search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[Android] Lint pylib/host_driven.
[chromium-blink-merge.git] / net / socket / ssl_client_socket_pool_unittest.cc
blobb6522796c609d81acf52d68aabc6cc255db4b33b
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_proxy_client_socket_pool.h"
6
7 #include "base/callback.h"
8 #include "base/compiler_specific.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "net/base/auth.h"
13 #include "net/base/load_timing_info.h"
14 #include "net/base/load_timing_info_test_util.h"
15 #include "net/base/net_errors.h"
16 #include "net/base/test_completion_callback.h"
17 #include "net/cert/cert_verifier.h"
18 #include "net/dns/mock_host_resolver.h"
19 #include "net/http/http_auth_handler_factory.h"
20 #include "net/http/http_network_session.h"
21 #include "net/http/http_request_headers.h"
22 #include "net/http/http_response_headers.h"
23 #include "net/http/http_server_properties_impl.h"
24 #include "net/proxy/proxy_service.h"
25 #include "net/socket/client_socket_handle.h"
26 #include "net/socket/client_socket_pool_histograms.h"
27 #include "net/socket/next_proto.h"
28 #include "net/socket/socket_test_util.h"
29 #include "net/spdy/spdy_session.h"
30 #include "net/spdy/spdy_session_pool.h"
31 #include "net/spdy/spdy_test_util_common.h"
32 #include "net/ssl/ssl_config_service_defaults.h"
33 #include "net/test/test_certificate_data.h"
34 #include "testing/gtest/include/gtest/gtest.h"
35
36 namespace net {
37
38 namespace {
39
40 const int kMaxSockets = 32;
41 const int kMaxSocketsPerGroup = 6;
42
43 // Make sure |handle|'s load times are set correctly. DNS and connect start
44 // times comes from mock client sockets in these tests, so primarily serves to
45 // check those times were copied, and ssl times / connect end are set correctly.
46 void TestLoadTimingInfo(const ClientSocketHandle& handle) {
47 LoadTimingInfo load_timing_info;
48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
49
50 EXPECT_FALSE(load_timing_info.socket_reused);
51 // None of these tests use a NetLog.
52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
53
54 ExpectConnectTimingHasTimes(
55 load_timing_info.connect_timing,
56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES);
57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
58 }
59
60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for
61 // tests over proxies that do DNS lookups themselves.
62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) {
63 LoadTimingInfo load_timing_info;
64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info));
65
66 // None of these tests use a NetLog.
67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id);
68
69 EXPECT_FALSE(load_timing_info.socket_reused);
70
71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing,
72 CONNECT_TIMING_HAS_SSL_TIMES);
73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info);
74 }
75
76 class SSLClientSocketPoolTest
77 : public testing::Test,
78 public ::testing::WithParamInterface<NextProto> {
79 protected:
80 SSLClientSocketPoolTest()
81 : proxy_service_(ProxyService::CreateDirect()),
82 ssl_config_service_(new SSLConfigServiceDefaults),
83 http_auth_handler_factory_(
84 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)),
85 session_(CreateNetworkSession()),
86 direct_transport_socket_params_(
87 new TransportSocketParams(HostPortPair("host", 443),
88 false,
89 false,
90 OnHostResolutionCallback())),
91 transport_histograms_("MockTCP"),
92 transport_socket_pool_(kMaxSockets,
93 kMaxSocketsPerGroup,
94 &transport_histograms_,
95 &socket_factory_),
96 proxy_transport_socket_params_(
97 new TransportSocketParams(HostPortPair("proxy", 443),
98 false,
99 false,
100 OnHostResolutionCallback())),
101 socks_socket_params_(
102 new SOCKSSocketParams(proxy_transport_socket_params_,
103 true,
104 HostPortPair("sockshost", 443))),
105 socks_histograms_("MockSOCKS"),
106 socks_socket_pool_(kMaxSockets,
107 kMaxSocketsPerGroup,
108 &socks_histograms_,
109 &transport_socket_pool_),
110 http_proxy_socket_params_(
111 new HttpProxySocketParams(proxy_transport_socket_params_,
112 NULL,
113 GURL("http://host"),
114 std::string(),
115 HostPortPair("host", 80),
116 session_->http_auth_cache(),
117 session_->http_auth_handler_factory(),
118 session_->spdy_session_pool(),
119 true)),
120 http_proxy_histograms_("MockHttpProxy"),
121 http_proxy_socket_pool_(kMaxSockets,
122 kMaxSocketsPerGroup,
123 &http_proxy_histograms_,
124 &host_resolver_,
125 &transport_socket_pool_,
126 NULL,
127 NULL) {
128 scoped_refptr<SSLConfigService> ssl_config_service(
129 new SSLConfigServiceDefaults);
130 ssl_config_service->GetSSLConfig(&ssl_config_);
131 }
132
133 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) {
134 ssl_histograms_.reset(new ClientSocketPoolHistograms("SSLUnitTest"));
135 pool_.reset(new SSLClientSocketPool(
136 kMaxSockets,
137 kMaxSocketsPerGroup,
138 ssl_histograms_.get(),
139 NULL /* host_resolver */,
140 NULL /* cert_verifier */,
141 NULL /* server_bound_cert_service */,
142 NULL /* transport_security_state */,
143 NULL /* cert_transparency_verifier */,
144 std::string() /* ssl_session_cache_shard */,
145 &socket_factory_,
146 transport_pool ? &transport_socket_pool_ : NULL,
147 socks_pool ? &socks_socket_pool_ : NULL,
148 http_proxy_pool ? &http_proxy_socket_pool_ : NULL,
149 NULL,
150 NULL));
151 }
152
153 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy,
154 bool want_spdy_over_npn) {
155 return make_scoped_refptr(new SSLSocketParams(
156 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_
157 : NULL,
158 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL,
159 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL,
160 HostPortPair("host", 443),
161 ssl_config_,
162 kPrivacyModeDisabled,
163 0,
164 false,
165 want_spdy_over_npn));
166 }
167
168 void AddAuthToCache() {
169 const base::string16 kFoo(base::ASCIIToUTF16("foo"));
170 const base::string16 kBar(base::ASCIIToUTF16("bar"));
171 session_->http_auth_cache()->Add(GURL("http://proxy:443/"),
172 "MyRealm1",
173 HttpAuth::AUTH_SCHEME_BASIC,
174 "Basic realm=MyRealm1",
175 AuthCredentials(kFoo, kBar),
176 "/");
177 }
178
179 HttpNetworkSession* CreateNetworkSession() {
180 HttpNetworkSession::Params params;
181 params.host_resolver = &host_resolver_;
182 params.cert_verifier = cert_verifier_.get();
183 params.transport_security_state = transport_security_state_.get();
184 params.proxy_service = proxy_service_.get();
185 params.client_socket_factory = &socket_factory_;
186 params.ssl_config_service = ssl_config_service_.get();
187 params.http_auth_handler_factory = http_auth_handler_factory_.get();
188 params.http_server_properties =
189 http_server_properties_.GetWeakPtr();
190 params.enable_spdy_compression = false;
191 params.spdy_default_protocol = GetParam();
192 return new HttpNetworkSession(params);
193 }
194
195 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl);
196
197 MockClientSocketFactory socket_factory_;
198 MockCachingHostResolver host_resolver_;
199 scoped_ptr<CertVerifier> cert_verifier_;
200 scoped_ptr<TransportSecurityState> transport_security_state_;
201 const scoped_ptr<ProxyService> proxy_service_;
202 const scoped_refptr<SSLConfigService> ssl_config_service_;
203 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_;
204 HttpServerPropertiesImpl http_server_properties_;
205 const scoped_refptr<HttpNetworkSession> session_;
206
207 scoped_refptr<TransportSocketParams> direct_transport_socket_params_;
208 ClientSocketPoolHistograms transport_histograms_;
209 MockTransportClientSocketPool transport_socket_pool_;
210
211 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_;
212
213 scoped_refptr<SOCKSSocketParams> socks_socket_params_;
214 ClientSocketPoolHistograms socks_histograms_;
215 MockSOCKSClientSocketPool socks_socket_pool_;
216
217 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_;
218 ClientSocketPoolHistograms http_proxy_histograms_;
219 HttpProxyClientSocketPool http_proxy_socket_pool_;
220
221 SSLConfig ssl_config_;
222 scoped_ptr<ClientSocketPoolHistograms> ssl_histograms_;
223 scoped_ptr<SSLClientSocketPool> pool_;
224 };
225
226 INSTANTIATE_TEST_CASE_P(
227 NextProto,
228 SSLClientSocketPoolTest,
229 testing::Values(kProtoDeprecatedSPDY2,
230 kProtoSPDY3, kProtoSPDY31, kProtoSPDY4a2,
231 kProtoHTTP2Draft04));
232
233 TEST_P(SSLClientSocketPoolTest, TCPFail) {
234 StaticSocketDataProvider data;
235 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
236 socket_factory_.AddSocketDataProvider(&data);
237
238 CreatePool(true /* tcp pool */, false, false);
239 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
240 false);
241
242 ClientSocketHandle handle;
243 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(),
244 BoundNetLog());
245 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
246 EXPECT_FALSE(handle.is_initialized());
247 EXPECT_FALSE(handle.socket());
248 EXPECT_FALSE(handle.is_ssl_error());
249 }
250
251 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) {
252 StaticSocketDataProvider data;
253 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
254 socket_factory_.AddSocketDataProvider(&data);
255
256 CreatePool(true /* tcp pool */, false, false);
257 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
258 false);
259
260 ClientSocketHandle handle;
261 TestCompletionCallback callback;
262 int rv = handle.Init(
263 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
264 EXPECT_EQ(ERR_IO_PENDING, rv);
265 EXPECT_FALSE(handle.is_initialized());
266 EXPECT_FALSE(handle.socket());
267
268 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
269 EXPECT_FALSE(handle.is_initialized());
270 EXPECT_FALSE(handle.socket());
271 EXPECT_FALSE(handle.is_ssl_error());
272 }
273
274 TEST_P(SSLClientSocketPoolTest, BasicDirect) {
275 StaticSocketDataProvider data;
276 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
277 socket_factory_.AddSocketDataProvider(&data);
278 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
279 socket_factory_.AddSSLSocketDataProvider(&ssl);
280
281 CreatePool(true /* tcp pool */, false, false);
282 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
283 false);
284
285 ClientSocketHandle handle;
286 TestCompletionCallback callback;
287 int rv = handle.Init(
288 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
289 EXPECT_EQ(OK, rv);
290 EXPECT_TRUE(handle.is_initialized());
291 EXPECT_TRUE(handle.socket());
292 TestLoadTimingInfo(handle);
293 }
294
295 // Make sure that SSLConnectJob passes on its priority to its
296 // socket request on Init (for the DIRECT case).
297 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) {
298 CreatePool(true /* tcp pool */, false, false);
299 scoped_refptr<SSLSocketParams> params =
300 SSLParams(ProxyServer::SCHEME_DIRECT, false);
301
302 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) {
303 RequestPriority priority = static_cast<RequestPriority>(i);
304 StaticSocketDataProvider data;
305 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
306 socket_factory_.AddSocketDataProvider(&data);
307 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
308 socket_factory_.AddSSLSocketDataProvider(&ssl);
309
310 ClientSocketHandle handle;
311 TestCompletionCallback callback;
312 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(),
313 pool_.get(), BoundNetLog()));
314 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority());
315 handle.socket()->Disconnect();
316 }
317 }
318
319 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) {
320 StaticSocketDataProvider data;
321 socket_factory_.AddSocketDataProvider(&data);
322 SSLSocketDataProvider ssl(ASYNC, OK);
323 socket_factory_.AddSSLSocketDataProvider(&ssl);
324
325 CreatePool(true /* tcp pool */, false, false);
326 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
327 false);
328
329 ClientSocketHandle handle;
330 TestCompletionCallback callback;
331 int rv = handle.Init(
332 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
333 EXPECT_EQ(ERR_IO_PENDING, rv);
334 EXPECT_FALSE(handle.is_initialized());
335 EXPECT_FALSE(handle.socket());
336
337 EXPECT_EQ(OK, callback.WaitForResult());
338 EXPECT_TRUE(handle.is_initialized());
339 EXPECT_TRUE(handle.socket());
340 TestLoadTimingInfo(handle);
341 }
342
343 TEST_P(SSLClientSocketPoolTest, DirectCertError) {
344 StaticSocketDataProvider data;
345 socket_factory_.AddSocketDataProvider(&data);
346 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID);
347 socket_factory_.AddSSLSocketDataProvider(&ssl);
348
349 CreatePool(true /* tcp pool */, false, false);
350 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
351 false);
352
353 ClientSocketHandle handle;
354 TestCompletionCallback callback;
355 int rv = handle.Init(
356 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
357 EXPECT_EQ(ERR_IO_PENDING, rv);
358 EXPECT_FALSE(handle.is_initialized());
359 EXPECT_FALSE(handle.socket());
360
361 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult());
362 EXPECT_TRUE(handle.is_initialized());
363 EXPECT_TRUE(handle.socket());
364 TestLoadTimingInfo(handle);
365 }
366
367 TEST_P(SSLClientSocketPoolTest, DirectSSLError) {
368 StaticSocketDataProvider data;
369 socket_factory_.AddSocketDataProvider(&data);
370 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR);
371 socket_factory_.AddSSLSocketDataProvider(&ssl);
372
373 CreatePool(true /* tcp pool */, false, false);
374 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
375 false);
376
377 ClientSocketHandle handle;
378 TestCompletionCallback callback;
379 int rv = handle.Init(
380 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
381 EXPECT_EQ(ERR_IO_PENDING, rv);
382 EXPECT_FALSE(handle.is_initialized());
383 EXPECT_FALSE(handle.socket());
384
385 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult());
386 EXPECT_FALSE(handle.is_initialized());
387 EXPECT_FALSE(handle.socket());
388 EXPECT_TRUE(handle.is_ssl_error());
389 }
390
391 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) {
392 StaticSocketDataProvider data;
393 socket_factory_.AddSocketDataProvider(&data);
394 SSLSocketDataProvider ssl(ASYNC, OK);
395 ssl.SetNextProto(kProtoHTTP11);
396 socket_factory_.AddSSLSocketDataProvider(&ssl);
397
398 CreatePool(true /* tcp pool */, false, false);
399 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
400 false);
401
402 ClientSocketHandle handle;
403 TestCompletionCallback callback;
404 int rv = handle.Init(
405 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
406 EXPECT_EQ(ERR_IO_PENDING, rv);
407 EXPECT_FALSE(handle.is_initialized());
408 EXPECT_FALSE(handle.socket());
409
410 EXPECT_EQ(OK, callback.WaitForResult());
411 EXPECT_TRUE(handle.is_initialized());
412 EXPECT_TRUE(handle.socket());
413 TestLoadTimingInfo(handle);
414 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
415 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
416 }
417
418 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) {
419 StaticSocketDataProvider data;
420 socket_factory_.AddSocketDataProvider(&data);
421 SSLSocketDataProvider ssl(ASYNC, OK);
422 ssl.SetNextProto(kProtoHTTP11);
423 socket_factory_.AddSSLSocketDataProvider(&ssl);
424
425 CreatePool(true /* tcp pool */, false, false);
426 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
427 true);
428
429 ClientSocketHandle handle;
430 TestCompletionCallback callback;
431 int rv = handle.Init(
432 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
433 EXPECT_EQ(ERR_IO_PENDING, rv);
434 EXPECT_FALSE(handle.is_initialized());
435 EXPECT_FALSE(handle.socket());
436
437 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult());
438 EXPECT_FALSE(handle.is_initialized());
439 EXPECT_FALSE(handle.socket());
440 EXPECT_TRUE(handle.is_ssl_error());
441 }
442
443 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) {
444 StaticSocketDataProvider data;
445 socket_factory_.AddSocketDataProvider(&data);
446 SSLSocketDataProvider ssl(ASYNC, OK);
447 ssl.SetNextProto(GetParam());
448 socket_factory_.AddSSLSocketDataProvider(&ssl);
449
450 CreatePool(true /* tcp pool */, false, false);
451 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
452 true);
453
454 ClientSocketHandle handle;
455 TestCompletionCallback callback;
456 int rv = handle.Init(
457 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
458 EXPECT_EQ(ERR_IO_PENDING, rv);
459 EXPECT_FALSE(handle.is_initialized());
460 EXPECT_FALSE(handle.socket());
461
462 EXPECT_EQ(OK, callback.WaitForResult());
463 EXPECT_TRUE(handle.is_initialized());
464 EXPECT_TRUE(handle.socket());
465 TestLoadTimingInfo(handle);
466
467 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
468 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
469 std::string proto;
470 std::string server_protos;
471 ssl_socket->GetNextProto(&proto, &server_protos);
472 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
473 }
474
475 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) {
476 StaticSocketDataProvider data;
477 socket_factory_.AddSocketDataProvider(&data);
478 SSLSocketDataProvider ssl(ASYNC, OK);
479 ssl.SetNextProto(GetParam());
480 socket_factory_.AddSSLSocketDataProvider(&ssl);
481
482 CreatePool(true /* tcp pool */, false, false);
483 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT,
484 true);
485
486 ClientSocketHandle handle;
487 TestCompletionCallback callback;
488 int rv = handle.Init(
489 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
490 EXPECT_EQ(ERR_IO_PENDING, rv);
491 EXPECT_FALSE(handle.is_initialized());
492 EXPECT_FALSE(handle.socket());
493
494 EXPECT_EQ(OK, callback.WaitForResult());
495 EXPECT_TRUE(handle.is_initialized());
496 EXPECT_TRUE(handle.socket());
497 TestLoadTimingInfo(handle);
498
499 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket());
500 EXPECT_TRUE(ssl_socket->WasNpnNegotiated());
501 std::string proto;
502 std::string server_protos;
503 ssl_socket->GetNextProto(&proto, &server_protos);
504 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto));
505 }
506
507 TEST_P(SSLClientSocketPoolTest, SOCKSFail) {
508 StaticSocketDataProvider data;
509 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
510 socket_factory_.AddSocketDataProvider(&data);
511
512 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
513 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
514 false);
515
516 ClientSocketHandle handle;
517 TestCompletionCallback callback;
518 int rv = handle.Init(
519 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
520 EXPECT_EQ(ERR_CONNECTION_FAILED, rv);
521 EXPECT_FALSE(handle.is_initialized());
522 EXPECT_FALSE(handle.socket());
523 EXPECT_FALSE(handle.is_ssl_error());
524 }
525
526 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) {
527 StaticSocketDataProvider data;
528 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
529 socket_factory_.AddSocketDataProvider(&data);
530
531 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
532 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
533 false);
534
535 ClientSocketHandle handle;
536 TestCompletionCallback callback;
537 int rv = handle.Init(
538 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
539 EXPECT_EQ(ERR_IO_PENDING, rv);
540 EXPECT_FALSE(handle.is_initialized());
541 EXPECT_FALSE(handle.socket());
542
543 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult());
544 EXPECT_FALSE(handle.is_initialized());
545 EXPECT_FALSE(handle.socket());
546 EXPECT_FALSE(handle.is_ssl_error());
547 }
548
549 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) {
550 StaticSocketDataProvider data;
551 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
552 socket_factory_.AddSocketDataProvider(&data);
553 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
554 socket_factory_.AddSSLSocketDataProvider(&ssl);
555
556 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
557 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
558 false);
559
560 ClientSocketHandle handle;
561 TestCompletionCallback callback;
562 int rv = handle.Init(
563 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
564 EXPECT_EQ(OK, rv);
565 EXPECT_TRUE(handle.is_initialized());
566 EXPECT_TRUE(handle.socket());
567 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
568 // don't go through the real logic, unlike in the HTTP proxy tests.
569 TestLoadTimingInfo(handle);
570 }
571
572 // Make sure that SSLConnectJob passes on its priority to its
573 // transport socket on Init (for the SOCKS_PROXY case).
574 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) {
575 StaticSocketDataProvider data;
576 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
577 socket_factory_.AddSocketDataProvider(&data);
578 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
579 socket_factory_.AddSSLSocketDataProvider(&ssl);
580
581 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
582 scoped_refptr<SSLSocketParams> params =
583 SSLParams(ProxyServer::SCHEME_SOCKS5, false);
584
585 ClientSocketHandle handle;
586 TestCompletionCallback callback;
587 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
588 pool_.get(), BoundNetLog()));
589 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
590 }
591
592 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) {
593 StaticSocketDataProvider data;
594 socket_factory_.AddSocketDataProvider(&data);
595 SSLSocketDataProvider ssl(ASYNC, OK);
596 socket_factory_.AddSSLSocketDataProvider(&ssl);
597
598 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
599 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5,
600 false);
601
602 ClientSocketHandle handle;
603 TestCompletionCallback callback;
604 int rv = handle.Init(
605 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
606 EXPECT_EQ(ERR_IO_PENDING, rv);
607 EXPECT_FALSE(handle.is_initialized());
608 EXPECT_FALSE(handle.socket());
609
610 EXPECT_EQ(OK, callback.WaitForResult());
611 EXPECT_TRUE(handle.is_initialized());
612 EXPECT_TRUE(handle.socket());
613 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here
614 // don't go through the real logic, unlike in the HTTP proxy tests.
615 TestLoadTimingInfo(handle);
616 }
617
618 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) {
619 StaticSocketDataProvider data;
620 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED));
621 socket_factory_.AddSocketDataProvider(&data);
622
623 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
624 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
625 false);
626
627 ClientSocketHandle handle;
628 TestCompletionCallback callback;
629 int rv = handle.Init(
630 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
631 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv);
632 EXPECT_FALSE(handle.is_initialized());
633 EXPECT_FALSE(handle.socket());
634 EXPECT_FALSE(handle.is_ssl_error());
635 }
636
637 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) {
638 StaticSocketDataProvider data;
639 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED));
640 socket_factory_.AddSocketDataProvider(&data);
641
642 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
643 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
644 false);
645
646 ClientSocketHandle handle;
647 TestCompletionCallback callback;
648 int rv = handle.Init(
649 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
650 EXPECT_EQ(ERR_IO_PENDING, rv);
651 EXPECT_FALSE(handle.is_initialized());
652 EXPECT_FALSE(handle.socket());
653
654 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult());
655 EXPECT_FALSE(handle.is_initialized());
656 EXPECT_FALSE(handle.socket());
657 EXPECT_FALSE(handle.is_ssl_error());
658 }
659
660 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) {
661 MockWrite writes[] = {
662 MockWrite(SYNCHRONOUS,
663 "CONNECT host:80 HTTP/1.1\r\n"
664 "Host: host\r\n"
665 "Proxy-Connection: keep-alive\r\n"
666 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
667 };
668 MockRead reads[] = {
669 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
670 };
671 StaticSocketDataProvider data(reads, arraysize(reads), writes,
672 arraysize(writes));
673 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
674 socket_factory_.AddSocketDataProvider(&data);
675 AddAuthToCache();
676 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
677 socket_factory_.AddSSLSocketDataProvider(&ssl);
678
679 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
680 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
681 false);
682
683 ClientSocketHandle handle;
684 TestCompletionCallback callback;
685 int rv = handle.Init(
686 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
687 EXPECT_EQ(OK, rv);
688 EXPECT_TRUE(handle.is_initialized());
689 EXPECT_TRUE(handle.socket());
690 TestLoadTimingInfoNoDns(handle);
691 }
692
693 // Make sure that SSLConnectJob passes on its priority to its
694 // transport socket on Init (for the HTTP_PROXY case).
695 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) {
696 MockWrite writes[] = {
697 MockWrite(SYNCHRONOUS,
698 "CONNECT host:80 HTTP/1.1\r\n"
699 "Host: host\r\n"
700 "Proxy-Connection: keep-alive\r\n"
701 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
702 };
703 MockRead reads[] = {
704 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"),
705 };
706 StaticSocketDataProvider data(reads, arraysize(reads), writes,
707 arraysize(writes));
708 data.set_connect_data(MockConnect(SYNCHRONOUS, OK));
709 socket_factory_.AddSocketDataProvider(&data);
710 AddAuthToCache();
711 SSLSocketDataProvider ssl(SYNCHRONOUS, OK);
712 socket_factory_.AddSSLSocketDataProvider(&ssl);
713
714 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
715 scoped_refptr<SSLSocketParams> params =
716 SSLParams(ProxyServer::SCHEME_HTTP, false);
717
718 ClientSocketHandle handle;
719 TestCompletionCallback callback;
720 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(),
721 pool_.get(), BoundNetLog()));
722 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority());
723 }
724
725 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) {
726 MockWrite writes[] = {
727 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
728 "Host: host\r\n"
729 "Proxy-Connection: keep-alive\r\n"
730 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"),
731 };
732 MockRead reads[] = {
733 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"),
734 };
735 StaticSocketDataProvider data(reads, arraysize(reads), writes,
736 arraysize(writes));
737 socket_factory_.AddSocketDataProvider(&data);
738 AddAuthToCache();
739 SSLSocketDataProvider ssl(ASYNC, OK);
740 socket_factory_.AddSSLSocketDataProvider(&ssl);
741
742 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
743 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
744 false);
745
746 ClientSocketHandle handle;
747 TestCompletionCallback callback;
748 int rv = handle.Init(
749 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
750 EXPECT_EQ(ERR_IO_PENDING, rv);
751 EXPECT_FALSE(handle.is_initialized());
752 EXPECT_FALSE(handle.socket());
753
754 EXPECT_EQ(OK, callback.WaitForResult());
755 EXPECT_TRUE(handle.is_initialized());
756 EXPECT_TRUE(handle.socket());
757 TestLoadTimingInfoNoDns(handle);
758 }
759
760 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) {
761 MockWrite writes[] = {
762 MockWrite("CONNECT host:80 HTTP/1.1\r\n"
763 "Host: host\r\n"
764 "Proxy-Connection: keep-alive\r\n\r\n"),
765 };
766 MockRead reads[] = {
767 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"),
768 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"),
769 MockRead("Content-Length: 10\r\n\r\n"),
770 MockRead("0123456789"),
771 };
772 StaticSocketDataProvider data(reads, arraysize(reads), writes,
773 arraysize(writes));
774 socket_factory_.AddSocketDataProvider(&data);
775 SSLSocketDataProvider ssl(ASYNC, OK);
776 socket_factory_.AddSSLSocketDataProvider(&ssl);
777
778 CreatePool(false, true /* http proxy pool */, true /* socks pool */);
779 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP,
780 false);
781
782 ClientSocketHandle handle;
783 TestCompletionCallback callback;
784 int rv = handle.Init(
785 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog());
786 EXPECT_EQ(ERR_IO_PENDING, rv);
787 EXPECT_FALSE(handle.is_initialized());
788 EXPECT_FALSE(handle.socket());
789
790 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult());
791 EXPECT_FALSE(handle.is_initialized());
792 EXPECT_FALSE(handle.socket());
793 EXPECT_FALSE(handle.is_ssl_error());
794 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info();
795 EXPECT_EQ(tunnel_info.headers->response_code(), 407);
796 scoped_ptr<ClientSocketHandle> tunnel_handle(
797 handle.release_pending_http_proxy_connection());
798 EXPECT_TRUE(tunnel_handle->socket());
799 EXPECT_FALSE(tunnel_handle->socket()->IsConnected());
800 }
801
802 TEST_P(SSLClientSocketPoolTest, IPPooling) {
803 const int kTestPort = 80;
804 struct TestHosts {
805 std::string name;
806 std::string iplist;
807 SpdySessionKey key;
808 AddressList addresses;
809 } test_hosts[] = {
810 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
811 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" },
812 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" },
813 };
814
815 host_resolver_.set_synchronous_mode(true);
816 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
817 host_resolver_.rules()->AddIPLiteralRule(
818 test_hosts[i].name, test_hosts[i].iplist, std::string());
819
820 // This test requires that the HostResolver cache be populated. Normal
821 // code would have done this already, but we do it manually.
822 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
823 host_resolver_.Resolve(info,
824 DEFAULT_PRIORITY,
825 &test_hosts[i].addresses,
826 CompletionCallback(),
827 NULL,
828 BoundNetLog());
829
830 // Setup a SpdySessionKey
831 test_hosts[i].key = SpdySessionKey(
832 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
833 kPrivacyModeDisabled);
834 }
835
836 MockRead reads[] = {
837 MockRead(ASYNC, ERR_IO_PENDING),
838 };
839 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
840 socket_factory_.AddSocketDataProvider(&data);
841 SSLSocketDataProvider ssl(ASYNC, OK);
842 ssl.cert = X509Certificate::CreateFromBytes(
843 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
844 ssl.SetNextProto(GetParam());
845 socket_factory_.AddSSLSocketDataProvider(&ssl);
846
847 CreatePool(true /* tcp pool */, false, false);
848 base::WeakPtr<SpdySession> spdy_session =
849 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
850
851 EXPECT_TRUE(
852 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
853 EXPECT_FALSE(
854 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
855 EXPECT_TRUE(
856 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key));
857
858 session_->spdy_session_pool()->CloseAllSessions();
859 }
860
861 void SSLClientSocketPoolTest::TestIPPoolingDisabled(
862 SSLSocketDataProvider* ssl) {
863 const int kTestPort = 80;
864 struct TestHosts {
865 std::string name;
866 std::string iplist;
867 SpdySessionKey key;
868 AddressList addresses;
869 } test_hosts[] = {
870 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" },
871 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" },
872 };
873
874 TestCompletionCallback callback;
875 int rv;
876 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) {
877 host_resolver_.rules()->AddIPLiteralRule(
878 test_hosts[i].name, test_hosts[i].iplist, std::string());
879
880 // This test requires that the HostResolver cache be populated. Normal
881 // code would have done this already, but we do it manually.
882 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort));
883 rv = host_resolver_.Resolve(info,
884 DEFAULT_PRIORITY,
885 &test_hosts[i].addresses,
886 callback.callback(),
887 NULL,
888 BoundNetLog());
889 EXPECT_EQ(OK, callback.GetResult(rv));
890
891 // Setup a SpdySessionKey
892 test_hosts[i].key = SpdySessionKey(
893 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(),
894 kPrivacyModeDisabled);
895 }
896
897 MockRead reads[] = {
898 MockRead(ASYNC, ERR_IO_PENDING),
899 };
900 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0);
901 socket_factory_.AddSocketDataProvider(&data);
902 socket_factory_.AddSSLSocketDataProvider(ssl);
903
904 CreatePool(true /* tcp pool */, false, false);
905 base::WeakPtr<SpdySession> spdy_session =
906 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog());
907
908 EXPECT_TRUE(
909 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key));
910 EXPECT_FALSE(
911 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key));
912
913 session_->spdy_session_pool()->CloseAllSessions();
914 }
915
916 // Verifies that an SSL connection with client authentication disables SPDY IP
917 // pooling.
918 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) {
919 SSLSocketDataProvider ssl(ASYNC, OK);
920 ssl.cert = X509Certificate::CreateFromBytes(
921 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der));
922 ssl.client_cert_sent = true;
923 ssl.SetNextProto(GetParam());
924 TestIPPoolingDisabled(&ssl);
925 }
926
927 // Verifies that an SSL connection with channel ID disables SPDY IP pooling.
928 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) {
929 SSLSocketDataProvider ssl(ASYNC, OK);
930 ssl.channel_id_sent = true;
931 ssl.SetNextProto(GetParam());
932 TestIPPoolingDisabled(&ssl);
933 }
934
935 // It would be nice to also test the timeouts in SSLClientSocketPool.
936
937 } // namespace
938
939 } // namespace net