// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40284755): Remove this and spanify to fix the errors. #pragma allow_unsafe_buffers #endif #include "net/http/http_stream_factory.h" #include <stdint.h> #include <memory> #include <optional> #include <set> #include <string> #include <string_view> #include <tuple> #include <utility> #include <vector> #include "base/compiler_specific.h" #include "base/containers/contains.h" #include "base/memory/ptr_util.h" #include "base/no_destructor.h" #include "base/run_loop.h" #include "base/strings/strcat.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_feature_list.h" #include "build/build_config.h" #include "net/base/completion_once_callback.h" #include "net/base/features.h" #include "net/base/net_errors.h" #include "net/base/network_isolation_key.h" #include "net/base/port_util.h" #include "net/base/privacy_mode.h" #include "net/base/proxy_chain.h" #include "net/base/proxy_server.h" #include "net/base/proxy_string_util.h" #include "net/base/schemeful_site.h" #include "net/base/session_usage.h" #include "net/base/test_completion_callback.h" #include "net/base/test_proxy_delegate.h" #include "net/cert/mock_cert_verifier.h" #include "net/cert/multi_log_ct_verifier.h" #include "net/dns/mock_host_resolver.h" #include "net/dns/public/secure_dns_policy.h" #include "net/http/bidirectional_stream_impl.h" #include "net/http/bidirectional_stream_request_info.h" #include "net/http/http_auth_handler_factory.h" #include "net/http/http_network_session.h" #include "net/http/http_network_session_peer.h" #include "net/http/http_network_transaction.h" #include "net/http/http_proxy_connect_job.h" #include "net/http/http_request_info.h" #include "net/http/http_server_properties.h" #include "net/http/http_stream.h" #include "net/http/transport_security_state.h" #include "net/log/net_log_with_source.h" #include "net/proxy_resolution/configured_proxy_resolution_service.h" #include "net/proxy_resolution/proxy_info.h" #include "net/quic/mock_crypto_client_stream_factory.h" #include "net/quic/mock_quic_context.h" #include "net/quic/mock_quic_data.h" #include "net/quic/quic_http_utils.h" #include "net/quic/quic_session_pool_peer.h" #include "net/quic/quic_test_packet_maker.h" #include "net/quic/quic_test_packet_printer.h" #include "net/socket/client_socket_handle.h" #include "net/socket/client_socket_pool.h" #include "net/socket/connect_job.h" #include "net/socket/mock_client_socket_pool_manager.h" #include "net/socket/next_proto.h" #include "net/socket/socket_tag.h" #include "net/socket/socket_test_util.h" #include "net/socket/socks_connect_job.h" #include "net/socket/ssl_connect_job.h" #include "net/socket/transport_connect_job.h" #include "net/spdy/spdy_session.h" #include "net/spdy/spdy_session_pool.h" #include "net/spdy/spdy_test_util_common.h" #include "net/ssl/ssl_config_service.h" #include "net/ssl/ssl_config_service_defaults.h" #include "net/test/cert_test_util.h" #include "net/test/gtest_util.h" #include "net/test/test_data_directory.h" #include "net/test/test_with_task_environment.h" #include "net/third_party/quiche/src/quiche/common/http/http_header_block.h" #include "net/third_party/quiche/src/quiche/quic/core/quic_server_id.h" #include "net/third_party/quiche/src/quiche/quic/core/quic_utils.h" #include "net/third_party/quiche/src/quiche/quic/core/quic_versions.h" #include "net/third_party/quiche/src/quiche/quic/test_tools/crypto_test_utils.h" #include "net/third_party/quiche/src/quiche/quic/test_tools/mock_random.h" #include "net/third_party/quiche/src/quiche/quic/test_tools/quic_test_utils.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "net/url_request/static_http_user_agent_settings.h" // This file can be included from net/http even though // it is in net/websockets because it doesn't // introduce any link dependency to net/websockets. #include "net/websockets/websocket_handshake_stream_base.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "url/gurl.h" #include "url/scheme_host_port.h" #include "url/url_constants.h" Contains; ElementsAre; IsEmpty; Key; SizeIs; IsError; IsOk; namespace base { class Value; } // namespace base namespace net { class BidirectionalStreamImpl; class WebSocketEndpointLockManager; } // namespace net namespace net::test { namespace { class MockWebSocketHandshakeStream : public WebSocketHandshakeStreamBase { … }; // HttpStreamFactory subclass that can wait until a preconnect is complete. class MockHttpStreamFactoryForPreconnect : public HttpStreamFactory { … }; class StreamRequestWaiter : public HttpStreamRequest::Delegate { … }; class WebSocketBasicHandshakeStream : public MockWebSocketHandshakeStream { … }; class WebSocketStreamCreateHelper : public WebSocketHandshakeStreamBase::CreateHelper { … }; struct TestCase { … }; TestCase kTests[] = …; void PreconnectHelperForURL(int num_streams, const GURL& url, NetworkAnonymizationKey network_anonymization_key, SecureDnsPolicy secure_dns_policy, HttpNetworkSession* session) { … } void PreconnectHelper(const TestCase& test, HttpNetworkSession* session) { … } ClientSocketPool::GroupId GetGroupId(const TestCase& test) { … } class CapturePreconnectsTransportSocketPool : public TransportClientSocketPool { … }; HttpStreamFactoryTest; TEST_F(HttpStreamFactoryTest, PreconnectDirect) { … } TEST_F(HttpStreamFactoryTest, PreconnectHttpProxy) { … } TEST_F(HttpStreamFactoryTest, PreconnectSocksProxy) { … } TEST_F(HttpStreamFactoryTest, PreconnectDirectWithExistingSpdySession) { … } // Verify that preconnects to unsafe ports are cancelled before they reach // the SocketPool. TEST_F(HttpStreamFactoryTest, PreconnectUnsafePort) { … } // Verify that preconnects to invalid GURLs do nothing, and do not CHECK. TEST_F(HttpStreamFactoryTest, PreconnectInvalidUrls) { … } // Verify that preconnects use the specified NetworkAnonymizationKey. TEST_F(HttpStreamFactoryTest, PreconnectNetworkIsolationKey) { … } // Verify that preconnects use the specified Secure DNS Tag. TEST_F(HttpStreamFactoryTest, PreconnectDisableSecureDns) { … } TEST_F(HttpStreamFactoryTest, JobNotifiesProxy) { … } // This test requests a stream for an https:// URL using an HTTP proxy. // The proxy will fail to establish a tunnel via connect, and the resolved // proxy list includes a fallback to DIRECT. // // The expected behavior is that proxy fallback does NOT occur, even though the // request might work using the fallback. This is a regression test for // https://crbug.com/680837. TEST_F(HttpStreamFactoryTest, NoProxyFallbackOnTunnelFail) { … } // List of errors that are used in the tests related to QUIC proxy. const int quic_proxy_test_mock_errors[] = …; // Tests that a bad QUIC proxy is added to the list of bad proxies. TEST_F(HttpStreamFactoryTest, QuicProxyMarkedAsBad) { … } // BidirectionalStreamImpl::Delegate to wait until response headers are // received. class TestBidirectionalDelegate : public BidirectionalStreamImpl::Delegate { … }; } // namespace TEST_F(HttpStreamFactoryTest, UsePreConnectIfNoZeroRTT) { … } namespace { // Return count of distinct groups in given socket pool. int GetSocketPoolGroupCount(ClientSocketPool* pool) { … } // Return count of distinct spdy sessions. int GetSpdySessionCount(HttpNetworkSession* session) { … } // Return count of sockets handed out by a given socket pool. int GetHandedOutSocketCount(ClientSocketPool* pool) { … } // Return count of distinct QUIC sessions. int GetQuicSessionCount(HttpNetworkSession* session) { … } TEST_F(HttpStreamFactoryTest, PrivacyModeUsesDifferentSocketPoolGroup) { … } TEST_F(HttpStreamFactoryTest, DisableSecureDnsUsesDifferentSocketPoolGroup) { … } TEST_F(HttpStreamFactoryTest, GetLoadState) { … } TEST_F(HttpStreamFactoryTest, RequestHttpStream) { … } // Test the race of SetPriority versus stream completion where SetPriority may // be called on an HttpStreamFactory::Job after the stream has been created by // the job. TEST_F(HttpStreamFactoryTest, ReprioritizeAfterStreamReceived) { … } TEST_F(HttpStreamFactoryTest, RequestHttpStreamOverSSL) { … } TEST_F(HttpStreamFactoryTest, RequestHttpStreamOverProxy) { … } TEST_F(HttpStreamFactoryTest, RequestWebSocketBasicHandshakeStream) { … } TEST_F(HttpStreamFactoryTest, RequestWebSocketBasicHandshakeStreamOverSSL) { … } TEST_F(HttpStreamFactoryTest, RequestWebSocketBasicHandshakeStreamOverProxy) { … } TEST_F(HttpStreamFactoryTest, RequestSpdyHttpStreamHttpsURL) { … } TEST_F(HttpStreamFactoryTest, RequestSpdyHttpStreamHttpURL) { … } // Same as above, but checks HttpServerProperties is updated using the correct // NetworkAnonymizationKey. When/if NetworkAnonymizationKey is enabled by // default, this should probably be merged into the above test. TEST_F(HttpStreamFactoryTest, RequestSpdyHttpStreamHttpURLWithNetworkAnonymizationKey) { … } // Tests that when a new SpdySession is established, duplicated idle H2 sockets // to the same server are closed. TEST_F(HttpStreamFactoryTest, NewSpdySessionCloseIdleH2Sockets) { … } // Regression test for https://crbug.com/706974. TEST_F(HttpStreamFactoryTest, TwoSpdyConnects) { … } TEST_F(HttpStreamFactoryTest, RequestBidirectionalStreamImpl) { … } // Tests for creating an HTTP stream via QUIC. class HttpStreamFactoryQuicTest : public TestWithTaskEnvironment, public ::testing::WithParamInterface<quic::ParsedQuicVersion> { … }; INSTANTIATE_TEST_SUITE_P(…); // Check that requesting an HTTP stream over a QUIC proxy sends the correct // set of QUIC packets. TEST_P(HttpStreamFactoryQuicTest, RequestHttpStreamOverQuicProxy) { … } // Check that requesting an HTTP stream over a two QUIC proxies sends the // correct set of QUIC packets. TEST_P(HttpStreamFactoryQuicTest, RequestHttpStreamOverTwoQuicProxies) { … } class HttpStreamFactoryBidirectionalQuicTest : public TestWithTaskEnvironment, public ::testing::WithParamInterface<quic::ParsedQuicVersion> { … }; INSTANTIATE_TEST_SUITE_P(…); TEST_P(HttpStreamFactoryBidirectionalQuicTest, RequestBidirectionalStreamImplQuicAlternative) { … } // Tests that if Http job fails, but Quic job succeeds, we return // BidirectionalStreamQuicImpl. TEST_P(HttpStreamFactoryBidirectionalQuicTest, RequestBidirectionalStreamImplHttpJobFailsQuicJobSucceeds) { … } TEST_F(HttpStreamFactoryTest, RequestBidirectionalStreamImplFailure) { … } #if BUILDFLAG(IS_ANDROID) // Verify HttpStreamFactory::Job passes socket tag along properly and that // SpdySessions have unique socket tags (e.g. one sessions should not be shared // amongst streams with different socket tags). TEST_F(HttpStreamFactoryTest, Tag) { SpdySessionDependencies session_deps; auto socket_factory = std::make_unique<MockTaggingClientSocketFactory>(); auto* socket_factory_ptr = socket_factory.get(); session_deps.socket_factory = std::move(socket_factory); // Prepare for two HTTPS connects. MockRead mock_read(SYNCHRONOUS, ERR_IO_PENDING); SequencedSocketData socket_data(base::span_from_ref(mock_read), base::span<MockWrite>()); socket_data.set_connect_data(MockConnect(ASYNC, OK)); session_deps.socket_factory->AddSocketDataProvider(&socket_data); MockRead mock_read2(SYNCHRONOUS, ERR_IO_PENDING); SequencedSocketData socket_data2(base::span_from_ref(mock_read2), base::span<MockWrite>()); socket_data2.set_connect_data(MockConnect(ASYNC, OK)); session_deps.socket_factory->AddSocketDataProvider(&socket_data2); SSLSocketDataProvider ssl_socket_data(ASYNC, OK); ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ssl_socket_data.next_proto = kProtoHTTP2; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_socket_data); SSLSocketDataProvider ssl_socket_data2(ASYNC, OK); ssl_socket_data2.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ssl_socket_data2.next_proto = kProtoHTTP2; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_socket_data2); std::unique_ptr<HttpNetworkSession> session( SpdySessionDependencies::SpdyCreateSession(&session_deps)); // Prepare two different tags and corresponding HttpRequestInfos. SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); HttpRequestInfo request_info1; request_info1.method = "GET"; request_info1.url = GURL("https://example.org"); request_info1.load_flags = 0; request_info1.socket_tag = tag1; request_info1.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); SocketTag tag2(getuid(), 0x87654321); HttpRequestInfo request_info2 = request_info1; request_info2.socket_tag = tag2; request_info2.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); // Verify one stream with one tag results in one session, group and // socket. StreamRequestWaiter waiter1; std::unique_ptr<HttpStreamRequest> request1( session->http_stream_factory()->RequestStream( request_info1, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter1, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter1.WaitForStream(); EXPECT_TRUE(waiter1.stream_done()); EXPECT_TRUE(nullptr == waiter1.websocket_stream()); ASSERT_TRUE(nullptr != waiter1.stream()); EXPECT_EQ(1, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(1, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify socket tagged appropriately. EXPECT_TRUE(tag1 == socket_factory_ptr->GetLastProducedTCPSocket()->tag()); EXPECT_TRUE(socket_factory_ptr->GetLastProducedTCPSocket() ->tagged_before_connected()); // Verify one more stream with a different tag results in one more session and // socket. StreamRequestWaiter waiter2; std::unique_ptr<HttpStreamRequest> request2( session->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter2, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter2.WaitForStream(); EXPECT_TRUE(waiter2.stream_done()); EXPECT_TRUE(nullptr == waiter2.websocket_stream()); ASSERT_TRUE(nullptr != waiter2.stream()); EXPECT_EQ(2, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(2, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify socket tagged appropriately. EXPECT_TRUE(tag2 == socket_factory_ptr->GetLastProducedTCPSocket()->tag()); EXPECT_TRUE(socket_factory_ptr->GetLastProducedTCPSocket() ->tagged_before_connected()); // Verify one more stream reusing a tag does not create new sessions, groups // or sockets. StreamRequestWaiter waiter3; std::unique_ptr<HttpStreamRequest> request3( session->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter3, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter3.WaitForStream(); EXPECT_TRUE(waiter3.stream_done()); EXPECT_TRUE(nullptr == waiter3.websocket_stream()); ASSERT_TRUE(nullptr != waiter3.stream()); EXPECT_EQ(2, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(2, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); } // Verify HttpStreamFactory::Job passes socket tag along properly to QUIC // sessions and that QuicSessions have unique socket tags (e.g. one sessions // should not be shared amongst streams with different socket tags). TEST_P(HttpStreamFactoryBidirectionalQuicTest, Tag) { // Prepare mock QUIC data for a first session establishment. MockQuicData mock_quic_data(version()); spdy::SpdyPriority priority = ConvertRequestPriorityToQuicPriority(DEFAULT_PRIORITY); size_t spdy_headers_frame_length; int packet_num = 1; mock_quic_data.AddWrite( SYNCHRONOUS, client_packet_maker().MakeInitialSettingsPacket(packet_num++)); mock_quic_data.AddWrite( SYNCHRONOUS, client_packet_maker().MakeRequestHeadersPacket( packet_num++, GetNthClientInitiatedBidirectionalStreamId(0), /*fin=*/true, priority, client_packet_maker().GetRequestHeaders("GET", "https", "/"), &spdy_headers_frame_length)); size_t spdy_response_headers_frame_length; mock_quic_data.AddRead( ASYNC, server_packet_maker().MakeResponseHeadersPacket( 1, GetNthClientInitiatedBidirectionalStreamId(0), /*fin=*/true, server_packet_maker().GetResponseHeaders("200"), &spdy_response_headers_frame_length)); mock_quic_data.AddRead(SYNCHRONOUS, ERR_IO_PENDING); // No more read data. mock_quic_data.AddSocketDataToFactory(&socket_factory()); // Prepare mock QUIC data for a second session establishment. client_packet_maker().Reset(); MockQuicData mock_quic_data2(version()); packet_num = 1; mock_quic_data2.AddWrite( SYNCHRONOUS, client_packet_maker().MakeInitialSettingsPacket(packet_num++)); mock_quic_data2.AddWrite( SYNCHRONOUS, client_packet_maker().MakeRequestHeadersPacket( packet_num++, GetNthClientInitiatedBidirectionalStreamId(0), /*fin=*/true, priority, client_packet_maker().GetRequestHeaders("GET", "https", "/"), &spdy_headers_frame_length)); mock_quic_data2.AddRead( ASYNC, server_packet_maker().MakeResponseHeadersPacket( 1, GetNthClientInitiatedBidirectionalStreamId(0), /*fin=*/true, server_packet_maker().GetResponseHeaders("200"), &spdy_response_headers_frame_length)); mock_quic_data2.AddRead(SYNCHRONOUS, ERR_IO_PENDING); // No more read data. mock_quic_data2.AddSocketDataToFactory(&socket_factory()); // Add hanging data for http job. auto hanging_data = std::make_unique<StaticSocketDataProvider>(); MockConnect hanging_connect(SYNCHRONOUS, ERR_IO_PENDING); hanging_data->set_connect_data(hanging_connect); socket_factory().AddSocketDataProvider(hanging_data.get()); SSLSocketDataProvider ssl_data(ASYNC, OK); socket_factory().AddSSLSocketDataProvider(&ssl_data); // Set up QUIC as alternative_service. Initialize(); AddQuicAlternativeService(); // Prepare two different tags and corresponding HttpRequestInfos. SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); HttpRequestInfo request_info1; request_info1.method = "GET"; request_info1.url = default_url_; request_info1.load_flags = 0; request_info1.socket_tag = tag1; request_info1.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); SocketTag tag2(getuid(), 0x87654321); HttpRequestInfo request_info2 = request_info1; request_info2.socket_tag = tag2; request_info2.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); // Verify one stream with one tag results in one QUIC session. StreamRequestWaiter waiter1; std::unique_ptr<HttpStreamRequest> request1( session()->http_stream_factory()->RequestStream( request_info1, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter1, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter1.WaitForStream(); EXPECT_TRUE(waiter1.stream_done()); EXPECT_TRUE(nullptr == waiter1.websocket_stream()); ASSERT_TRUE(nullptr != waiter1.stream()); EXPECT_EQ(kProtoQUIC, request1->negotiated_protocol()); EXPECT_EQ(1, GetQuicSessionCount(session())); // Verify socket tagged appropriately. EXPECT_TRUE(tag1 == socket_factory().GetLastProducedUDPSocket()->tag()); EXPECT_TRUE(socket_factory() .GetLastProducedUDPSocket() ->tagged_before_data_transferred()); // Verify one more stream with a different tag results in one more session and // socket. StreamRequestWaiter waiter2; std::unique_ptr<HttpStreamRequest> request2( session()->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter2, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter2.WaitForStream(); EXPECT_TRUE(waiter2.stream_done()); EXPECT_TRUE(nullptr == waiter2.websocket_stream()); ASSERT_TRUE(nullptr != waiter2.stream()); EXPECT_EQ(kProtoQUIC, request2->negotiated_protocol()); EXPECT_EQ(2, GetQuicSessionCount(session())); // Verify socket tagged appropriately. EXPECT_TRUE(tag2 == socket_factory().GetLastProducedUDPSocket()->tag()); EXPECT_TRUE(socket_factory() .GetLastProducedUDPSocket() ->tagged_before_data_transferred()); // Verify one more stream reusing a tag does not create new sessions. StreamRequestWaiter waiter3; std::unique_ptr<HttpStreamRequest> request3( session()->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter3, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter3.WaitForStream(); EXPECT_TRUE(waiter3.stream_done()); EXPECT_TRUE(nullptr == waiter3.websocket_stream()); ASSERT_TRUE(nullptr != waiter3.stream()); EXPECT_EQ(kProtoQUIC, request3->negotiated_protocol()); EXPECT_EQ(2, GetQuicSessionCount(session())); } TEST_F(HttpStreamFactoryTest, ChangeSocketTag) { SpdySessionDependencies session_deps; auto socket_factory = std::make_unique<MockTaggingClientSocketFactory>(); auto* socket_factory_ptr = socket_factory.get(); session_deps.socket_factory = std::move(socket_factory); // Prepare for two HTTPS connects. MockRead mock_read(SYNCHRONOUS, ERR_IO_PENDING); SequencedSocketData socket_data(base::span_from_ref(mock_read), base::span<MockWrite>()); socket_data.set_connect_data(MockConnect(ASYNC, OK)); session_deps.socket_factory->AddSocketDataProvider(&socket_data); MockRead mock_read2(SYNCHRONOUS, ERR_IO_PENDING); SequencedSocketData socket_data2(base::span_from_ref(mock_read2), base::span<MockWrite>()); socket_data2.set_connect_data(MockConnect(ASYNC, OK)); session_deps.socket_factory->AddSocketDataProvider(&socket_data2); SSLSocketDataProvider ssl_socket_data(ASYNC, OK); // Use cert for *.example.org ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ssl_socket_data.next_proto = kProtoHTTP2; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_socket_data); SSLSocketDataProvider ssl_socket_data2(ASYNC, OK); // Use cert for *.example.org ssl_socket_data2.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ssl_socket_data2.next_proto = kProtoHTTP2; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_socket_data2); std::unique_ptr<HttpNetworkSession> session( SpdySessionDependencies::SpdyCreateSession(&session_deps)); // Prepare two different tags and corresponding HttpRequestInfos. SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); HttpRequestInfo request_info1; request_info1.method = "GET"; request_info1.url = GURL("https://www.example.org"); request_info1.load_flags = 0; request_info1.socket_tag = tag1; request_info1.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); SocketTag tag2(getuid(), 0x87654321); HttpRequestInfo request_info2 = request_info1; request_info2.socket_tag = tag2; request_info2.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); // Prepare another HttpRequestInfo with tag1 and a different host name. HttpRequestInfo request_info3 = request_info1; request_info3.url = GURL("https://foo.example.org"); request_info3.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); // Verify one stream with one tag results in one session, group and // socket. StreamRequestWaiter waiter1; std::unique_ptr<HttpStreamRequest> request1( session->http_stream_factory()->RequestStream( request_info1, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter1, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter1.WaitForStream(); EXPECT_TRUE(waiter1.stream_done()); EXPECT_FALSE(waiter1.websocket_stream()); ASSERT_TRUE(waiter1.stream()); EXPECT_EQ(1, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(1, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify socket tagged appropriately. MockTaggingStreamSocket* socket = socket_factory_ptr->GetLastProducedTCPSocket(); EXPECT_TRUE(tag1 == socket->tag()); EXPECT_TRUE(socket->tagged_before_connected()); // Verify the socket tag on the first session can be changed. StreamRequestWaiter waiter2; std::unique_ptr<HttpStreamRequest> request2( session->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter2, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter2.WaitForStream(); EXPECT_TRUE(waiter2.stream_done()); EXPECT_FALSE(waiter2.websocket_stream()); ASSERT_TRUE(waiter2.stream()); // Verify still have just one session. EXPECT_EQ(1, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(1, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify no new sockets created. EXPECT_EQ(socket, socket_factory_ptr->GetLastProducedTCPSocket()); // Verify socket tag changed. EXPECT_TRUE(tag2 == socket->tag()); EXPECT_FALSE(socket->tagged_before_connected()); // Verify attempting to use the first stream fails because the session's // socket tag has since changed. TestCompletionCallback callback1; waiter1.stream()->RegisterRequest(&request_info1); EXPECT_EQ(ERR_FAILED, waiter1.stream()->InitializeStream( /* can_send_early = */ false, DEFAULT_PRIORITY, NetLogWithSource(), callback1.callback())); // Verify the socket tag can be changed, this time using an IP alias // (different host, same IP). StreamRequestWaiter waiter3; std::unique_ptr<HttpStreamRequest> request3( session->http_stream_factory()->RequestStream( request_info3, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter3, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter3.WaitForStream(); EXPECT_TRUE(waiter3.stream_done()); EXPECT_FALSE(waiter3.websocket_stream()); ASSERT_TRUE(waiter3.stream()); // Verify still have just one session. EXPECT_EQ(1, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(1, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify no new sockets created. EXPECT_EQ(socket, socket_factory_ptr->GetLastProducedTCPSocket()); // Verify socket tag changed. EXPECT_TRUE(tag1 == socket->tag()); EXPECT_FALSE(socket->tagged_before_connected()); // Initialize the third stream, thus marking the session active, so it cannot // have its socket tag changed. TestCompletionCallback callback3; waiter3.stream()->RegisterRequest(&request_info3); EXPECT_EQ(OK, waiter3.stream()->InitializeStream( /* can_send_early = */ false, DEFAULT_PRIORITY, NetLogWithSource(), callback3.callback())); // Verify a new session is created when a request with a different tag is // started. StreamRequestWaiter waiter4; std::unique_ptr<HttpStreamRequest> request4( session->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter4, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter4.WaitForStream(); EXPECT_TRUE(waiter4.stream_done()); EXPECT_FALSE(waiter4.websocket_stream()); ASSERT_TRUE(waiter4.stream()); // Verify we now have two sessions. EXPECT_EQ(2, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(2, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify a new socket was created. MockTaggingStreamSocket* socket2 = socket_factory_ptr->GetLastProducedTCPSocket(); EXPECT_NE(socket, socket2); // Verify tag set appropriately. EXPECT_TRUE(tag2 == socket2->tag()); EXPECT_TRUE(socket2->tagged_before_connected()); // Verify tag on original socket is unchanged. EXPECT_TRUE(tag1 == socket->tag()); waiter3.stream()->Close(/* not_reusable = */ true); } // Regression test for https://crbug.com/954503. TEST_F(HttpStreamFactoryTest, ChangeSocketTagAvoidOverwrite) { SpdySessionDependencies session_deps; auto socket_factory = std::make_unique<MockTaggingClientSocketFactory>(); auto* socket_factory_ptr = socket_factory.get(); session_deps.socket_factory = std::move(socket_factory); // Prepare for two HTTPS connects. MockRead mock_read(SYNCHRONOUS, ERR_IO_PENDING); SequencedSocketData socket_data(base::span_from_ref(mock_read), base::span<MockWrite>()); socket_data.set_connect_data(MockConnect(ASYNC, OK)); session_deps.socket_factory->AddSocketDataProvider(&socket_data); MockRead mock_read2(SYNCHRONOUS, ERR_IO_PENDING); SequencedSocketData socket_data2(base::span_from_ref(mock_read2), base::span<MockWrite>()); socket_data2.set_connect_data(MockConnect(ASYNC, OK)); session_deps.socket_factory->AddSocketDataProvider(&socket_data2); SSLSocketDataProvider ssl_socket_data(ASYNC, OK); // Use cert for *.example.org ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ssl_socket_data.next_proto = kProtoHTTP2; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_socket_data); SSLSocketDataProvider ssl_socket_data2(ASYNC, OK); // Use cert for *.example.org ssl_socket_data2.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ssl_socket_data2.next_proto = kProtoHTTP2; session_deps.socket_factory->AddSSLSocketDataProvider(&ssl_socket_data2); std::unique_ptr<HttpNetworkSession> session( SpdySessionDependencies::SpdyCreateSession(&session_deps)); // Prepare three different tags and corresponding HttpRequestInfos. SocketTag tag1(SocketTag::UNSET_UID, 2); HttpRequestInfo request_info1; request_info1.method = "GET"; request_info1.url = GURL("https://www.example.org"); request_info1.load_flags = 0; request_info1.socket_tag = tag1; request_info1.traffic_annotation = MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); SocketTag tag2(SocketTag::UNSET_UID, 1); HttpRequestInfo request_info2 = request_info1; request_info2.socket_tag = tag2; HttpRequestInfo request_info3 = request_info1; SocketTag tag3(SocketTag::UNSET_UID, 3); request_info3.socket_tag = tag3; // Prepare another HttpRequestInfo with tag3 and a different host name. HttpRequestInfo request_info4 = request_info1; request_info4.socket_tag = tag3; request_info4.url = GURL("https://foo.example.org"); // Verify one stream with one tag results in one session, group and // socket. StreamRequestWaiter waiter1; std::unique_ptr<HttpStreamRequest> request1( session->http_stream_factory()->RequestStream( request_info1, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter1, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter1.WaitForStream(); EXPECT_TRUE(waiter1.stream_done()); EXPECT_FALSE(waiter1.websocket_stream()); ASSERT_TRUE(waiter1.stream()); EXPECT_EQ(1, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(1, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify socket tagged appropriately. MockTaggingStreamSocket* socket = socket_factory_ptr->GetLastProducedTCPSocket(); EXPECT_TRUE(tag1 == socket->tag()); EXPECT_TRUE(socket->tagged_before_connected()); // Initialize the first stream, thus marking the session active, so it cannot // have its socket tag changed and be reused for the second session. TestCompletionCallback callback1; waiter1.stream()->RegisterRequest(&request_info1); EXPECT_EQ(OK, waiter1.stream()->InitializeStream( /* can_send_early = */ false, DEFAULT_PRIORITY, NetLogWithSource(), callback1.callback())); // Create a second stream with a new tag. StreamRequestWaiter waiter2; std::unique_ptr<HttpStreamRequest> request2( session->http_stream_factory()->RequestStream( request_info2, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter2, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter2.WaitForStream(); EXPECT_TRUE(waiter2.stream_done()); EXPECT_FALSE(waiter2.websocket_stream()); ASSERT_TRUE(waiter2.stream()); // Verify we now have two sessions. EXPECT_EQ(2, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(2, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify a new socket was created. MockTaggingStreamSocket* socket2 = socket_factory_ptr->GetLastProducedTCPSocket(); EXPECT_NE(socket, socket2); // Verify tag set appropriately. EXPECT_TRUE(tag2 == socket2->tag()); EXPECT_TRUE(socket2->tagged_before_connected()); // Verify tag on original socket is unchanged. EXPECT_TRUE(tag1 == socket->tag()); // Initialize the second stream, thus marking the session active, so it cannot // have its socket tag changed and be reused for the third session. TestCompletionCallback callback2; waiter2.stream()->RegisterRequest(&request_info2); EXPECT_EQ(OK, waiter2.stream()->InitializeStream( /* can_send_early = */ false, DEFAULT_PRIORITY, NetLogWithSource(), callback2.callback())); // Release first stream so first session can be retagged for third request. waiter1.stream()->Close(/* not_reusable = */ true); // Verify the first session can be retagged for a third request. StreamRequestWaiter waiter3; std::unique_ptr<HttpStreamRequest> request3( session->http_stream_factory()->RequestStream( request_info3, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter3, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter3.WaitForStream(); EXPECT_TRUE(waiter3.stream_done()); EXPECT_FALSE(waiter3.websocket_stream()); ASSERT_TRUE(waiter3.stream()); // Verify still have two sessions. EXPECT_EQ(2, GetSpdySessionCount(session.get())); EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); EXPECT_EQ(2, GetHandedOutSocketCount(session->GetSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL, ProxyChain::Direct()))); // Verify no new sockets created. EXPECT_EQ(socket2, socket_factory_ptr->GetLastProducedTCPSocket()); // Verify socket tag changed. EXPECT_TRUE(tag3 == socket->tag()); EXPECT_FALSE(socket->tagged_before_connected()); // Release second stream so second session can be retagged for fourth request. waiter2.stream()->Close(/* not_reusable = */ true); // Request a stream with a new tag and a different host that aliases existing // sessions. StreamRequestWaiter waiter4; std::unique_ptr<HttpStreamRequest> request4( session->http_stream_factory()->RequestStream( request_info4, DEFAULT_PRIORITY, /* allowed_bad_certs = */ {}, &waiter4, /* enable_ip_based_pooling = */ true, /* enable_alternative_services = */ true, NetLogWithSource())); waiter4.WaitForStream(); EXPECT_TRUE(waiter4.stream_done()); EXPECT_FALSE(waiter4.websocket_stream()); ASSERT_TRUE(waiter4.stream()); // Verify no new sockets created. EXPECT_EQ(socket2, socket_factory_ptr->GetLastProducedTCPSocket()); } #endif // Test that when creating a stream all sessions that alias an IP are tried, // not just one. This is important because there can be multiple sessions // that could satisfy a stream request and they should all be tried. TEST_F(HttpStreamFactoryTest, MultiIPAliases) { … } TEST_F(HttpStreamFactoryTest, SpdyIPPoolingWithDnsAliases) { … } TEST_P(HttpStreamFactoryBidirectionalQuicTest, QuicIPPoolingWithDnsAliases) { … } class ProcessAlternativeServicesTest : public TestWithTaskEnvironment { … }; TEST_F(ProcessAlternativeServicesTest, ProcessEmptyAltSvc) { … } TEST_F(ProcessAlternativeServicesTest, ProcessAltSvcClear) { … } TEST_F(ProcessAlternativeServicesTest, ProcessAltSvcQuicIetf) { … } TEST_F(ProcessAlternativeServicesTest, ProcessAltSvcHttp2) { … } } // namespace } // namespace net::test
Codebase Browser
chromium