// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40284755): Remove this and spanify to fix the errors. #pragma allow_unsafe_buffers #endif #include "net/socket/transport_client_socket_pool.h" #include <memory> #include <optional> #include <utility> #include "base/functional/bind.h" #include "base/functional/callback.h" #include "base/functional/callback_helpers.h" #include "base/memory/raw_ptr.h" #include "base/memory/ref_counted.h" #include "base/run_loop.h" #include "base/test/bind.h" #include "base/test/scoped_feature_list.h" #include "base/threading/platform_thread.h" #include "build/build_config.h" #include "net/base/completion_once_callback.h" #include "net/base/features.h" #include "net/base/ip_endpoint.h" #include "net/base/load_timing_info.h" #include "net/base/load_timing_info_test_util.h" #include "net/base/net_errors.h" #include "net/base/network_anonymization_key.h" #include "net/base/privacy_mode.h" #include "net/base/proxy_chain.h" #include "net/base/proxy_server.h" #include "net/base/proxy_string_util.h" #include "net/base/schemeful_site.h" #include "net/base/test_completion_callback.h" #include "net/cert/mock_cert_verifier.h" #include "net/dns/mock_host_resolver.h" #include "net/dns/public/secure_dns_policy.h" #include "net/http/http_network_session.h" #include "net/http/http_proxy_connect_job.h" #include "net/http/transport_security_state.h" #include "net/log/net_log.h" #include "net/log/net_log_with_source.h" #include "net/log/test_net_log.h" #include "net/proxy_resolution/configured_proxy_resolution_service.h" #include "net/socket/client_socket_handle.h" #include "net/socket/connect_job.h" #include "net/socket/socket_tag.h" #include "net/socket/socket_test_util.h" #include "net/socket/socks_connect_job.h" #include "net/socket/ssl_connect_job.h" #include "net/socket/stream_socket.h" #include "net/socket/transport_client_socket_pool.h" #include "net/socket/transport_client_socket_pool_test_util.h" #include "net/socket/transport_connect_job.h" #include "net/spdy/spdy_test_util_common.h" #include "net/ssl/ssl_config_service.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "net/test/gtest_util.h" #include "net/test/test_with_task_environment.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "url/gurl.h" #include "url/scheme_host_port.h" #include "url/url_constants.h" IsError; IsOk; namespace net { namespace { const int kMaxSockets = …; const int kMaxSocketsPerGroup = …; constexpr base::TimeDelta kUnusedIdleSocketTimeout = …; const RequestPriority kDefaultPriority = …; class SOCKS5MockData { … }; class TransportClientSocketPoolTest : public ::testing::Test, public WithTaskEnvironment { … }; TEST_F(TransportClientSocketPoolTest, Basic) { … } // Make sure that TransportConnectJob passes on its priority to its // HostResolver request on Init. TEST_F(TransportClientSocketPoolTest, SetResolvePriorityOnInit) { … } TEST_F(TransportClientSocketPoolTest, SetSecureDnsPolicy) { … } TEST_F(TransportClientSocketPoolTest, ReprioritizeRequests) { … } TEST_F(TransportClientSocketPoolTest, RequestIgnoringLimitsIsReprioritized) { … } TEST_F(TransportClientSocketPoolTest, InitHostResolutionFailure) { … } TEST_F(TransportClientSocketPoolTest, InitConnectionFailure) { … } TEST_F(TransportClientSocketPoolTest, PendingRequests) { … } TEST_F(TransportClientSocketPoolTest, PendingRequests_NoKeepAlive) { … } // This test will start up a RequestSocket() and then immediately Cancel() it. // The pending host resolution will eventually complete, and destroy the // ClientSocketPool which will crash if the group was not cleared properly. TEST_F(TransportClientSocketPoolTest, CancelRequestClearGroup) { … } TEST_F(TransportClientSocketPoolTest, TwoRequestsCancelOne) { … } TEST_F(TransportClientSocketPoolTest, ConnectCancelConnect) { … } TEST_F(TransportClientSocketPoolTest, CancelRequest) { … } class RequestSocketCallback : public TestCompletionCallbackBase { … }; TEST_F(TransportClientSocketPoolTest, RequestTwice) { … } // Make sure that pending requests get serviced after active requests get // cancelled. TEST_F(TransportClientSocketPoolTest, CancelActiveRequestWithPendingRequests) { … } // Make sure that pending requests get serviced after active requests fail. TEST_F(TransportClientSocketPoolTest, FailingActiveRequestWithPendingRequests) { … } TEST_F(TransportClientSocketPoolTest, IdleSocketLoadTiming) { … } TEST_F(TransportClientSocketPoolTest, CloseIdleSocketsOnIPAddressChange) { … } TEST(TransportClientSocketPoolStandaloneTest, DontCleanupOnIPAddressChange) { … } TEST_F(TransportClientSocketPoolTest, SSLCertError) { … } namespace { class TransportClientSocketPoolSSLConfigChangeTest : public TransportClientSocketPoolTest, public ::testing::WithParamInterface< SSLClientContext::SSLConfigChangeType> { … }; } // namespace TEST_P(TransportClientSocketPoolSSLConfigChangeTest, GracefulConfigChange) { … } INSTANTIATE_TEST_SUITE_P(…); TEST_F(TransportClientSocketPoolTest, BackupSocketConnect) { … } // Test the case where a socket took long enough to start the creation // of the backup socket, but then we cancelled the request after that. TEST_F(TransportClientSocketPoolTest, BackupSocketCancel) { … } // Test the case where a socket took long enough to start the creation // of the backup socket and never completes, and then the backup // connection fails. TEST_F(TransportClientSocketPoolTest, BackupSocketFailAfterStall) { … } // Test the case where a socket took long enough to start the creation // of the backup socket and eventually completes, but the backup socket // fails. TEST_F(TransportClientSocketPoolTest, BackupSocketFailAfterDelay) { … } // Test the case that SOCKSSocketParams are provided. TEST_F(TransportClientSocketPoolTest, SOCKS) { … } // Make sure there's no crash when an auth challenge is received over HTTP2 // and there are two pending Requests to the socket pool, with a single // ConnectJob. // // See https://crbug.com/940848 TEST_F(TransportClientSocketPoolTest, SpdyOneConnectJobTwoRequestsError) { … } // Make sure there's no crash when an auth challenge is received over HTTP2 // and there are two pending Requests to the socket pool, with a single // ConnectJob. // // See https://crbug.com/940848 TEST_F(TransportClientSocketPoolTest, SpdyAuthOneConnectJobTwoRequests) { … } TEST_F(TransportClientSocketPoolTest, HttpTunnelSetupRedirect) { … } TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKey) { … } TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeySsl) { … } // Test that, in the case of an HTTP proxy, the same transient // NetworkAnonymizationKey is reused for resolving the proxy's host, regardless // of input NAK. TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeyHttpProxy) { … } // Test that, in the case of an HTTPS proxy, the same transient // NetworkAnonymizationKey is reused for resolving the proxy's host, regardless // of input NAK. TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeyHttpsProxy) { … } // Test that, in the case of a SOCKS5 proxy, the passed in // NetworkAnonymizationKey is used for the destination DNS lookup, and the same // transient NetworkAnonymizationKey is reused for resolving the proxy's host, // regardless of input NAK. TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeySocks4Proxy) { … } // Test that, in the case of a SOCKS5 proxy, the same transient // NetworkAnonymizationKey is reused for resolving the proxy's host, regardless // of input NAK. TEST_F(TransportClientSocketPoolTest, NetworkAnonymizationKeySocks5Proxy) { … } TEST_F(TransportClientSocketPoolTest, HasActiveSocket) { … } // Test that SocketTag passed into TransportClientSocketPool is applied to // returned sockets. #if BUILDFLAG(IS_ANDROID) TEST_F(TransportClientSocketPoolTest, Tag) { if (!CanGetTaggedBytes()) { DVLOG(0) << "Skipping test - GetTaggedBytes unsupported."; return; } // Start test server. EmbeddedTestServer test_server; test_server.AddDefaultHandlers(base::FilePath()); ASSERT_TRUE(test_server.Start()); ClientSocketHandle handle; int32_t tag_val1 = 0x12345678; SocketTag tag1(SocketTag::UNSET_UID, tag_val1); int32_t tag_val2 = 0x87654321; SocketTag tag2(getuid(), tag_val2); // Test socket is tagged before connected. uint64_t old_traffic = GetTaggedBytes(tag_val1); const ClientSocketPool::GroupId kGroupId( url::SchemeHostPort(test_server.base_url()), PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> params = ClientSocketPool::SocketParams::CreateForHttpForTesting(); TestCompletionCallback callback; int rv = handle.Init(kGroupId, params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(callback.GetResult(rv), IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_GT(GetTaggedBytes(tag_val1), old_traffic); // Test reused socket is retagged. StreamSocket* socket = handle.socket(); handle.Reset(); old_traffic = GetTaggedBytes(tag_val2); rv = handle.Init(kGroupId, params, std::nullopt /* proxy_annotation_tag */, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(handle.socket(), socket); const char kRequest[] = "GET / HTTP/1.0\n\n"; scoped_refptr<IOBuffer> write_buffer = base::MakeRefCounted<StringIOBuffer>(kRequest); rv = handle.socket()->Write(write_buffer.get(), strlen(kRequest), callback.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback.GetResult(rv)); EXPECT_GT(GetTaggedBytes(tag_val2), old_traffic); // Disconnect socket to prevent reuse. handle.socket()->Disconnect(); handle.Reset(); // Test connect jobs that are orphaned and then adopted, appropriately apply // new tag. Request socket with |tag1|. TestCompletionCallback callback2; rv = handle.Init(kGroupId, params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback2.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_TRUE(rv == OK || rv == ERR_IO_PENDING) << "Result: " << rv; // Abort and request socket with |tag2|. handle.Reset(); rv = handle.Init(kGroupId, params, std::nullopt /* proxy_annotation_tag */, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(callback.GetResult(rv), IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); // Verify socket has |tag2| applied. old_traffic = GetTaggedBytes(tag_val2); rv = handle.socket()->Write(write_buffer.get(), strlen(kRequest), callback.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback.GetResult(rv)); EXPECT_GT(GetTaggedBytes(tag_val2), old_traffic); // Disconnect socket to prevent reuse. handle.socket()->Disconnect(); handle.Reset(); // Eat the left over connect job from the second request. // TODO(pauljensen): remove when crbug.com/800731 fixed. rv = handle.Init(kGroupId, params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(rv, IsOk()); // Disconnect socket to prevent reuse. handle.socket()->Disconnect(); handle.Reset(); // Test two connect jobs of differing priorities. Start the lower priority one // first but expect its socket to get vended to the higher priority request. ClientSocketHandle handle_high_pri; TestCompletionCallback callback_high_pri; rv = handle.Init(kGroupId, params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_TRUE(rv == OK || rv == ERR_IO_PENDING) << "Result: " << rv; int rv_high_pri = handle_high_pri.Init( kGroupId, params, std::nullopt /* proxy_annotation_tag */, HIGHEST, tag2, ClientSocketPool::RespectLimits::ENABLED, callback_high_pri.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(callback_high_pri.GetResult(rv_high_pri), IsOk()); EXPECT_TRUE(handle_high_pri.socket()); EXPECT_TRUE(handle_high_pri.socket()->IsConnected()); EXPECT_THAT(callback.GetResult(rv), IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); // Verify |handle_high_pri| has |tag2| applied. old_traffic = GetTaggedBytes(tag_val2); rv = handle_high_pri.socket()->Write(write_buffer.get(), strlen(kRequest), callback.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback.GetResult(rv)); EXPECT_GT(GetTaggedBytes(tag_val2), old_traffic); // Verify |handle| has |tag1| applied. old_traffic = GetTaggedBytes(tag_val1); rv = handle.socket()->Write(write_buffer.get(), strlen(kRequest), callback.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback.GetResult(rv)); EXPECT_GT(GetTaggedBytes(tag_val1), old_traffic); } TEST_F(TransportClientSocketPoolTest, TagSOCKSProxy) { session_deps_.host_resolver->set_synchronous_mode(true); TransportClientSocketPool proxy_pool( kMaxSockets, kMaxSocketsPerGroup, kUnusedIdleSocketTimeout, ProxyUriToProxyChain("socks5://proxy", /*default_scheme=*/ProxyServer::SCHEME_HTTP), /*is_for_websockets=*/false, tagging_common_connect_job_params_.get()); SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); SocketTag tag2(getuid(), 0x87654321); const url::SchemeHostPort kDestination(url::kHttpScheme, "host", 80); const ClientSocketPool::GroupId kGroupId( kDestination, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> socks_params = ClientSocketPool::SocketParams::CreateForHttpForTesting(); // Test socket is tagged when created synchronously. SOCKS5MockData data_sync(SYNCHRONOUS); data_sync.data_provider()->set_connect_data(MockConnect(SYNCHRONOUS, OK)); tagging_client_socket_factory_.AddSocketDataProvider( data_sync.data_provider()); ClientSocketHandle handle; int rv = handle.Init( kGroupId, socks_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.is_initialized()); EXPECT_TRUE(handle.socket()); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag1); EXPECT_TRUE(tagging_client_socket_factory_.GetLastProducedTCPSocket() ->tagged_before_connected()); // Test socket is tagged when reused synchronously. StreamSocket* socket = handle.socket(); handle.Reset(); rv = handle.Init( kGroupId, socks_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(handle.socket(), socket); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag2); handle.socket()->Disconnect(); handle.Reset(); // Test socket is tagged when created asynchronously. SOCKS5MockData data_async(ASYNC); tagging_client_socket_factory_.AddSocketDataProvider( data_async.data_provider()); TestCompletionCallback callback; rv = handle.Init(kGroupId, socks_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); EXPECT_THAT(callback.WaitForResult(), IsOk()); EXPECT_TRUE(handle.is_initialized()); EXPECT_TRUE(handle.socket()); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag1); EXPECT_TRUE(tagging_client_socket_factory_.GetLastProducedTCPSocket() ->tagged_before_connected()); // Test socket is tagged when reused after being created asynchronously. socket = handle.socket(); handle.Reset(); rv = handle.Init( kGroupId, socks_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(handle.socket(), socket); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag2); } TEST_F(TransportClientSocketPoolTest, TagSSLDirect) { if (!CanGetTaggedBytes()) { DVLOG(0) << "Skipping test - GetTaggedBytes unsupported."; return; } // Start test server. EmbeddedTestServer test_server(net::EmbeddedTestServer::TYPE_HTTPS); test_server.SetSSLConfig(net::EmbeddedTestServer::CERT_OK, SSLServerConfig()); test_server.AddDefaultHandlers(base::FilePath()); ASSERT_TRUE(test_server.Start()); TestCompletionCallback callback; ClientSocketHandle handle; int32_t tag_val1 = 0x12345678; SocketTag tag1(SocketTag::UNSET_UID, tag_val1); int32_t tag_val2 = 0x87654321; SocketTag tag2(getuid(), tag_val2); const ClientSocketPool::GroupId kGroupId( url::SchemeHostPort(test_server.base_url()), PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> socket_params = base::MakeRefCounted<ClientSocketPool::SocketParams>( /*allowed_bad_certs=*/std::vector<SSLConfig::CertAndStatus>()); // Test socket is tagged before connected. uint64_t old_traffic = GetTaggedBytes(tag_val1); int rv = handle.Init( kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(callback.GetResult(rv), IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_GT(GetTaggedBytes(tag_val1), old_traffic); // Test reused socket is retagged. StreamSocket* socket = handle.socket(); handle.Reset(); old_traffic = GetTaggedBytes(tag_val2); TestCompletionCallback callback2; rv = handle.Init(kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, callback2.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(handle.socket(), socket); const char kRequest[] = "GET / HTTP/1.1\r\n\r\n"; scoped_refptr<IOBuffer> write_buffer = base::MakeRefCounted<StringIOBuffer>(kRequest); rv = handle.socket()->Write(write_buffer.get(), strlen(kRequest), callback.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback.GetResult(rv)); scoped_refptr<IOBufferWithSize> read_buffer = base::MakeRefCounted<IOBufferWithSize>(1); rv = handle.socket()->Read(read_buffer.get(), read_buffer->size(), callback.callback()); EXPECT_EQ(read_buffer->size(), callback.GetResult(rv)); EXPECT_GT(GetTaggedBytes(tag_val2), old_traffic); // Disconnect socket to prevent reuse. handle.socket()->Disconnect(); handle.Reset(); } TEST_F(TransportClientSocketPoolTest, TagSSLDirectTwoSockets) { if (!CanGetTaggedBytes()) { DVLOG(0) << "Skipping test - GetTaggedBytes unsupported."; return; } // Start test server. EmbeddedTestServer test_server(net::EmbeddedTestServer::TYPE_HTTPS); test_server.SetSSLConfig(net::EmbeddedTestServer::CERT_OK, SSLServerConfig()); test_server.AddDefaultHandlers(base::FilePath()); ASSERT_TRUE(test_server.Start()); ClientSocketHandle handle; int32_t tag_val1 = 0x12345678; SocketTag tag1(SocketTag::UNSET_UID, tag_val1); int32_t tag_val2 = 0x87654321; SocketTag tag2(getuid(), tag_val2); const ClientSocketPool::GroupId kGroupId( url::SchemeHostPort(test_server.base_url()), PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> socket_params = base::MakeRefCounted<ClientSocketPool::SocketParams>( /*allowed_bad_certs=*/std::vector<SSLConfig::CertAndStatus>()); // Test connect jobs that are orphaned and then adopted, appropriately apply // new tag. Request socket with |tag1|. TestCompletionCallback callback; int rv = handle.Init( kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_TRUE(rv == OK || rv == ERR_IO_PENDING) << "Result: " << rv; // Abort and request socket with |tag2|. handle.Reset(); TestCompletionCallback callback2; rv = handle.Init(kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, callback2.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(callback2.GetResult(rv), IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); // Verify socket has |tag2| applied. uint64_t old_traffic = GetTaggedBytes(tag_val2); const char kRequest[] = "GET / HTTP/1.1\r\n\r\n"; scoped_refptr<IOBuffer> write_buffer = base::MakeRefCounted<StringIOBuffer>(kRequest); rv = handle.socket()->Write(write_buffer.get(), strlen(kRequest), callback2.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback2.GetResult(rv)); scoped_refptr<IOBufferWithSize> read_buffer = base::MakeRefCounted<IOBufferWithSize>(1); rv = handle.socket()->Read(read_buffer.get(), read_buffer->size(), callback2.callback()); EXPECT_EQ(read_buffer->size(), callback2.GetResult(rv)); EXPECT_GT(GetTaggedBytes(tag_val2), old_traffic); } TEST_F(TransportClientSocketPoolTest, TagSSLDirectTwoSocketsFullPool) { if (!CanGetTaggedBytes()) { DVLOG(0) << "Skipping test - GetTaggedBytes unsupported."; return; } // Start test server. EmbeddedTestServer test_server(net::EmbeddedTestServer::TYPE_HTTPS); test_server.SetSSLConfig(net::EmbeddedTestServer::CERT_OK, SSLServerConfig()); test_server.AddDefaultHandlers(base::FilePath()); ASSERT_TRUE(test_server.Start()); TestCompletionCallback callback; ClientSocketHandle handle; int32_t tag_val1 = 0x12345678; SocketTag tag1(SocketTag::UNSET_UID, tag_val1); int32_t tag_val2 = 0x87654321; SocketTag tag2(getuid(), tag_val2); const ClientSocketPool::GroupId kGroupId( url::SchemeHostPort(test_server.base_url()), PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> socket_params = base::MakeRefCounted<ClientSocketPool::SocketParams>( /*allowed_bad_certs=*/std::vector<SSLConfig::CertAndStatus>()); // Test that sockets paused by a full underlying socket pool are properly // connected and tagged when underlying pool is freed up. // Fill up all slots in TCP pool. ClientSocketHandle tcp_handles[kMaxSocketsPerGroup]; int rv; for (auto& tcp_handle : tcp_handles) { rv = tcp_handle.Init( kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(callback.GetResult(rv), IsOk()); EXPECT_TRUE(tcp_handle.socket()); EXPECT_TRUE(tcp_handle.socket()->IsConnected()); } // Request two SSL sockets. ClientSocketHandle handle_to_be_canceled; rv = handle_to_be_canceled.Init( kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); rv = handle.Init(kGroupId, socket_params, std::nullopt /* proxy_annotation_tag */, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, callback.callback(), ClientSocketPool::ProxyAuthCallback(), pool_for_real_sockets_.get(), NetLogWithSource()); EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); // Cancel first request. handle_to_be_canceled.Reset(); // Disconnect a TCP socket to free up a slot. tcp_handles[0].socket()->Disconnect(); tcp_handles[0].Reset(); // Verify |handle| gets a valid tagged socket. EXPECT_THAT(callback.WaitForResult(), IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); uint64_t old_traffic = GetTaggedBytes(tag_val2); const char kRequest[] = "GET / HTTP/1.1\r\n\r\n"; scoped_refptr<IOBuffer> write_buffer = base::MakeRefCounted<StringIOBuffer>(kRequest); rv = handle.socket()->Write(write_buffer.get(), strlen(kRequest), callback.callback(), TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(static_cast<int>(strlen(kRequest)), callback.GetResult(rv)); scoped_refptr<IOBufferWithSize> read_buffer = base::MakeRefCounted<IOBufferWithSize>(1); EXPECT_EQ(handle.socket()->Read(read_buffer.get(), read_buffer->size(), callback.callback()), ERR_IO_PENDING); EXPECT_THAT(callback.WaitForResult(), read_buffer->size()); EXPECT_GT(GetTaggedBytes(tag_val2), old_traffic); } TEST_F(TransportClientSocketPoolTest, TagHttpProxyNoTunnel) { SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); SocketTag tag2(getuid(), 0x87654321); TransportClientSocketPool proxy_pool( kMaxSockets, kMaxSocketsPerGroup, kUnusedIdleSocketTimeout, ProxyUriToProxyChain("http://proxy", /*default_scheme=*/ProxyServer::SCHEME_HTTP), /*is_for_websockets=*/false, tagging_common_connect_job_params_.get()); session_deps_.host_resolver->set_synchronous_mode(true); SequencedSocketData socket_data; socket_data.set_connect_data(MockConnect(SYNCHRONOUS, OK)); tagging_client_socket_factory_.AddSocketDataProvider(&socket_data); const url::SchemeHostPort kDestination(url::kHttpScheme, "www.google.com", 80); const ClientSocketPool::GroupId kGroupId( kDestination, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> socket_params = ClientSocketPool::SocketParams::CreateForHttpForTesting(); // Verify requested socket is tagged properly. ClientSocketHandle handle; int rv = handle.Init( kGroupId, socket_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.is_initialized()); ASSERT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag1); EXPECT_TRUE(tagging_client_socket_factory_.GetLastProducedTCPSocket() ->tagged_before_connected()); // Verify reused socket is retagged properly. StreamSocket* socket = handle.socket(); handle.Reset(); rv = handle.Init( kGroupId, socket_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(handle.socket(), socket); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag2); handle.socket()->Disconnect(); handle.Reset(); } // This creates a tunnel without SSL on top of it - something not normally done, // though some non-HTTP consumers use this path to create tunnels for other // uses. TEST_F(TransportClientSocketPoolTest, TagHttpProxyTunnel) { SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); SocketTag tag2(getuid(), 0x87654321); TransportClientSocketPool proxy_pool( kMaxSockets, kMaxSocketsPerGroup, kUnusedIdleSocketTimeout, ProxyUriToProxyChain("http://proxy", /*default_scheme=*/ProxyServer::SCHEME_HTTP), /*is_for_websockets=*/false, tagging_common_connect_job_params_.get()); session_deps_.host_resolver->set_synchronous_mode(true); std::string request = "CONNECT www.google.com:443 HTTP/1.1\r\n" "Host: www.google.com:443\r\n" "Proxy-Connection: keep-alive\r\n" "User-Agent: test-ua\r\n\r\n"; MockWrite writes[] = { MockWrite(SYNCHRONOUS, 0, request.c_str()), }; MockRead reads[] = { MockRead(SYNCHRONOUS, 1, "HTTP/1.1 200 Connection Established\r\n\r\n"), }; SequencedSocketData socket_data(MockConnect(SYNCHRONOUS, OK), reads, writes); tagging_client_socket_factory_.AddSocketDataProvider(&socket_data); SSLSocketDataProvider ssl_data(SYNCHRONOUS, OK); tagging_client_socket_factory_.AddSSLSocketDataProvider(&ssl_data); const url::SchemeHostPort kDestination(url::kHttpsScheme, "www.google.com", 443); const ClientSocketPool::GroupId kGroupId( kDestination, PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(), SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false); scoped_refptr<ClientSocketPool::SocketParams> socket_params = base::MakeRefCounted<ClientSocketPool::SocketParams>( /*allowed_bad_certs=*/std::vector<SSLConfig::CertAndStatus>()); // Verify requested socket is tagged properly. ClientSocketHandle handle; int rv = handle.Init( kGroupId, socket_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag1, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.is_initialized()); ASSERT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag1); EXPECT_TRUE(tagging_client_socket_factory_.GetLastProducedTCPSocket() ->tagged_before_connected()); // Verify reused socket is retagged properly. StreamSocket* socket = handle.socket(); handle.Reset(); rv = handle.Init( kGroupId, socket_params, TRAFFIC_ANNOTATION_FOR_TESTS, LOW, tag2, ClientSocketPool::RespectLimits::ENABLED, CompletionOnceCallback(), ClientSocketPool::ProxyAuthCallback(), &proxy_pool, NetLogWithSource()); EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(handle.socket()); EXPECT_TRUE(handle.socket()->IsConnected()); EXPECT_EQ(handle.socket(), socket); EXPECT_EQ(tagging_client_socket_factory_.GetLastProducedTCPSocket()->tag(), tag2); handle.socket()->Disconnect(); handle.Reset(); } #endif // BUILDFLAG(IS_ANDROID) // Class that enables tests to set mock time. class TransportClientSocketPoolMockNowSourceTest : public TransportClientSocketPoolTest { … }; // Tests that changing the idle unused socket timeout using the experiment // works. The test first sets the value of timeout duration for idle sockets. // Next, it opens |kNumIdleSockets| sockets. To trigger the cleanup of idle // sockets that may have timedout, it then opens one more socket. This is // required since requesting a new socket triggers cleanup of idle timedout // sockets. Next, the test verifies the count of idle timed-out sockets. TEST_F(TransportClientSocketPoolMockNowSourceTest, IdleUnusedSocketTimeout) { … } } // namespace } // namespace net
Codebase Browser
chromium