1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ 6 #define NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ 7 8 #include <string> 9 #include <utility> 10 #include <vector> 11 12 #include "base/compiler_specific.h" 13 #include "base/files/file_path.h" 14 #include "base/memory/scoped_ptr.h" 15 #include "net/base/host_port_pair.h" 16 17 class GURL; 18 19 namespace base { 20 class DictionaryValue; 21 } 22 23 namespace net { 24 25 class AddressList; 26 class ScopedPortException; 27 28 // The base class of Test server implementation. 29 class BaseTestServer { 30 public: 31 typedef std::pair<std::string, std::string> StringPair; 32 33 // Following types represent protocol schemes. See also 34 // http://www.iana.org/assignments/uri-schemes.html 35 enum Type { 36 TYPE_BASIC_AUTH_PROXY, 37 TYPE_FTP, 38 TYPE_HTTP, 39 TYPE_HTTPS, 40 TYPE_WS, 41 TYPE_WSS, 42 TYPE_TCP_ECHO, 43 TYPE_UDP_ECHO, 44 }; 45 46 // Container for various options to control how the HTTPS or WSS server is 47 // initialized. 48 struct SSLOptions { 49 enum ServerCertificate { 50 CERT_OK, 51 52 // CERT_AUTO causes the testserver to generate a test certificate issued 53 // by "Testing CA" (see net/data/ssl/certificates/ocsp-test-root.pem). 54 CERT_AUTO, 55 56 CERT_MISMATCHED_NAME, 57 CERT_EXPIRED, 58 // Cross-signed certificate to test PKIX path building. Contains an 59 // intermediate cross-signed by an unknown root, while the client (via 60 // TestRootStore) is expected to have a self-signed version of the 61 // intermediate. 62 CERT_CHAIN_WRONG_ROOT, 63 }; 64 65 // OCSPStatus enumerates the types of OCSP response that the testserver 66 // can produce. 67 enum OCSPStatus { 68 OCSP_OK, 69 OCSP_REVOKED, 70 OCSP_INVALID, 71 OCSP_UNAUTHORIZED, 72 OCSP_UNKNOWN, 73 }; 74 75 // Bitmask of bulk encryption algorithms that the test server supports 76 // and that can be selectively enabled or disabled. 77 enum BulkCipher { 78 // Special value used to indicate that any algorithm the server supports 79 // is acceptable. Preferred over explicitly OR-ing all ciphers. 80 BULK_CIPHER_ANY = 0, 81 82 BULK_CIPHER_RC4 = (1 << 0), 83 BULK_CIPHER_AES128 = (1 << 1), 84 BULK_CIPHER_AES256 = (1 << 2), 85 86 // NOTE: 3DES support in the Python test server has external 87 // dependencies and not be available on all machines. Clients may not 88 // be able to connect if only 3DES is specified. 89 BULK_CIPHER_3DES = (1 << 3), 90 }; 91 92 // NOTE: the values of these enumerators are passed to the the Python test 93 // server. Do not change them. 94 enum TLSIntolerantLevel { 95 TLS_INTOLERANT_NONE = 0, 96 TLS_INTOLERANT_ALL = 1, // Intolerant of all TLS versions. 97 TLS_INTOLERANT_TLS1_1 = 2, // Intolerant of TLS 1.1 or higher. 98 TLS_INTOLERANT_TLS1_2 = 3, // Intolerant of TLS 1.2 or higher. 99 }; 100 101 // Initialize a new SSLOptions using CERT_OK as the certificate. 102 SSLOptions(); 103 104 // Initialize a new SSLOptions that will use the specified certificate. 105 explicit SSLOptions(ServerCertificate cert); 106 ~SSLOptions(); 107 108 // Returns the relative filename of the file that contains the 109 // |server_certificate|. 110 base::FilePath GetCertificateFile() const; 111 112 // GetOCSPArgument returns the value of any OCSP argument to testserver or 113 // the empty string if there is none. 114 std::string GetOCSPArgument() const; 115 116 // The certificate to use when serving requests. 117 ServerCertificate server_certificate; 118 119 // If |server_certificate==CERT_AUTO| then this determines the type of OCSP 120 // response returned. 121 OCSPStatus ocsp_status; 122 123 // If not zero, |cert_serial| will be the serial number of the 124 // auto-generated leaf certificate when |server_certificate==CERT_AUTO|. 125 uint64 cert_serial; 126 127 // True if a CertificateRequest should be sent to the client during 128 // handshaking. 129 bool request_client_certificate; 130 131 // If |request_client_certificate| is true, an optional list of files, 132 // each containing a single, PEM-encoded X.509 certificates. The subject 133 // from each certificate will be added to the certificate_authorities 134 // field of the CertificateRequest. 135 std::vector<base::FilePath> client_authorities; 136 137 // A bitwise-OR of BulkCipher that should be used by the 138 // HTTPS server, or BULK_CIPHER_ANY to indicate that all implemented 139 // ciphers are acceptable. 140 int bulk_ciphers; 141 142 // If true, pass the --https-record-resume argument to testserver.py which 143 // causes it to log session cache actions and echo the log on 144 // /ssl-session-cache. 145 bool record_resume; 146 147 // If not TLS_INTOLERANT_NONE, the server will abort any handshake that 148 // negotiates an intolerant TLS version in order to test version fallback. 149 TLSIntolerantLevel tls_intolerant; 150 }; 151 152 // Pass as the 'host' parameter during construction to server on 127.0.0.1 153 static const char kLocalhost[]; 154 155 // Initialize a TestServer listening on a specific host (IP or hostname). 156 BaseTestServer(Type type, const std::string& host); 157 158 // Initialize a TestServer with a specific set of SSLOptions for HTTPS or WSS. 159 explicit BaseTestServer(Type type, const SSLOptions& ssl_options); 160 161 // Returns the host port pair used by current Python based test server only 162 // if the server is started. 163 const HostPortPair& host_port_pair() const; 164 165 const base::FilePath& document_root() const { return document_root_; } 166 const base::DictionaryValue& server_data() const; 167 std::string GetScheme() const; 168 bool GetAddressList(AddressList* address_list) const WARN_UNUSED_RESULT; 169 170 GURL GetURL(const std::string& path) const; 171 172 GURL GetURLWithUser(const std::string& path, 173 const std::string& user) const; 174 175 GURL GetURLWithUserAndPassword(const std::string& path, 176 const std::string& user, 177 const std::string& password) const; 178 179 static bool GetFilePathWithReplacements( 180 const std::string& original_path, 181 const std::vector<StringPair>& text_to_replace, 182 std::string* replacement_path); 183 184 static bool UsingSSL(Type type) { 185 return type == BaseTestServer::TYPE_HTTPS || 186 type == BaseTestServer::TYPE_WSS; 187 } 188 189 protected: 190 virtual ~BaseTestServer(); 191 Type type() const { return type_; } 192 193 // Gets port currently assigned to host_port_pair_ without checking 194 // whether it's available (server started) or not. 195 uint16 GetPort(); 196 197 // Sets |port| as the actual port used by Python based test server. 198 void SetPort(uint16 port); 199 200 // Set up internal status when the server is started. 201 bool SetupWhenServerStarted() WARN_UNUSED_RESULT; 202 203 // Clean up internal status when starting to stop server. 204 void CleanUpWhenStoppingServer(); 205 206 // Set path of test resources. 207 void SetResourcePath(const base::FilePath& document_root, 208 const base::FilePath& certificates_dir); 209 210 // Parses the server data read from the test server. Returns true 211 // on success. 212 bool ParseServerData(const std::string& server_data) WARN_UNUSED_RESULT; 213 214 // Generates a DictionaryValue with the arguments for launching the external 215 // Python test server. 216 bool GenerateArguments(base::DictionaryValue* arguments) const 217 WARN_UNUSED_RESULT; 218 219 // Subclasses can override this to add arguments that are specific to their 220 // own test servers. 221 virtual bool GenerateAdditionalArguments( 222 base::DictionaryValue* arguments) const WARN_UNUSED_RESULT; 223 224 private: 225 void Init(const std::string& host); 226 227 // Marks the root certificate of an HTTPS test server as trusted for 228 // the duration of tests. 229 bool LoadTestRootCert() const WARN_UNUSED_RESULT; 230 231 // Document root of the test server. 232 base::FilePath document_root_; 233 234 // Directory that contains the SSL certificates. 235 base::FilePath certificates_dir_; 236 237 // Address the test server listens on. 238 HostPortPair host_port_pair_; 239 240 // Holds the data sent from the server (e.g., port number). 241 scoped_ptr<base::DictionaryValue> server_data_; 242 243 // If |type_| is TYPE_HTTPS or TYPE_WSS, the TLS settings to use for the test 244 // server. 245 SSLOptions ssl_options_; 246 247 Type type_; 248 249 // Has the server been started? 250 bool started_; 251 252 // Enables logging of the server to the console. 253 bool log_to_console_; 254 255 scoped_ptr<ScopedPortException> allowed_port_; 256 257 DISALLOW_COPY_AND_ASSIGN(BaseTestServer); 258 }; 259 260 } // namespace net 261 262 #endif // NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ 263 264
