// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40284755): Remove this and spanify to fix the errors. #pragma allow_unsafe_buffers #endif #include "net/socket/ssl_client_socket.h" #include <errno.h> #include <string.h> #include <algorithm> #include <memory> #include <optional> #include <string_view> #include <tuple> #include <utility> #include "base/files/file_util.h" #include "base/functional/bind.h" #include "base/functional/callback_helpers.h" #include "base/location.h" #include "base/memory/raw_ptr.h" #include "base/memory/ref_counted.h" #include "base/run_loop.h" #include "base/strings/string_number_conversions.h" #include "base/strings/stringprintf.h" #include "base/synchronization/lock.h" #include "base/task/single_thread_task_runner.h" #include "base/test/bind.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_feature_list.h" #include "base/time/time.h" #include "base/values.h" #include "build/build_config.h" #include "crypto/rsa_private_key.h" #include "net/base/address_list.h" #include "net/base/completion_once_callback.h" #include "net/base/features.h" #include "net/base/host_port_pair.h" #include "net/base/io_buffer.h" #include "net/base/ip_address.h" #include "net/base/ip_endpoint.h" #include "net/base/net_errors.h" #include "net/base/network_anonymization_key.h" #include "net/base/schemeful_site.h" #include "net/base/test_completion_callback.h" #include "net/cert/asn1_util.h" #include "net/cert/cert_database.h" #include "net/cert/ct_policy_status.h" #include "net/cert/mock_cert_verifier.h" #include "net/cert/mock_client_cert_verifier.h" #include "net/cert/sct_auditing_delegate.h" #include "net/cert/signed_certificate_timestamp_and_status.h" #include "net/cert/test_root_certs.h" #include "net/cert/x509_util.h" #include "net/dns/host_resolver.h" #include "net/http/transport_security_state.h" #include "net/http/transport_security_state_test_util.h" #include "net/log/net_log_event_type.h" #include "net/log/net_log_source.h" #include "net/log/test_net_log.h" #include "net/log/test_net_log_util.h" #include "net/socket/client_socket_factory.h" #include "net/socket/client_socket_handle.h" #include "net/socket/read_buffering_stream_socket.h" #include "net/socket/socket_test_util.h" #include "net/socket/ssl_server_socket.h" #include "net/socket/stream_socket.h" #include "net/socket/tcp_client_socket.h" #include "net/socket/tcp_server_socket.h" #include "net/ssl/ssl_cert_request_info.h" #include "net/ssl/ssl_client_session_cache.h" #include "net/ssl/ssl_config.h" #include "net/ssl/ssl_config_service.h" #include "net/ssl/ssl_connection_status_flags.h" #include "net/ssl/ssl_handshake_details.h" #include "net/ssl/ssl_info.h" #include "net/ssl/ssl_server_config.h" #include "net/ssl/test_ssl_config_service.h" #include "net/ssl/test_ssl_private_key.h" #include "net/test/cert_test_util.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "net/test/embedded_test_server/http_request.h" #include "net/test/embedded_test_server/http_response.h" #include "net/test/gtest_util.h" #include "net/test/key_util.h" #include "net/test/ssl_test_util.h" #include "net/test/test_data_directory.h" #include "net/test/test_with_task_environment.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "testing/platform_test.h" #include "third_party/boringssl/src/include/openssl/bio.h" #include "third_party/boringssl/src/include/openssl/evp.h" #include "third_party/boringssl/src/include/openssl/hpke.h" #include "third_party/boringssl/src/include/openssl/pem.h" #include "third_party/boringssl/src/include/openssl/ssl.h" #include "url/gurl.h" IsError; IsOk; _; Bool; Combine; Return; Values; ValuesIn; namespace net { class NetLogWithSource; namespace { // When passed to |MakeHashValueVector|, this will generate a key pin that is // sha256/AA...=, and hence will cause pin validation success with the TestSPKI // pin from transport_security_state_static.pins. ("A" is the 0th element of the // base-64 alphabet.) const uint8_t kGoodHashValueVectorInput = …; // When passed to |MakeHashValueVector|, this will generate a key pin that is // not sha256/AA...=, and hence will cause pin validation failure with the // TestSPKI pin. const uint8_t kBadHashValueVectorInput = …; // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 constexpr uint16_t kModernTLS12Cipher = …; // TLS_RSA_WITH_AES_128_GCM_SHA256 constexpr uint16_t kRSACipher = …; // TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA constexpr uint16_t kCBCCipher = …; // TLS_RSA_WITH_3DES_EDE_CBC_SHA constexpr uint16_t k3DESCipher = …; // Simulates synchronously receiving an error during Read() or Write() class SynchronousErrorStreamSocket : public WrappedStreamSocket { … }; int SynchronousErrorStreamSocket::Read(IOBuffer* buf, int buf_len, CompletionOnceCallback callback) { … } int SynchronousErrorStreamSocket::ReadIfReady(IOBuffer* buf, int buf_len, CompletionOnceCallback callback) { … } int SynchronousErrorStreamSocket::Write( IOBuffer* buf, int buf_len, CompletionOnceCallback callback, const NetworkTrafficAnnotationTag& traffic_annotation) { … } // FakeBlockingStreamSocket wraps an existing StreamSocket and simulates the // underlying transport needing to complete things asynchronously in a // deterministic manner (e.g.: independent of the TestServer and the OS's // semantics). class FakeBlockingStreamSocket : public WrappedStreamSocket { … }; int FakeBlockingStreamSocket::Read(IOBuffer* buf, int len, CompletionOnceCallback callback) { … } int FakeBlockingStreamSocket::ReadIfReady(IOBuffer* buf, int len, CompletionOnceCallback callback) { … } int FakeBlockingStreamSocket::CancelReadIfReady() { … } int FakeBlockingStreamSocket::Write( IOBuffer* buf, int len, CompletionOnceCallback callback, const NetworkTrafficAnnotationTag& traffic_annotation) { … } void FakeBlockingStreamSocket::BlockReadResult() { … } void FakeBlockingStreamSocket::UnblockReadResult() { … } bool FakeBlockingStreamSocket::ReplaceReadResult(const std::string& data) { … } void FakeBlockingStreamSocket::WaitForReadResult() { … } void FakeBlockingStreamSocket::BlockWrite() { … } void FakeBlockingStreamSocket::CallPendingWriteCallback(int rv) { … } void FakeBlockingStreamSocket::UnblockWrite() { … } void FakeBlockingStreamSocket::WaitForWrite() { … } void FakeBlockingStreamSocket::OnReadCompleted(int result) { … } void FakeBlockingStreamSocket::CompleteReadIfReady(scoped_refptr<IOBuffer> buf, int rv) { … } void FakeBlockingStreamSocket::ReturnReadResult() { … } // CountingStreamSocket wraps an existing StreamSocket and maintains a count of // reads and writes on the socket. class CountingStreamSocket : public WrappedStreamSocket { … }; // A helper class that will delete |socket| when the callback is invoked. class DeleteSocketCallback : public TestCompletionCallbackBase { … }; class MockRequireCTDelegate : public TransportSecurityState::RequireCTDelegate { … }; class MockSCTAuditingDelegate : public SCTAuditingDelegate { … }; class ManySmallRecordsHttpResponse : public test_server::HttpResponse { … }; class SSLClientSocketTest : public PlatformTest, public WithTaskEnvironment { … }; enum ReadIfReadyTransport { … }; enum ReadIfReadySSL { … }; class StreamSocketWithoutReadIfReady : public WrappedStreamSocket { … }; class ClientSocketFactoryWithoutReadIfReady : public ClientSocketFactory { … }; std::vector<uint16_t> GetTLSVersions() { … } class SSLClientSocketVersionTest : public SSLClientSocketTest, public ::testing::WithParamInterface<uint16_t> { … }; // If GetParam(), try ReadIfReady() and fall back to Read() if needed. class SSLClientSocketReadTest : public SSLClientSocketTest, public ::testing::WithParamInterface< std::tuple<ReadIfReadyTransport, ReadIfReadySSL, uint16_t>> { … }; INSTANTIATE_TEST_SUITE_P(…); // Verifies the correctness of GetSSLCertRequestInfo. class SSLClientSocketCertRequestInfoTest : public SSLClientSocketVersionTest { … }; class SSLClientSocketFalseStartTest : public SSLClientSocketTest { … }; // Sends an HTTP request on the socket and reads the response. This may be used // to ensure some data has been consumed from the server. int MakeHTTPRequest(StreamSocket* socket, const char* path = "/") { … } // Provides a response to the 0RTT request indicating whether it was received // as early data. class ZeroRTTResponse : public test_server::HttpResponse { … }; std::unique_ptr<test_server::HttpResponse> HandleZeroRTTRequest( const test_server::HttpRequest& request) { … } class SSLClientSocketZeroRTTTest : public SSLClientSocketTest { … }; // Returns a serialized unencrypted TLS 1.2 alert record for the given alert // value. std::string FormatTLS12Alert(uint8_t alert) { … } // A CertVerifier that never returns on any requests. class HangingCertVerifier : public CertVerifier { … }; class MockSSLClientContextObserver : public SSLClientContext::Observer { … }; } // namespace INSTANTIATE_TEST_SUITE_P(…); TEST_P(SSLClientSocketVersionTest, Connect) { … } TEST_P(SSLClientSocketVersionTest, ConnectSyncVerify) { … } TEST_P(SSLClientSocketVersionTest, ConnectExpired) { … } TEST_P(SSLClientSocketVersionTest, ConnectExpiredSyncVerify) { … } // Test that SSLClientSockets may be destroyed while waiting on a certificate // verification. TEST_P(SSLClientSocketVersionTest, SocketDestroyedDuringVerify) { … } TEST_P(SSLClientSocketVersionTest, ConnectMismatched) { … } // Tests that certificates parsable by SSLClientSocket's internal SSL // implementation, but not X509Certificate are treated as fatal connection // errors. This is a regression test for https://crbug.com/91341. TEST_P(SSLClientSocketVersionTest, ConnectBadValidity) { … } // Ignoring the certificate error from an invalid certificate should // allow a complete connection. TEST_P(SSLClientSocketVersionTest, ConnectBadValidityIgnoreCertErrors) { … } // Client certificates are disabled on iOS. #if BUILDFLAG(ENABLE_CLIENT_CERTIFICATES) // Attempt to connect to a page which requests a client certificate. It should // return an error code on connect. TEST_P(SSLClientSocketVersionTest, ConnectClientAuthCertRequested) { … } // Connect to a server requesting optional client authentication. Send it a // null certificate. It should allow the connection. TEST_P(SSLClientSocketVersionTest, ConnectClientAuthSendNullCert) { … } #endif // BUILDFLAG(ENABLE_CLIENT_CERTIFICATES) // TODO(wtc): Add unit tests for IsConnectedAndIdle: // - Server closes an SSL connection (with a close_notify alert message). // - Server closes the underlying TCP connection directly. // - Server sends data unexpectedly. // Tests that the socket can be read from successfully. Also test that a peer's // close_notify alert is successfully processed without error. TEST_P(SSLClientSocketReadTest, Read) { … } // Tests that SSLClientSocket properly handles when the underlying transport // synchronously fails a transport write in during the handshake. TEST_F(SSLClientSocketTest, Connect_WithSynchronousError) { … } // Tests that the SSLClientSocket properly handles when the underlying transport // synchronously returns an error code - such as if an intermediary terminates // the socket connection uncleanly. // This is a regression test for http://crbug.com/238536 TEST_P(SSLClientSocketReadTest, Read_WithSynchronousError) { … } // Tests that the SSLClientSocket properly handles when the underlying transport // asynchronously returns an error code while writing data - such as if an // intermediary terminates the socket connection uncleanly. // This is a regression test for http://crbug.com/249848 TEST_P(SSLClientSocketVersionTest, Write_WithSynchronousError) { … } // If there is a Write failure at the transport with no follow-up Read, although // the write error will not be returned to the client until a future Read or // Write operation, SSLClientSocket should not spin attempting to re-write on // the socket. This is a regression test for part of https://crbug.com/381160. TEST_P(SSLClientSocketVersionTest, Write_WithSynchronousErrorNoRead) { … } // Test the full duplex mode, with Read and Write pending at the same time. // This test also serves as a regression test for http://crbug.com/29815. TEST_P(SSLClientSocketReadTest, Read_FullDuplex) { … } // Attempts to Read() and Write() from an SSLClientSocketNSS in full duplex // mode when the underlying transport is blocked on sending data. When the // underlying transport completes due to an error, it should invoke both the // Read() and Write() callbacks. If the socket is deleted by the Read() // callback, the Write() callback should not be invoked. // Regression test for http://crbug.com/232633 TEST_P(SSLClientSocketReadTest, Read_DeleteWhilePendingFullDuplex) { … } // Tests that the SSLClientSocket does not crash if data is received on the // transport socket after a failing write. This can occur if we have a Write // error in a SPDY socket. // Regression test for http://crbug.com/335557 TEST_P(SSLClientSocketReadTest, Read_WithWriteError) { … } // Tests that SSLClientSocket fails the handshake if the underlying // transport is cleanly closed. TEST_F(SSLClientSocketTest, Connect_WithZeroReturn) { … } // Tests that SSLClientSocket returns a Read of size 0 if the underlying socket // is cleanly closed, but the peer does not send close_notify. // This is a regression test for https://crbug.com/422246 TEST_P(SSLClientSocketReadTest, Read_WithZeroReturn) { … } // Tests that SSLClientSocket cleanly returns a Read of size 0 if the // underlying socket is cleanly closed asynchronously. // This is a regression test for https://crbug.com/422246 TEST_P(SSLClientSocketReadTest, Read_WithAsyncZeroReturn) { … } // Tests that fatal alerts from the peer are processed. This is a regression // test for https://crbug.com/466303. TEST_P(SSLClientSocketReadTest, Read_WithFatalAlert) { … } TEST_P(SSLClientSocketReadTest, Read_SmallChunks) { … } TEST_P(SSLClientSocketReadTest, Read_ManySmallRecords) { … } TEST_P(SSLClientSocketReadTest, Read_Interrupted) { … } TEST_P(SSLClientSocketReadTest, Read_FullLogging) { … } // Regression test for http://crbug.com/42538 TEST_F(SSLClientSocketTest, PrematureApplicationData) { … } TEST_F(SSLClientSocketTest, CipherSuiteDisables) { … } // Test that TLS versions prior to TLS 1.2 cannot be configured in // SSLClientSocket. TEST_F(SSLClientSocketTest, LegacyTLSVersions) { … } // When creating an SSLClientSocket, it is allowed to pass in a // ClientSocketHandle that is not obtained from a client socket pool. // Here we verify that such a simple ClientSocketHandle, not associated with any // client socket pool, can be destroyed safely. TEST_F(SSLClientSocketTest, ClientSocketHandleNotFromPool) { … } // Verifies that SSLClientSocket::ExportKeyingMaterial return a success // code and different keying label results in different keying material. TEST_P(SSLClientSocketVersionTest, ExportKeyingMaterial) { … } TEST(SSLClientSocket, SerializeNextProtos) { … } // Test that the server certificates are properly retrieved from the underlying // SSL stack. TEST_P(SSLClientSocketVersionTest, VerifyServerChainProperlyOrdered) { … } // This tests that SSLInfo contains a properly re-constructed certificate // chain. That, in turn, verifies that GetSSLInfo is giving us the chain as // verified, not the chain as served by the server. (They may be different.) // // CERT_CHAIN_WRONG_ROOT is redundant-server-chain.pem. It contains A // (end-entity) -> B -> C, and C is signed by D. redundant-validated-chain.pem // contains a chain of A -> B -> C2, where C2 is the same public key as C, but // a self-signed root. Such a situation can occur when a new root (C2) is // cross-certified by an old root (D) and has two different versions of its // floating around. Servers may supply C2 as an intermediate, but the // SSLClientSocket should return the chain that was verified, from // verify_result, instead. TEST_P(SSLClientSocketVersionTest, VerifyReturnChainProperlyOrdered) { … } // Client certificates are disabled on iOS. #if BUILDFLAG(ENABLE_CLIENT_CERTIFICATES) INSTANTIATE_TEST_SUITE_P(…); TEST_P(SSLClientSocketCertRequestInfoTest, DontRequestClientCertsIfServerCertInvalid) { … } TEST_P(SSLClientSocketCertRequestInfoTest, NoAuthorities) { … } TEST_P(SSLClientSocketCertRequestInfoTest, TwoAuthorities) { … } TEST_P(SSLClientSocketCertRequestInfoTest, CertKeyTypes) { … } #endif // BUILDFLAG(ENABLE_CLIENT_CERTIFICATES) // Tests that the Certificate Transparency (RFC 6962) TLS extension is // supported. TEST_P(SSLClientSocketVersionTest, ConnectSignedCertTimestampsTLSExtension) { … } // Tests that OCSP stapling is requested, as per Certificate Transparency (RFC // 6962). TEST_P(SSLClientSocketVersionTest, ConnectSignedCertTimestampsEnablesOCSP) { … } // Tests that IsConnectedAndIdle and WasEverUsed behave as expected. TEST_P(SSLClientSocketVersionTest, ReuseStates) { … } // Tests that |is_fatal_cert_error| does not get set for a certificate error, // on a non-HSTS host. TEST_P(SSLClientSocketVersionTest, IsFatalErrorNotSetOnNonFatalError) { … } // Tests that |is_fatal_cert_error| gets set for a certificate error on an // HSTS host. TEST_P(SSLClientSocketVersionTest, IsFatalErrorSetOnFatalError) { … } // Tests that IsConnectedAndIdle treats a socket as idle even if a Write hasn't // been flushed completely out of SSLClientSocket's internal buffers. This is a // regression test for https://crbug.com/466147. TEST_P(SSLClientSocketVersionTest, ReusableAfterWrite) { … } // Tests that basic session resumption works. TEST_P(SSLClientSocketVersionTest, SessionResumption) { … } namespace { // FakePeerAddressSocket wraps a |StreamSocket|, forwarding all calls except // that it provides a given answer for |GetPeerAddress|. class FakePeerAddressSocket : public WrappedStreamSocket { … }; } // namespace TEST_F(SSLClientSocketTest, SessionResumption_RSA) { … } // Tests that ALPN works with session resumption. TEST_F(SSLClientSocketTest, SessionResumptionAlpn) { … } // Tests that the session cache is not sharded by NetworkAnonymizationKey if the // feature is disabled. TEST_P(SSLClientSocketVersionTest, SessionResumptionNetworkIsolationKeyDisabled) { … } // Tests that the session cache is sharded by NetworkAnonymizationKey if the // feature is enabled. TEST_P(SSLClientSocketVersionTest, SessionResumptionNetworkIsolationKeyEnabled) { … } // Tests that connections with certificate errors do not add entries to the // session cache. TEST_P(SSLClientSocketVersionTest, CertificateErrorNoResume) { … } TEST_F(SSLClientSocketTest, RequireECDHE) { … } TEST_F(SSLClientSocketTest, 3DES) { … } TEST_F(SSLClientSocketTest, SHA1) { … } TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) { … } // Test that False Start is disabled without ALPN. TEST_F(SSLClientSocketFalseStartTest, NoAlpn) { … } // Test that False Start is disabled with plain RSA ciphers. TEST_F(SSLClientSocketFalseStartTest, RSA) { … } // Test that False Start is disabled without an AEAD. TEST_F(SSLClientSocketFalseStartTest, NoAEAD) { … } // Test that sessions are resumable after receiving the server Finished message. TEST_F(SSLClientSocketFalseStartTest, SessionResumption) { … } // Test that the client completes the handshake in the background and installs // new sessions, even if the socket isn't used. This also avoids a theoretical // deadlock if NewSessionTicket is sufficiently large that neither it nor the // client's HTTP/1.1 POST fit in transport windows. TEST_F(SSLClientSocketFalseStartTest, CompleteHandshakeWithoutRequest) { … } // Test that False Started sessions are not resumable before receiving the // server Finished message. TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBeforeFinished) { … } // Test that False Started sessions are not resumable if the server Finished // message was bad. TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBadFinished) { … } // Server preference should win in ALPN. TEST_F(SSLClientSocketTest, Alpn) { … } // If the server supports ALPN but the client does not, then ALPN is not used. TEST_F(SSLClientSocketTest, AlpnClientDisabled) { … } // Client certificates are disabled on iOS. #if BUILDFLAG(ENABLE_CLIENT_CERTIFICATES) // Connect to a server requesting client authentication, do not send // any client certificates. It should refuse the connection. TEST_P(SSLClientSocketVersionTest, NoCert) { … } // Connect to a server requesting client authentication, and send it // an empty certificate. TEST_P(SSLClientSocketVersionTest, SendEmptyCert) { … } // Connect to a server requesting client authentication and send a certificate. TEST_P(SSLClientSocketVersionTest, SendGoodCert) { … } // When client certificate preferences change, the session cache should be // cleared so the client certificate preferences are applied. TEST_F(SSLClientSocketTest, ClearSessionCacheOnClientCertChange) { … } TEST_F(SSLClientSocketTest, ClearSessionCacheOnClientCertDatabaseChange) { … } TEST_F(SSLClientSocketTest, DontClearEmptyClientCertCache) { … } TEST_F(SSLClientSocketTest, DontClearMatchingClientCertificates) { … } TEST_F(SSLClientSocketTest, ClearMismatchingClientCertificates) { … } TEST_F(SSLClientSocketTest, ClearMismatchingClientCertificatesWithNullParameter) { … } TEST_F(SSLClientSocketTest, ClearMismatchingClientCertificatesWithNullCachedCert) { … } TEST_F(SSLClientSocketTest, DontClearClientCertificatesWithNullCerts) { … } TEST_F(SSLClientSocketTest, ClearMatchingCertDontClearEmptyClientCertCache) { … } TEST_F(SSLClientSocketTest, ClearMatchingCertSingleNotMatching) { … } TEST_F(SSLClientSocketTest, ClearMatchingCertSingleMatching) { … } TEST_F(SSLClientSocketTest, DontClearSessionCacheOnServerCertDatabaseChange) { … } // Test client certificate signature algorithm selection. TEST_F(SSLClientSocketTest, ClientCertSignatureAlgorithm) { … } #endif // BUILDFLAG(ENABLE_CLIENT_CERTIFICATES) HashValueVector MakeHashValueVector(uint8_t value) { … } // Test that |ssl_info.pkp_bypassed| is set when a local trust anchor causes // pinning to be bypassed. TEST_P(SSLClientSocketVersionTest, PKPBypassedSet) { … } TEST_P(SSLClientSocketVersionTest, PKPEnforced) { … } namespace { // TLS_RSA_WITH_AES_128_GCM_SHA256's key exchange involves encrypting to the // server long-term key. const uint16_t kEncryptingCipher = …; // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256's key exchange involves a signature by // the server long-term key. const uint16_t kSigningCipher = …; } // namespace struct KeyUsageTest { … }; class SSLClientSocketKeyUsageTest : public SSLClientSocketTest, public ::testing::WithParamInterface< std::tuple<KeyUsageTest, bool /*known_root*/>> { … }; const KeyUsageTest kKeyUsageTests[] = …; TEST_P(SSLClientSocketKeyUsageTest, RSAKeyUsage) { … } INSTANTIATE_TEST_SUITE_P(…); // Test that when CT is required (in this case, by the delegate), the // absence of CT information is a socket error. TEST_P(SSLClientSocketVersionTest, CTIsRequired) { … } // Test that when CT is required, setting ignore_certificate_errors // ignores errors in CT. TEST_P(SSLClientSocketVersionTest, IgnoreCertificateErrorsBypassesRequiredCT) { … } // When both PKP and CT are required for a host, and both fail, the more // serious error is that the pin validation failed. TEST_P(SSLClientSocketVersionTest, PKPMoreImportantThanCT) { … } // Tests that the SCTAuditingDelegate is called to enqueue SCT reports. TEST_P(SSLClientSocketVersionTest, SCTAuditingReportCollected) { … } // Test that handshake_failure alerts at the ServerHello are mapped to // ERR_SSL_VERSION_OR_CIPHER_MISMATCH. TEST_F(SSLClientSocketTest, HandshakeFailureServerHello) { … } // Test that handshake_failure alerts after the ServerHello but without a // CertificateRequest are mapped to ERR_SSL_PROTOCOL_ERROR. TEST_F(SSLClientSocketTest, HandshakeFailureNoClientCerts) { … } // Test that handshake_failure alerts after the ServerHello map to // ERR_BAD_SSL_CLIENT_AUTH_CERT if a client certificate was requested but not // supplied. TLS does not have an alert for this case, so handshake_failure is // common. See https://crbug.com/646567. TEST_F(SSLClientSocketTest, LateHandshakeFailureMissingClientCerts) { … } // Test that handshake_failure alerts after the ServerHello map to // ERR_SSL_PROTOCOL_ERROR if received after sending a client certificate. It is // assumed servers will send a more appropriate alert in this case. TEST_F(SSLClientSocketTest, LateHandshakeFailureSendClientCerts) { … } // Test that access_denied alerts are mapped to ERR_SSL_PROTOCOL_ERROR if // received on a connection not requesting client certificates. This is an // incorrect use of the alert but is common. See https://crbug.com/630883. TEST_F(SSLClientSocketTest, AccessDeniedNoClientCerts) { … } // Test that access_denied alerts are mapped to ERR_BAD_SSL_CLIENT_AUTH_CERT if // received on a connection requesting client certificates. TEST_F(SSLClientSocketTest, AccessDeniedClientCerts) { … } // Test the client can send application data before the ServerHello comes in. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTEarlyDataBeforeServerHello) { … } // Test that the client sends 1-RTT data if the ServerHello happens to come in // before Write() is called. See https://crbug.com/950706. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTEarlyDataAfterServerHello) { … } // Check that 0RTT is confirmed after a Write and Read. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTConfirmedAfterRead) { … } // Test that writes wait for the ServerHello once it has reached the early data // limit. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTEarlyDataLimit) { … } // When a client socket reaches the 0-RTT early data limit, both Write() and // ConfirmHandshake() become blocked on a transport read. Test that // CancelReadIfReady() does not interrupt those. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTEarlyDataLimitCancelReadIfReady) { … } TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTReject) { … } TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTWrongVersion) { … } // Test that the ConfirmHandshake successfully completes the handshake and that // it blocks until the server's leg has been received. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTConfirmHandshake) { … } // Test that an early read does not break during zero RTT. TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTReadBeforeWrite) { … } TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTDoubleConfirmHandshake) { … } TEST_F(SSLClientSocketZeroRTTTest, ZeroRTTParallelReadConfirm) { … } TEST_P(SSLClientSocketReadTest, IdleAfterRead) { … } // Test that certificate errors are properly reported when the underlying // transport is itself a TLS connection, such as when tunneling over an HTTPS // proxy. See https://crbug.com/959305. TEST_F(SSLClientSocketTest, SSLOverSSLBadCertificate) { … } TEST_F(SSLClientSocketTest, Tag) { … } TEST_F(SSLClientSocketTest, ECH) { … } // Test that, on key mismatch, the public name can be used to authenticate // replacement keys. TEST_F(SSLClientSocketTest, ECHWrongKeys) { … } // Test that, if the server does not support ECH, it can securely report this // via the public name. This allows recovery if the server needed to // rollback ECH support. TEST_F(SSLClientSocketTest, ECHSecurelyDisabled) { … } // The same as the above, but testing that it also works in TLS 1.2, which // otherwise does not support ECH. TEST_F(SSLClientSocketTest, ECHSecurelyDisabledTLS12) { … } // Test that the ECH fallback handshake rejects bad certificates. TEST_F(SSLClientSocketTest, ECHFallbackBadCert) { … } TEST_F(SSLClientSocketTest, InvalidECHConfigList) { … } // Test that, if no ECHConfigList is available, the client sends ECH GREASE. TEST_F(SSLClientSocketTest, ECHGreaseEnabled) { … } // Test that, if ECH is disabled, the client does not send ECH GREASE. TEST_F(SSLClientSocketTest, ECHGreaseDisabled) { … } struct SSLHandshakeDetailsParams { … }; const SSLHandshakeDetailsParams kSSLHandshakeDetailsParams[] = …; class SSLHandshakeDetailsTest : public SSLClientSocketTest, public ::testing::WithParamInterface<SSLHandshakeDetailsParams> { … }; INSTANTIATE_TEST_SUITE_P(…); TEST_P(SSLHandshakeDetailsTest, Metrics) { … } TEST_F(SSLClientSocketZeroRTTTest, EarlyDataReasonNewSession) { … } // Test 0-RTT logging when the server declines to resume a connection. TEST_F(SSLClientSocketZeroRTTTest, EarlyDataReasonNoResume) { … } // Test 0-RTT logging in the standard ConfirmHandshake-after-acceptance case. TEST_F(SSLClientSocketZeroRTTTest, EarlyDataReasonZeroRTT) { … } // Check that we're correctly logging 0-rtt success when the handshake // concludes during a Read. TEST_F(SSLClientSocketZeroRTTTest, EarlyDataReasonReadServerHello) { … } TEST_F(SSLClientSocketTest, VersionMaxOverride) { … } TEST_F(SSLClientSocketTest, VersionMinOverride) { … } // Basic test of CancelReadIfReady works. TEST_F(SSLClientSocketTest, CancelReadIfReady) { … } // Test that the server_name extension (SNI) is sent on DNS names, and not IP // literals. TEST_F(SSLClientSocketTest, ServerName) { … } class SSLClientSocketAlpsTest : public SSLClientSocketTest, public ::testing::WithParamInterface<std::tuple<bool, bool, bool>> { … }; INSTANTIATE_TEST_SUITE_P(…); TEST_P(SSLClientSocketAlpsTest, Alps) { … } // Test that unused protocols in `application_settings` are ignored. TEST_P(SSLClientSocketAlpsTest, UnusedProtocols) { … } } // namespace net
Codebase Browser
chromium