialized());
688 EXPECT_TRUE(handle.socket());
689 TestLoadTimingInfoNoDns(handle);
690 }
691
692 // Make sure that SSLConnectJob passes on its priority to its
693 // transport socket on Init (for the HTTP_PROXY case).
694 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
695 MockWrite writes[] = {
696 MockWrite(SYNCHRONOUS,
697 "CONNECT host:80 HTTP/1.1\r\n"
698 "Host: host\r\n"
699 "Proxy-Connection: keep-alive\r\n"
700 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
701 };
702 MockRead reads[] = {
703 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
704 };
705 StaticSocketDataProvider data(reads, arraysize(reads), writes,
706 arraysize(writes));
707 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
708 socket_factory_.AddSocketDataProvider(&data);
709 AddAuthToCache();
710 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
711 socket_factory_.AddSSLSocketDataProvider(&ssl);
712
713 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
714 scoped_refptr<SSLSocketParams> params =
715 SSLParams(ProxyServer::SCHEME_HTTP, false);
716
717 ClientSocketHandle handle;
718 TestCompletionCallback callback;
719 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
720 pool_.get(), BoundNetLog()));
721 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
722 }
723
724 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
725 MockWrite writes[] = {
726 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
727 "Host: host\r\n"
728 "Proxy-Connection: keep-alive\r\n"
729 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
730 };
731 MockRead reads[] = {
732 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
733 };
734 StaticSocketDataProvider data(reads, arraysize(reads), writes,
735 arraysize(writes));
736 socket_factory_.AddSocketDataProvider(&data);
737 AddAuthToCache();
738 SSLSocketDataProvider ssl(ASYNC, OK);
739 socket_factory_.AddSSLSocketDataProvider(&ssl);
740
741 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
742 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
743 false);
744
745 ClientSocketHandle handle;
746 TestCompletionCallback callback;
747 int rv = handle.Init(
748 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
749 EXPECT_EQ(ERR_IO_PENDING, rv);
750 EXPECT_FALSE(handle.is_initialized());
751 EXPECT_FALSE(handle.socket());
752
753 EXPECT_EQ(OK, callback.WaitForResult());
754 EXPECT_TRUE(handle.is_initialized());
755 EXPECT_TRUE(handle.socket());
756 TestLoadTimingInfoNoDns(handle);
757 }
758
759 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
760 MockWrite writes[] = {
761 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
762 "Host: host\r\n"
763 "Proxy-Connection: keep-alive\r\n\r\n"),
764 };
765 MockRead reads[] = {
766 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
767 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
768 MockRead("Content-Length: 10\r\n\r\n"),
769 MockRead("0123456789"),
770 };
771 StaticSocketDataProvider data(reads, arraysize(reads), writes,
772 arraysize(writes));
773 socket_factory_.AddSocketDataProvider(&data);
774 SSLSocketDataProvider ssl(ASYNC, OK);
775 socket_factory_.AddSSLSocketDataProvider(&ssl);
776
777 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
778 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
779 false);
780
781 ClientSocketHandle handle;
782 TestCompletionCallback callback;
783 int rv = handle.Init(
784 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
785 EXPECT_EQ(ERR_IO_PENDING, rv);
786 EXPECT_FALSE(handle.is_initialized());
787 EXPECT_FALSE(handle.socket());
788
789 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
790 EXPECT_FALSE(handle.is_initialized());
791 EXPECT_FALSE(handle.socket());
792 EXPECT_FALSE(handle.is_ssl_error());
793 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
794 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
795 scoped_ptr<ClientSocketHandle> tunnel_handle(
796 handle.release_pending_http_proxy_connection());
797 EXPECT_TRUE(tunnel_handle->socket());
798 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
799 }
800
801 TEST_P(SSLClientSocketPoolTest, IPPooling) {
802 const int kTestPort = 80;
803 struct TestHosts {
804 std::string name;
805 std::string iplist;
806 SpdySessionKey key;
807 AddressList addresses;
808 } test_hosts[] = {
809 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
810 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
811 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
812 };
813
814 host_resolver_.set_synchronous_mode(true);
815 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
816 host_resolver_.rules()->AddIPLiteralRule(
817 test_hosts[i].name, test_hosts[i].iplist, std::string());
818
819 // This test requires that the HostResolver cache be populated. Normal
820 // code would have done this already, but we do it manually.
821 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
822 host_resolver_.Resolve(info,
823 DEFAULT_PRIORITY,
824 &test_hosts[i].addresses,
825 CompletionCallback(),
826 NULL,
827 BoundNetLog());
828
829 // Setup a SpdySessionKey
830 test_hosts[i].key = SpdySessionKey(
831 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
832 PRIVACY_MODE_DISABLED);
833 }
834
835 MockRead reads[] = {
836 MockRead(ASYNC, ERR_IO_PENDING),
837 };
838 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
839 socket_factory_.AddSocketDataProvider(&data);
840 SSLSocketDataProvider ssl(ASYNC, OK);
841 ssl.cert = X509Certificate::CreateFromBytes(
842 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
843 ssl.SetNextProto(GetParam());
844 socket_factory_.AddSSLSocketDataProvider(&ssl);
845
846 CreatePool(true /* tcp pool */, false, false);
847 base::WeakPtr<SpdySession> spdy_session =
848 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
849
850 EXPECT_TRUE(
851 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
852 EXPECT_FALSE(
853 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
854 EXPECT_TRUE(
855 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
856
857 session_->spdy_session_pool()->CloseAllSessions();
858 }
859
860 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
861 SSLSocketDataProvider* ssl) {
862 const int kTestPort = 80;
863 struct TestHosts {
864 std::string name;
865 std::string iplist;
866 SpdySessionKey key;
867 AddressList addresses;
868 } test_hosts[] = {
869 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
870 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
871 };
872
873 TestCompletionCallback callback;
874 int rv;
875 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
876 host_resolver_.rules()->AddIPLiteralRule(
877 test_hosts[i].name, test_hosts[i].iplist, std::string());
878
879 // This test requires that the HostResolver cache be populated. Normal
880 // code would have done this already, but we do it manually.
881 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
882 rv = host_resolver_.Resolve(info,
883 DEFAULT_PRIORITY,
884 &test_hosts[i].addresses,
885 callback.callback(),
886 NULL,
887 BoundNetLog());
888 EXPECT_EQ(OK, callback.GetResult(rv));
889
890 // Setup a SpdySessionKey
891 test_hosts[i].key = SpdySessionKey(
892 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
893 PRIVACY_MODE_DISABLED);
894 }
895
896 MockRead reads[] = {
897 MockRead(ASYNC, ERR_IO_PENDING),
898 };
899 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
900 socket_factory_.AddSocketDataProvider(&data);
901 socket_factory_.AddSSLSocketDataProvider(ssl);
902
903 CreatePool(true /* tcp pool */, false, false);
904 base::WeakPtr<SpdySession> spdy_session =
905 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
906
907 EXPECT_TRUE(
908 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
909 EXPECT_FALSE(
910 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
911
912 session_->spdy_session_pool()->CloseAllSessions();
913 }
914
915 // Verifies that an SSL connection with client authentication disables SPDY IP
916 // pooling.
917 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
918 SSLSocketDataProvider ssl(ASYNC, OK);
919 ssl.cert = X509Certificate::CreateFromBytes(
920 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
921 ssl.client_cert_sent = true;
922 ssl.SetNextProto(GetParam());
923 TestIPPoolingDisabled(&ssl);
924 }
925
926 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
927 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
928 SSLSocketDataProvider ssl(ASYNC, OK);
929 ssl.channel_id_sent = true;
930 ssl.SetNextProto(GetParam());
931 TestIPPoolingDisabled(&ssl);
932 }
933
934 // It would be nice to also test the timeouts in SSLClientSocketPool.
935
936 } // namespace
937
938 } // namespace net