1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/http/http_proxy_client_socket_pool.h" 6 7 #include "base/callback.h" 8 #include "base/compiler_specific.h" 9 #include "base/strings/string_util.h" 10 #include "base/strings/utf_string_conversions.h" 11 #include "base/time/time.h" 12 #include "net/base/auth.h" 13 #include "net/base/load_timing_info.h" 14 #include "net/base/load_timing_info_test_util.h" 15 #include "net/base/net_errors.h" 16 #include "net/base/test_completion_callback.h" 17 #include "net/cert/cert_verifier.h" 18 #include "net/dns/mock_host_resolver.h" 19 #include "net/http/http_auth_handler_factory.h" 20 #include "net/http/http_network_session.h" 21 #include "net/http/http_request_headers.h" 22 #include "net/http/http_response_headers.h" 23 #include "net/http/http_server_properties_impl.h" 24 #include "net/proxy/proxy_service.h" 25 #include "net/socket/client_socket_handle.h" 26 #include "net/socket/client_socket_pool_histograms.h" 27 #include "net/socket/next_proto.h" 28 #include "net/socket/socket_test_util.h" 29 #include "net/spdy/spdy_session.h" 30 #include "net/spdy/spdy_session_pool.h" 31 #include "net/spdy/spdy_test_util_common.h" 32 #include "net/ssl/ssl_config_service_defaults.h" 33 #include "net/test/test_certificate_data.h" 34 #include "testing/gtest/include/gtest/gtest.h" 35 36 namespace net { 37 38 namespace { 39 40 const int kMaxSockets = 32; 41 const int kMaxSocketsPerGroup = 6; 42 43 // Make sure |handle|'s load times are set correctly. DNS and connect start 44 // times comes from mock client sockets in these tests, so primarily serves to 45 // check those times were copied, and ssl times / connect end are set correctly. 46 void TestLoadTimingInfo(const ClientSocketHandle& handle) { 47 LoadTimingInfo load_timing_info; 48 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info)); 49 50 EXPECT_FALSE(load_timing_info.socket_reused); 51 // None of these tests use a NetLog. 52 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id); 53 54 ExpectConnectTimingHasTimes( 55 load_timing_info.connect_timing, 56 CONNECT_TIMING_HAS_SSL_TIMES | CONNECT_TIMING_HAS_DNS_TIMES); 57 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info); 58 } 59 60 // Just like TestLoadTimingInfo, except DNS times are expected to be null, for 61 // tests over proxies that do DNS lookups themselves. 62 void TestLoadTimingInfoNoDns(const ClientSocketHandle& handle) { 63 LoadTimingInfo load_timing_info; 64 EXPECT_TRUE(handle.GetLoadTimingInfo(false, &load_timing_info)); 65 66 // None of these tests use a NetLog. 67 EXPECT_EQ(NetLog::Source::kInvalidId, load_timing_info.socket_log_id); 68 69 EXPECT_FALSE(load_timing_info.socket_reused); 70 71 ExpectConnectTimingHasTimes(load_timing_info.connect_timing, 72 CONNECT_TIMING_HAS_SSL_TIMES); 73 ExpectLoadTimingHasOnlyConnectionTimes(load_timing_info); 74 } 75 76 class SSLClientSocketPoolTest 77 : public testing::Test, 78 public ::testing::WithParamInterface<NextProto> { 79 protected: 80 SSLClientSocketPoolTest() 81 : proxy_service_(ProxyService::CreateDirect()), 82 ssl_config_service_(new SSLConfigServiceDefaults), 83 http_auth_handler_factory_( 84 HttpAuthHandlerFactory::CreateDefault(&host_resolver_)), 85 session_(CreateNetworkSession()), 86 direct_transport_socket_params_( 87 new TransportSocketParams(HostPortPair("host", 443), 88 false, 89 false, 90 OnHostResolutionCallback())), 91 transport_histograms_("MockTCP"), 92 transport_socket_pool_(kMaxSockets, 93 kMaxSocketsPerGroup, 94 &transport_histograms_, 95 &socket_factory_), 96 proxy_transport_socket_params_( 97 new TransportSocketParams(HostPortPair("proxy", 443), 98 false, 99 false, 100 OnHostResolutionCallback())), 101 socks_socket_params_( 102 new SOCKSSocketParams(proxy_transport_socket_params_, 103 true, 104 HostPortPair("sockshost", 443))), 105 socks_histograms_("MockSOCKS"), 106 socks_socket_pool_(kMaxSockets, 107 kMaxSocketsPerGroup, 108 &socks_histograms_, 109 &transport_socket_pool_), 110 http_proxy_socket_params_( 111 new HttpProxySocketParams(proxy_transport_socket_params_, 112 NULL, 113 GURL("http://host"), 114 std::string(), 115 HostPortPair("host", 80), 116 session_->http_auth_cache(), 117 session_->http_auth_handler_factory(), 118 session_->spdy_session_pool(), 119 true)), 120 http_proxy_histograms_("MockHttpProxy"), 121 http_proxy_socket_pool_(kMaxSockets, 122 kMaxSocketsPerGroup, 123 &http_proxy_histograms_, 124 &host_resolver_, 125 &transport_socket_pool_, 126 NULL, 127 NULL) { 128 scoped_refptr<SSLConfigService> ssl_config_service( 129 new SSLConfigServiceDefaults); 130 ssl_config_service->GetSSLConfig(&ssl_config_); 131 } 132 133 void CreatePool(bool transport_pool, bool http_proxy_pool, bool socks_pool) { 134 ssl_histograms_.reset(new ClientSocketPoolHistograms("SSLUnitTest")); 135 pool_.reset(new SSLClientSocketPool( 136 kMaxSockets, 137 kMaxSocketsPerGroup, 138 ssl_histograms_.get(), 139 NULL /* host_resolver */, 140 NULL /* cert_verifier */, 141 NULL /* server_bound_cert_service */, 142 NULL /* transport_security_state */, 143 NULL /* cert_transparency_verifier */, 144 std::string() /* ssl_session_cache_shard */, 145 &socket_factory_, 146 transport_pool ? &transport_socket_pool_ : NULL, 147 socks_pool ? &socks_socket_pool_ : NULL, 148 http_proxy_pool ? &http_proxy_socket_pool_ : NULL, 149 NULL, 150 NULL)); 151 } 152 153 scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy, 154 bool want_spdy_over_npn) { 155 return make_scoped_refptr(new SSLSocketParams( 156 proxy == ProxyServer::SCHEME_DIRECT ? direct_transport_socket_params_ 157 : NULL, 158 proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL, 159 proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL, 160 HostPortPair("host", 443), 161 ssl_config_, 162 PRIVACY_MODE_DISABLED, 163 0, 164 false, 165 want_spdy_over_npn)); 166 } 167 168 void AddAuthToCache() { 169 const base::string16 kFoo(base::ASCIIToUTF16("foo")); 170 const base::string16 kBar(base::ASCIIToUTF16("bar")); 171 session_->http_auth_cache()->Add(GURL("http://proxy:443/"), 172 "MyRealm1", 173 HttpAuth::AUTH_SCHEME_BASIC, 174 "Basic realm=MyRealm1", 175 AuthCredentials(kFoo, kBar), 176 "/"); 177 } 178 179 HttpNetworkSession* CreateNetworkSession() { 180 HttpNetworkSession::Params params; 181 params.host_resolver = &host_resolver_; 182 params.cert_verifier = cert_verifier_.get(); 183 params.transport_security_state = transport_security_state_.get(); 184 params.proxy_service = proxy_service_.get(); 185 params.client_socket_factory = &socket_factory_; 186 params.ssl_config_service = ssl_config_service_.get(); 187 params.http_auth_handler_factory = http_auth_handler_factory_.get(); 188 params.http_server_properties = 189 http_server_properties_.GetWeakPtr(); 190 params.enable_spdy_compression = false; 191 params.spdy_default_protocol = GetParam(); 192 return new HttpNetworkSession(params); 193 } 194 195 void TestIPPoolingDisabled(SSLSocketDataProvider* ssl); 196 197 MockClientSocketFactory socket_factory_; 198 MockCachingHostResolver host_resolver_; 199 scoped_ptr<CertVerifier> cert_verifier_; 200 scoped_ptr<TransportSecurityState> transport_security_state_; 201 const scoped_ptr<ProxyService> proxy_service_; 202 const scoped_refptr<SSLConfigService> ssl_config_service_; 203 const scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_; 204 HttpServerPropertiesImpl http_server_properties_; 205 const scoped_refptr<HttpNetworkSession> session_; 206 207 scoped_refptr<TransportSocketParams> direct_transport_socket_params_; 208 ClientSocketPoolHistograms transport_histograms_; 209 MockTransportClientSocketPool transport_socket_pool_; 210 211 scoped_refptr<TransportSocketParams> proxy_transport_socket_params_; 212 213 scoped_refptr<SOCKSSocketParams> socks_socket_params_; 214 ClientSocketPoolHistograms socks_histograms_; 215 MockSOCKSClientSocketPool socks_socket_pool_; 216 217 scoped_refptr<HttpProxySocketParams> http_proxy_socket_params_; 218 ClientSocketPoolHistograms http_proxy_histograms_; 219 HttpProxyClientSocketPool http_proxy_socket_pool_; 220 221 SSLConfig ssl_config_; 222 scoped_ptr<ClientSocketPoolHistograms> ssl_histograms_; 223 scoped_ptr<SSLClientSocketPool> pool_; 224 }; 225 226 INSTANTIATE_TEST_CASE_P( 227 NextProto, 228 SSLClientSocketPoolTest, 229 testing::Values(kProtoDeprecatedSPDY2, 230 kProtoSPDY3, kProtoSPDY31, kProtoSPDY4)); 231 232 TEST_P(SSLClientSocketPoolTest, TCPFail) { 233 StaticSocketDataProvider data; 234 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED)); 235 socket_factory_.AddSocketDataProvider(&data); 236 237 CreatePool(true /* tcp pool */, false, false); 238 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 239 false); 240 241 ClientSocketHandle handle; 242 int rv = handle.Init("a", params, MEDIUM, CompletionCallback(), pool_.get(), 243 BoundNetLog()); 244 EXPECT_EQ(ERR_CONNECTION_FAILED, rv); 245 EXPECT_FALSE(handle.is_initialized()); 246 EXPECT_FALSE(handle.socket()); 247 EXPECT_FALSE(handle.is_ssl_error()); 248 } 249 250 TEST_P(SSLClientSocketPoolTest, TCPFailAsync) { 251 StaticSocketDataProvider data; 252 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED)); 253 socket_factory_.AddSocketDataProvider(&data); 254 255 CreatePool(true /* tcp pool */, false, false); 256 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 257 false); 258 259 ClientSocketHandle handle; 260 TestCompletionCallback callback; 261 int rv = handle.Init( 262 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 263 EXPECT_EQ(ERR_IO_PENDING, rv); 264 EXPECT_FALSE(handle.is_initialized()); 265 EXPECT_FALSE(handle.socket()); 266 267 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult()); 268 EXPECT_FALSE(handle.is_initialized()); 269 EXPECT_FALSE(handle.socket()); 270 EXPECT_FALSE(handle.is_ssl_error()); 271 } 272 273 TEST_P(SSLClientSocketPoolTest, BasicDirect) { 274 StaticSocketDataProvider data; 275 data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); 276 socket_factory_.AddSocketDataProvider(&data); 277 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); 278 socket_factory_.AddSSLSocketDataProvider(&ssl); 279 280 CreatePool(true /* tcp pool */, false, false); 281 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 282 false); 283 284 ClientSocketHandle handle; 285 TestCompletionCallback callback; 286 int rv = handle.Init( 287 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 288 EXPECT_EQ(OK, rv); 289 EXPECT_TRUE(handle.is_initialized()); 290 EXPECT_TRUE(handle.socket()); 291 TestLoadTimingInfo(handle); 292 } 293 294 // Make sure that SSLConnectJob passes on its priority to its 295 // socket request on Init (for the DIRECT case). 296 TEST_P(SSLClientSocketPoolTest, SetSocketRequestPriorityOnInitDirect) { 297 CreatePool(true /* tcp pool */, false, false); 298 scoped_refptr<SSLSocketParams> params = 299 SSLParams(ProxyServer::SCHEME_DIRECT, false); 300 301 for (int i = MINIMUM_PRIORITY; i <= MAXIMUM_PRIORITY; ++i) { 302 RequestPriority priority = static_cast<RequestPriority>(i); 303 StaticSocketDataProvider data; 304 data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); 305 socket_factory_.AddSocketDataProvider(&data); 306 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); 307 socket_factory_.AddSSLSocketDataProvider(&ssl); 308 309 ClientSocketHandle handle; 310 TestCompletionCallback callback; 311 EXPECT_EQ(OK, handle.Init("a", params, priority, callback.callback(), 312 pool_.get(), BoundNetLog())); 313 EXPECT_EQ(priority, transport_socket_pool_.last_request_priority()); 314 handle.socket()->Disconnect(); 315 } 316 } 317 318 TEST_P(SSLClientSocketPoolTest, BasicDirectAsync) { 319 StaticSocketDataProvider data; 320 socket_factory_.AddSocketDataProvider(&data); 321 SSLSocketDataProvider ssl(ASYNC, OK); 322 socket_factory_.AddSSLSocketDataProvider(&ssl); 323 324 CreatePool(true /* tcp pool */, false, false); 325 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 326 false); 327 328 ClientSocketHandle handle; 329 TestCompletionCallback callback; 330 int rv = handle.Init( 331 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 332 EXPECT_EQ(ERR_IO_PENDING, rv); 333 EXPECT_FALSE(handle.is_initialized()); 334 EXPECT_FALSE(handle.socket()); 335 336 EXPECT_EQ(OK, callback.WaitForResult()); 337 EXPECT_TRUE(handle.is_initialized()); 338 EXPECT_TRUE(handle.socket()); 339 TestLoadTimingInfo(handle); 340 } 341 342 TEST_P(SSLClientSocketPoolTest, DirectCertError) { 343 StaticSocketDataProvider data; 344 socket_factory_.AddSocketDataProvider(&data); 345 SSLSocketDataProvider ssl(ASYNC, ERR_CERT_COMMON_NAME_INVALID); 346 socket_factory_.AddSSLSocketDataProvider(&ssl); 347 348 CreatePool(true /* tcp pool */, false, false); 349 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 350 false); 351 352 ClientSocketHandle handle; 353 TestCompletionCallback callback; 354 int rv = handle.Init( 355 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 356 EXPECT_EQ(ERR_IO_PENDING, rv); 357 EXPECT_FALSE(handle.is_initialized()); 358 EXPECT_FALSE(handle.socket()); 359 360 EXPECT_EQ(ERR_CERT_COMMON_NAME_INVALID, callback.WaitForResult()); 361 EXPECT_TRUE(handle.is_initialized()); 362 EXPECT_TRUE(handle.socket()); 363 TestLoadTimingInfo(handle); 364 } 365 366 TEST_P(SSLClientSocketPoolTest, DirectSSLError) { 367 StaticSocketDataProvider data; 368 socket_factory_.AddSocketDataProvider(&data); 369 SSLSocketDataProvider ssl(ASYNC, ERR_SSL_PROTOCOL_ERROR); 370 socket_factory_.AddSSLSocketDataProvider(&ssl); 371 372 CreatePool(true /* tcp pool */, false, false); 373 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 374 false); 375 376 ClientSocketHandle handle; 377 TestCompletionCallback callback; 378 int rv = handle.Init( 379 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 380 EXPECT_EQ(ERR_IO_PENDING, rv); 381 EXPECT_FALSE(handle.is_initialized()); 382 EXPECT_FALSE(handle.socket()); 383 384 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, callback.WaitForResult()); 385 EXPECT_FALSE(handle.is_initialized()); 386 EXPECT_FALSE(handle.socket()); 387 EXPECT_TRUE(handle.is_ssl_error()); 388 } 389 390 TEST_P(SSLClientSocketPoolTest, DirectWithNPN) { 391 StaticSocketDataProvider data; 392 socket_factory_.AddSocketDataProvider(&data); 393 SSLSocketDataProvider ssl(ASYNC, OK); 394 ssl.SetNextProto(kProtoHTTP11); 395 socket_factory_.AddSSLSocketDataProvider(&ssl); 396 397 CreatePool(true /* tcp pool */, false, false); 398 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 399 false); 400 401 ClientSocketHandle handle; 402 TestCompletionCallback callback; 403 int rv = handle.Init( 404 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 405 EXPECT_EQ(ERR_IO_PENDING, rv); 406 EXPECT_FALSE(handle.is_initialized()); 407 EXPECT_FALSE(handle.socket()); 408 409 EXPECT_EQ(OK, callback.WaitForResult()); 410 EXPECT_TRUE(handle.is_initialized()); 411 EXPECT_TRUE(handle.socket()); 412 TestLoadTimingInfo(handle); 413 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket()); 414 EXPECT_TRUE(ssl_socket->WasNpnNegotiated()); 415 } 416 417 TEST_P(SSLClientSocketPoolTest, DirectNoSPDY) { 418 StaticSocketDataProvider data; 419 socket_factory_.AddSocketDataProvider(&data); 420 SSLSocketDataProvider ssl(ASYNC, OK); 421 ssl.SetNextProto(kProtoHTTP11); 422 socket_factory_.AddSSLSocketDataProvider(&ssl); 423 424 CreatePool(true /* tcp pool */, false, false); 425 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 426 true); 427 428 ClientSocketHandle handle; 429 TestCompletionCallback callback; 430 int rv = handle.Init( 431 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 432 EXPECT_EQ(ERR_IO_PENDING, rv); 433 EXPECT_FALSE(handle.is_initialized()); 434 EXPECT_FALSE(handle.socket()); 435 436 EXPECT_EQ(ERR_NPN_NEGOTIATION_FAILED, callback.WaitForResult()); 437 EXPECT_FALSE(handle.is_initialized()); 438 EXPECT_FALSE(handle.socket()); 439 EXPECT_TRUE(handle.is_ssl_error()); 440 } 441 442 TEST_P(SSLClientSocketPoolTest, DirectGotSPDY) { 443 StaticSocketDataProvider data; 444 socket_factory_.AddSocketDataProvider(&data); 445 SSLSocketDataProvider ssl(ASYNC, OK); 446 ssl.SetNextProto(GetParam()); 447 socket_factory_.AddSSLSocketDataProvider(&ssl); 448 449 CreatePool(true /* tcp pool */, false, false); 450 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 451 true); 452 453 ClientSocketHandle handle; 454 TestCompletionCallback callback; 455 int rv = handle.Init( 456 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 457 EXPECT_EQ(ERR_IO_PENDING, rv); 458 EXPECT_FALSE(handle.is_initialized()); 459 EXPECT_FALSE(handle.socket()); 460 461 EXPECT_EQ(OK, callback.WaitForResult()); 462 EXPECT_TRUE(handle.is_initialized()); 463 EXPECT_TRUE(handle.socket()); 464 TestLoadTimingInfo(handle); 465 466 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket()); 467 EXPECT_TRUE(ssl_socket->WasNpnNegotiated()); 468 std::string proto; 469 std::string server_protos; 470 ssl_socket->GetNextProto(&proto, &server_protos); 471 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto)); 472 } 473 474 TEST_P(SSLClientSocketPoolTest, DirectGotBonusSPDY) { 475 StaticSocketDataProvider data; 476 socket_factory_.AddSocketDataProvider(&data); 477 SSLSocketDataProvider ssl(ASYNC, OK); 478 ssl.SetNextProto(GetParam()); 479 socket_factory_.AddSSLSocketDataProvider(&ssl); 480 481 CreatePool(true /* tcp pool */, false, false); 482 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, 483 true); 484 485 ClientSocketHandle handle; 486 TestCompletionCallback callback; 487 int rv = handle.Init( 488 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 489 EXPECT_EQ(ERR_IO_PENDING, rv); 490 EXPECT_FALSE(handle.is_initialized()); 491 EXPECT_FALSE(handle.socket()); 492 493 EXPECT_EQ(OK, callback.WaitForResult()); 494 EXPECT_TRUE(handle.is_initialized()); 495 EXPECT_TRUE(handle.socket()); 496 TestLoadTimingInfo(handle); 497 498 SSLClientSocket* ssl_socket = static_cast<SSLClientSocket*>(handle.socket()); 499 EXPECT_TRUE(ssl_socket->WasNpnNegotiated()); 500 std::string proto; 501 std::string server_protos; 502 ssl_socket->GetNextProto(&proto, &server_protos); 503 EXPECT_EQ(GetParam(), SSLClientSocket::NextProtoFromString(proto)); 504 } 505 506 TEST_P(SSLClientSocketPoolTest, SOCKSFail) { 507 StaticSocketDataProvider data; 508 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED)); 509 socket_factory_.AddSocketDataProvider(&data); 510 511 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 512 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, 513 false); 514 515 ClientSocketHandle handle; 516 TestCompletionCallback callback; 517 int rv = handle.Init( 518 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 519 EXPECT_EQ(ERR_CONNECTION_FAILED, rv); 520 EXPECT_FALSE(handle.is_initialized()); 521 EXPECT_FALSE(handle.socket()); 522 EXPECT_FALSE(handle.is_ssl_error()); 523 } 524 525 TEST_P(SSLClientSocketPoolTest, SOCKSFailAsync) { 526 StaticSocketDataProvider data; 527 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED)); 528 socket_factory_.AddSocketDataProvider(&data); 529 530 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 531 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, 532 false); 533 534 ClientSocketHandle handle; 535 TestCompletionCallback callback; 536 int rv = handle.Init( 537 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 538 EXPECT_EQ(ERR_IO_PENDING, rv); 539 EXPECT_FALSE(handle.is_initialized()); 540 EXPECT_FALSE(handle.socket()); 541 542 EXPECT_EQ(ERR_CONNECTION_FAILED, callback.WaitForResult()); 543 EXPECT_FALSE(handle.is_initialized()); 544 EXPECT_FALSE(handle.socket()); 545 EXPECT_FALSE(handle.is_ssl_error()); 546 } 547 548 TEST_P(SSLClientSocketPoolTest, SOCKSBasic) { 549 StaticSocketDataProvider data; 550 data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); 551 socket_factory_.AddSocketDataProvider(&data); 552 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); 553 socket_factory_.AddSSLSocketDataProvider(&ssl); 554 555 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 556 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, 557 false); 558 559 ClientSocketHandle handle; 560 TestCompletionCallback callback; 561 int rv = handle.Init( 562 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 563 EXPECT_EQ(OK, rv); 564 EXPECT_TRUE(handle.is_initialized()); 565 EXPECT_TRUE(handle.socket()); 566 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here 567 // don't go through the real logic, unlike in the HTTP proxy tests. 568 TestLoadTimingInfo(handle); 569 } 570 571 // Make sure that SSLConnectJob passes on its priority to its 572 // transport socket on Init (for the SOCKS_PROXY case). 573 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitSOCKS) { 574 StaticSocketDataProvider data; 575 data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); 576 socket_factory_.AddSocketDataProvider(&data); 577 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); 578 socket_factory_.AddSSLSocketDataProvider(&ssl); 579 580 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 581 scoped_refptr<SSLSocketParams> params = 582 SSLParams(ProxyServer::SCHEME_SOCKS5, false); 583 584 ClientSocketHandle handle; 585 TestCompletionCallback callback; 586 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(), 587 pool_.get(), BoundNetLog())); 588 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority()); 589 } 590 591 TEST_P(SSLClientSocketPoolTest, SOCKSBasicAsync) { 592 StaticSocketDataProvider data; 593 socket_factory_.AddSocketDataProvider(&data); 594 SSLSocketDataProvider ssl(ASYNC, OK); 595 socket_factory_.AddSSLSocketDataProvider(&ssl); 596 597 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 598 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, 599 false); 600 601 ClientSocketHandle handle; 602 TestCompletionCallback callback; 603 int rv = handle.Init( 604 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 605 EXPECT_EQ(ERR_IO_PENDING, rv); 606 EXPECT_FALSE(handle.is_initialized()); 607 EXPECT_FALSE(handle.socket()); 608 609 EXPECT_EQ(OK, callback.WaitForResult()); 610 EXPECT_TRUE(handle.is_initialized()); 611 EXPECT_TRUE(handle.socket()); 612 // SOCKS5 generally has no DNS times, but the mock SOCKS5 sockets used here 613 // don't go through the real logic, unlike in the HTTP proxy tests. 614 TestLoadTimingInfo(handle); 615 } 616 617 TEST_P(SSLClientSocketPoolTest, HttpProxyFail) { 618 StaticSocketDataProvider data; 619 data.set_connect_data(MockConnect(SYNCHRONOUS, ERR_CONNECTION_FAILED)); 620 socket_factory_.AddSocketDataProvider(&data); 621 622 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 623 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, 624 false); 625 626 ClientSocketHandle handle; 627 TestCompletionCallback callback; 628 int rv = handle.Init( 629 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 630 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, rv); 631 EXPECT_FALSE(handle.is_initialized()); 632 EXPECT_FALSE(handle.socket()); 633 EXPECT_FALSE(handle.is_ssl_error()); 634 } 635 636 TEST_P(SSLClientSocketPoolTest, HttpProxyFailAsync) { 637 StaticSocketDataProvider data; 638 data.set_connect_data(MockConnect(ASYNC, ERR_CONNECTION_FAILED)); 639 socket_factory_.AddSocketDataProvider(&data); 640 641 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 642 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, 643 false); 644 645 ClientSocketHandle handle; 646 TestCompletionCallback callback; 647 int rv = handle.Init( 648 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 649 EXPECT_EQ(ERR_IO_PENDING, rv); 650 EXPECT_FALSE(handle.is_initialized()); 651 EXPECT_FALSE(handle.socket()); 652 653 EXPECT_EQ(ERR_PROXY_CONNECTION_FAILED, callback.WaitForResult()); 654 EXPECT_FALSE(handle.is_initialized()); 655 EXPECT_FALSE(handle.socket()); 656 EXPECT_FALSE(handle.is_ssl_error()); 657 } 658 659 TEST_P(SSLClientSocketPoolTest, HttpProxyBasic) { 660 MockWrite writes[] = { 661 MockWrite(SYNCHRONOUS, 662 "CONNECT host:80 HTTP/1.1\r\n" 663 "Host: host\r\n" 664 "Proxy-Connection: keep-alive\r\n" 665 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), 666 }; 667 MockRead reads[] = { 668 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"), 669 }; 670 StaticSocketDataProvider data(reads, arraysize(reads), writes, 671 arraysize(writes)); 672 data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); 673 socket_factory_.AddSocketDataProvider(&data); 674 AddAuthToCache(); 675 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); 676 socket_factory_.AddSSLSocketDataProvider(&ssl); 677 678 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 679 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, 680 false); 681 682 ClientSocketHandle handle; 683 TestCompletionCallback callback; 684 int rv = handle.Init( 685 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 686 EXPECT_EQ(OK, rv); 687 EXPECT_TRUE(handle.is_initialized()); 688 EXPECT_TRUE(handle.socket()); 689 TestLoadTimingInfoNoDns(handle); 690 } 691 692 // Make sure that SSLConnectJob passes on its priority to its 693 // transport socket on Init (for the HTTP_PROXY case). 694 TEST_P(SSLClientSocketPoolTest, SetTransportPriorityOnInitHTTP) { 695 MockWrite writes[] = { 696 MockWrite(SYNCHRONOUS, 697 "CONNECT host:80 HTTP/1.1\r\n" 698 "Host: host\r\n" 699 "Proxy-Connection: keep-alive\r\n" 700 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), 701 }; 702 MockRead reads[] = { 703 MockRead(SYNCHRONOUS, "HTTP/1.1 200 Connection Established\r\n\r\n"), 704 }; 705 StaticSocketDataProvider data(reads, arraysize(reads), writes, 706 arraysize(writes)); 707 data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); 708 socket_factory_.AddSocketDataProvider(&data); 709 AddAuthToCache(); 710 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); 711 socket_factory_.AddSSLSocketDataProvider(&ssl); 712 713 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 714 scoped_refptr<SSLSocketParams> params = 715 SSLParams(ProxyServer::SCHEME_HTTP, false); 716 717 ClientSocketHandle handle; 718 TestCompletionCallback callback; 719 EXPECT_EQ(OK, handle.Init("a", params, HIGHEST, callback.callback(), 720 pool_.get(), BoundNetLog())); 721 EXPECT_EQ(HIGHEST, transport_socket_pool_.last_request_priority()); 722 } 723 724 TEST_P(SSLClientSocketPoolTest, HttpProxyBasicAsync) { 725 MockWrite writes[] = { 726 MockWrite("CONNECT host:80 HTTP/1.1\r\n" 727 "Host: host\r\n" 728 "Proxy-Connection: keep-alive\r\n" 729 "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), 730 }; 731 MockRead reads[] = { 732 MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"), 733 }; 734 StaticSocketDataProvider data(reads, arraysize(reads), writes, 735 arraysize(writes)); 736 socket_factory_.AddSocketDataProvider(&data); 737 AddAuthToCache(); 738 SSLSocketDataProvider ssl(ASYNC, OK); 739 socket_factory_.AddSSLSocketDataProvider(&ssl); 740 741 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 742 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, 743 false); 744 745 ClientSocketHandle handle; 746 TestCompletionCallback callback; 747 int rv = handle.Init( 748 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 749 EXPECT_EQ(ERR_IO_PENDING, rv); 750 EXPECT_FALSE(handle.is_initialized()); 751 EXPECT_FALSE(handle.socket()); 752 753 EXPECT_EQ(OK, callback.WaitForResult()); 754 EXPECT_TRUE(handle.is_initialized()); 755 EXPECT_TRUE(handle.socket()); 756 TestLoadTimingInfoNoDns(handle); 757 } 758 759 TEST_P(SSLClientSocketPoolTest, NeedProxyAuth) { 760 MockWrite writes[] = { 761 MockWrite("CONNECT host:80 HTTP/1.1\r\n" 762 "Host: host\r\n" 763 "Proxy-Connection: keep-alive\r\n\r\n"), 764 }; 765 MockRead reads[] = { 766 MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"), 767 MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"), 768 MockRead("Content-Length: 10\r\n\r\n"), 769 MockRead("0123456789"), 770 }; 771 StaticSocketDataProvider data(reads, arraysize(reads), writes, 772 arraysize(writes)); 773 socket_factory_.AddSocketDataProvider(&data); 774 SSLSocketDataProvider ssl(ASYNC, OK); 775 socket_factory_.AddSSLSocketDataProvider(&ssl); 776 777 CreatePool(false, true /* http proxy pool */, true /* socks pool */); 778 scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, 779 false); 780 781 ClientSocketHandle handle; 782 TestCompletionCallback callback; 783 int rv = handle.Init( 784 "a", params, MEDIUM, callback.callback(), pool_.get(), BoundNetLog()); 785 EXPECT_EQ(ERR_IO_PENDING, rv); 786 EXPECT_FALSE(handle.is_initialized()); 787 EXPECT_FALSE(handle.socket()); 788 789 EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult()); 790 EXPECT_FALSE(handle.is_initialized()); 791 EXPECT_FALSE(handle.socket()); 792 EXPECT_FALSE(handle.is_ssl_error()); 793 const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info(); 794 EXPECT_EQ(tunnel_info.headers->response_code(), 407); 795 scoped_ptr<ClientSocketHandle> tunnel_handle( 796 handle.release_pending_http_proxy_connection()); 797 EXPECT_TRUE(tunnel_handle->socket()); 798 EXPECT_FALSE(tunnel_handle->socket()->IsConnected()); 799 } 800 801 // TODO(rch): re-enable this. 802 TEST_P(SSLClientSocketPoolTest, DISABLED_IPPooling) { 803 const int kTestPort = 80; 804 struct TestHosts { 805 std::string name; 806 std::string iplist; 807 SpdySessionKey key; 808 AddressList addresses; 809 } test_hosts[] = { 810 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" }, 811 { "code.google.com", "192.168.0.2,192.168.0.3,192.168.0.5" }, 812 { "js.webkit.org", "192.168.0.4,192.168.0.1,192.0.2.33" }, 813 }; 814 815 host_resolver_.set_synchronous_mode(true); 816 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) { 817 host_resolver_.rules()->AddIPLiteralRule( 818 test_hosts[i].name, test_hosts[i].iplist, std::string()); 819 820 // This test requires that the HostResolver cache be populated. Normal 821 // code would have done this already, but we do it manually. 822 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort)); 823 host_resolver_.Resolve(info, 824 DEFAULT_PRIORITY, 825 &test_hosts[i].addresses, 826 CompletionCallback(), 827 NULL, 828 BoundNetLog()); 829 830 // Setup a SpdySessionKey 831 test_hosts[i].key = SpdySessionKey( 832 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(), 833 PRIVACY_MODE_DISABLED); 834 } 835 836 MockRead reads[] = { 837 MockRead(ASYNC, ERR_IO_PENDING), 838 }; 839 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0); 840 socket_factory_.AddSocketDataProvider(&data); 841 SSLSocketDataProvider ssl(ASYNC, OK); 842 ssl.cert = X509Certificate::CreateFromBytes( 843 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)); 844 ssl.SetNextProto(GetParam()); 845 socket_factory_.AddSSLSocketDataProvider(&ssl); 846 847 CreatePool(true /* tcp pool */, false, false); 848 base::WeakPtr<SpdySession> spdy_session = 849 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog()); 850 851 EXPECT_TRUE( 852 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key)); 853 EXPECT_FALSE( 854 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key)); 855 EXPECT_TRUE( 856 HasSpdySession(session_->spdy_session_pool(), test_hosts[2].key)); 857 858 session_->spdy_session_pool()->CloseAllSessions(); 859 } 860 861 void SSLClientSocketPoolTest::TestIPPoolingDisabled( 862 SSLSocketDataProvider* ssl) { 863 const int kTestPort = 80; 864 struct TestHosts { 865 std::string name; 866 std::string iplist; 867 SpdySessionKey key; 868 AddressList addresses; 869 } test_hosts[] = { 870 { "www.webkit.org", "192.0.2.33,192.168.0.1,192.168.0.5" }, 871 { "js.webkit.com", "192.168.0.4,192.168.0.1,192.0.2.33" }, 872 }; 873 874 TestCompletionCallback callback; 875 int rv; 876 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(test_hosts); i++) { 877 host_resolver_.rules()->AddIPLiteralRule( 878 test_hosts[i].name, test_hosts[i].iplist, std::string()); 879 880 // This test requires that the HostResolver cache be populated. Normal 881 // code would have done this already, but we do it manually. 882 HostResolver::RequestInfo info(HostPortPair(test_hosts[i].name, kTestPort)); 883 rv = host_resolver_.Resolve(info, 884 DEFAULT_PRIORITY, 885 &test_hosts[i].addresses, 886 callback.callback(), 887 NULL, 888 BoundNetLog()); 889 EXPECT_EQ(OK, callback.GetResult(rv)); 890 891 // Setup a SpdySessionKey 892 test_hosts[i].key = SpdySessionKey( 893 HostPortPair(test_hosts[i].name, kTestPort), ProxyServer::Direct(), 894 PRIVACY_MODE_DISABLED); 895 } 896 897 MockRead reads[] = { 898 MockRead(ASYNC, ERR_IO_PENDING), 899 }; 900 StaticSocketDataProvider data(reads, arraysize(reads), NULL, 0); 901 socket_factory_.AddSocketDataProvider(&data); 902 socket_factory_.AddSSLSocketDataProvider(ssl); 903 904 CreatePool(true /* tcp pool */, false, false); 905 base::WeakPtr<SpdySession> spdy_session = 906 CreateSecureSpdySession(session_, test_hosts[0].key, BoundNetLog()); 907 908 EXPECT_TRUE( 909 HasSpdySession(session_->spdy_session_pool(), test_hosts[0].key)); 910 EXPECT_FALSE( 911 HasSpdySession(session_->spdy_session_pool(), test_hosts[1].key)); 912 913 session_->spdy_session_pool()->CloseAllSessions(); 914 } 915 916 // Verifies that an SSL connection with client authentication disables SPDY IP 917 // pooling. 918 TEST_P(SSLClientSocketPoolTest, IPPoolingClientCert) { 919 SSLSocketDataProvider ssl(ASYNC, OK); 920 ssl.cert = X509Certificate::CreateFromBytes( 921 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)); 922 ssl.client_cert_sent = true; 923 ssl.SetNextProto(GetParam()); 924 TestIPPoolingDisabled(&ssl); 925 } 926 927 // Verifies that an SSL connection with channel ID disables SPDY IP pooling. 928 TEST_P(SSLClientSocketPoolTest, IPPoolingChannelID) { 929 SSLSocketDataProvider ssl(ASYNC, OK); 930 ssl.channel_id_sent = true; 931 ssl.SetNextProto(GetParam()); 932 TestIPPoolingDisabled(&ssl); 933 } 934 935 // It would be nice to also test the timeouts in SSLClientSocketPool. 936 937 } // namespace 938 939 } // namespace net 940