// Copyright 2017 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "services/network/network_service.h" #include <cstdint> #include <memory> #include <optional> #include <string_view> #include <utility> #include "base/base64.h" #include "base/command_line.h" #include "base/containers/span.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" #include "base/functional/bind.h" #include "base/path_service.h" #include "base/ranges/algorithm.h" #include "base/run_loop.h" #include "base/strings/escape.h" #include "base/strings/string_util.h" #include "base/strings/stringprintf.h" #include "base/test/bind.h" #include "base/test/scoped_feature_list.h" #include "base/test/task_environment.h" #include "base/test/test_future.h" #include "base/test/values_test_util.h" #include "build/build_config.h" #include "build/chromeos_buildflags.h" #include "components/os_crypt/async/browser/test_utils.h" #include "components/os_crypt/sync/os_crypt_mocker.h" #include "components/privacy_sandbox/masked_domain_list/masked_domain_list.pb.h" #include "mojo/public/cpp/base/proto_wrapper.h" #include "net/base/ip_address.h" #include "net/base/ip_endpoint.h" #include "net/base/mock_network_change_notifier.h" #include "net/base/url_util.h" #include "net/cookies/canonical_cookie.h" #include "net/cookies/cookie_options.h" #include "net/cookies/cookie_util.h" #include "net/dns/dns_client.h" #include "net/dns/dns_config.h" #include "net/dns/dns_config_service.h" #include "net/dns/dns_test_util.h" #include "net/dns/host_resolver.h" #include "net/dns/host_resolver_manager.h" #include "net/dns/public/dns_over_https_config.h" #include "net/dns/public/dns_protocol.h" #include "net/dns/public/doh_provider_entry.h" #include "net/http/http_auth_handler_factory.h" #include "net/http/http_auth_scheme.h" #include "net/http/http_network_session.h" #include "net/http/http_transaction_factory.h" #include "net/http/transport_security_state.h" #include "net/log/file_net_log_observer.h" #include "net/net_buildflags.h" #include "net/socket/client_socket_pool_manager.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "net/test/embedded_test_server/http_request.h" #include "net/test/embedded_test_server/http_response.h" #include "net/test/spawned_test_server/spawned_test_server.h" #include "net/test/test_data_directory.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "net/url_request/url_request_context.h" #include "services/network/network_context.h" #include "services/network/public/cpp/features.h" #include "services/network/public/cpp/network_switches.h" #include "services/network/public/mojom/cookie_encryption_provider.mojom.h" #include "services/network/public/mojom/cookie_manager.mojom.h" #include "services/network/public/mojom/host_resolver.mojom.h" #include "services/network/public/mojom/net_log.mojom.h" #include "services/network/public/mojom/network_annotation_monitor.mojom.h" #include "services/network/public/mojom/network_change_manager.mojom.h" #include "services/network/public/mojom/network_context.mojom.h" #include "services/network/public/mojom/network_service.mojom.h" #include "services/network/public/mojom/system_dns_resolution.mojom.h" #include "services/network/test/fake_test_cert_verifier_params_factory.h" #include "services/network/test/test_network_context_client.h" #include "services/network/test/test_url_loader_client.h" #include "services/network/test/test_url_loader_network_observer.h" #include "services/network/test/test_utils.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "url/gurl.h" #if BUILDFLAG(USE_KERBEROS) #include "net/http/http_auth_handler_negotiate.h" #endif #if BUILDFLAG(IS_CHROMEOS_ASH) #include "services/network/mock_mojo_dhcp_wpad_url_client.h" #endif // BUILDFLAG(IS_CHROMEOS_ASH) #if BUILDFLAG(ENABLE_WEBSOCKETS) #include "services/network/test_mojo_proxy_resolver_factory.h" #endif // BUILDFLAG(ENABLE_WEBSOCKETS) namespace network { namespace { const base::FilePath::CharType kServicesTestData[] = …); // Returns a new URL with key=value pair added to the query. GURL AddQuery(const GURL& url, const std::string& key, const std::string& value) { … } mojom::NetworkContextParamsPtr CreateContextParams() { … } class NetworkServiceTest : public testing::Test { … }; // Test shutdown in the case a NetworkContext is destroyed before the // NetworkService. TEST_F(NetworkServiceTest, CreateAndDestroyContext) { … } // Test shutdown in the case there is still a live NetworkContext when the // NetworkService is destroyed. The service should destroy the NetworkContext // itself. TEST_F(NetworkServiceTest, DestroyingServiceDestroysContext) { … } TEST_F(NetworkServiceTest, CreateContextWithoutChannelID) { … } TEST_F(NetworkServiceTest, CreateContextWithMaskedDomainListProxyConfig) { … } TEST_F(NetworkServiceTest, CreateContextWithCustomProxyConfig_MdlConfigIsNotUsed) { … } TEST_F(NetworkServiceTest, CreateContextWithoutMaskedDomainListData) { … } TEST_F(NetworkServiceTest, AuthDefaultParams) { … } TEST_F(NetworkServiceTest, AuthSchemesDynamicallyChanging) { … } TEST_F(NetworkServiceTest, AuthSchemesNone) { … } #if BUILDFLAG(USE_EXTERNAL_GSSAPI) TEST_F(NetworkServiceTest, AuthGssapiLibraryName) { … } #endif // BUILDFLAG(USE_EXTERNAL_GSSAPI) TEST_F(NetworkServiceTest, AuthServerAllowlist) { … } TEST_F(NetworkServiceTest, AuthDelegateAllowlist) { … } TEST_F(NetworkServiceTest, DelegateByKdcPolicy) { … } TEST_F(NetworkServiceTest, AuthNegotiateCnameLookup) { … } TEST_F(NetworkServiceTest, AuthEnableNegotiatePort) { … } // DnsClient isn't supported on iOS. #if !BUILDFLAG(IS_IOS) TEST_F(NetworkServiceTest, DnsClientEnableDisable) { … } TEST_F(NetworkServiceTest, HandlesAdditionalDnsQueryTypesEnableDisable) { … } TEST_F(NetworkServiceTest, DnsOverHttpsEnableDisable) { … } TEST_F(NetworkServiceTest, DisableDohUpgradeProviders) { … } TEST_F(NetworkServiceTest, DohProbe) { … } TEST_F(NetworkServiceTest, DohProbe_MultipleContexts) { … } TEST_F(NetworkServiceTest, DohProbe_ContextAddedBeforeTimeout) { … } TEST_F(NetworkServiceTest, DohProbe_ContextAddedAfterTimeout) { … } TEST_F(NetworkServiceTest, DohProbe_ContextRemovedBeforeTimeout) { … } TEST_F(NetworkServiceTest, DohProbe_ContextRemovedAfterTimeout) { … } #endif // !BUILDFLAG(IS_IOS) // |ntlm_v2_enabled| is only supported on POSIX platforms. #if BUILDFLAG(IS_POSIX) TEST_F(NetworkServiceTest, AuthNtlmV2Enabled) { … } #endif // BUILDFLAG(IS_POSIX) // |android_negotiate_account_type| is only supported on Android. #if BUILDFLAG(IS_ANDROID) TEST_F(NetworkServiceTest, AuthAndroidNegotiateAccountType) { const char kInitialAccountType[] = "Scorpio"; const char kFinalAccountType[] = "Pisces"; // Set |android_negotiate_account_type| to before creating any // NetworkContexts. mojom::HttpAuthDynamicParamsPtr auth_params = mojom::HttpAuthDynamicParams::New(); auth_params->android_negotiate_account_type = kInitialAccountType; service()->ConfigureHttpAuthPrefs(std::move(auth_params)); // Create a network context, which should reflect the setting. mojo::Remote<mojom::NetworkContext> network_context_remote; NetworkContext network_context( service(), network_context_remote.BindNewPipeAndPassReceiver(), CreateContextParams()); net::HttpAuthHandlerFactory* auth_handler_factory = network_context.url_request_context()->http_auth_handler_factory(); ASSERT_TRUE(auth_handler_factory); ASSERT_TRUE(auth_handler_factory->http_auth_preferences()); EXPECT_EQ(kInitialAccountType, auth_handler_factory->http_auth_preferences() ->AuthAndroidNegotiateAccountType()); // Change |android_negotiate_account_type|. The pre-existing NetworkContext // should be using the new setting. auth_params = mojom::HttpAuthDynamicParams::New(); auth_params->android_negotiate_account_type = kFinalAccountType; service()->ConfigureHttpAuthPrefs(std::move(auth_params)); EXPECT_EQ(kFinalAccountType, auth_handler_factory->http_auth_preferences() ->AuthAndroidNegotiateAccountType()); } #endif // BUILDFLAG(IS_ANDROID) static int GetGlobalMaxConnectionsPerProxyChain() { … } // Tests that NetworkService::SetMaxConnectionsPerProxyChain() (1) modifies // globals in net::ClientSocketPoolManager (2) saturates out of bound values. TEST_F(NetworkServiceTest, SetMaxConnectionsPerProxyChain) { … } #if BUILDFLAG(IS_CT_SUPPORTED) // Tests that disabling CT enforcement disables the feature for both existing // and new network contexts. TEST_F(NetworkServiceTest, DisableCTEnforcement) { … } #endif // BUILDFLAG(IS_CT_SUPPORTED) TEST_F(NetworkServiceTest, SetMaskedDomainList) { … } class TestCookieEncryptionProvider : public mojom::CookieEncryptionProvider { … }; class NetworkServiceCookieTest : public NetworkServiceTest, public testing::WithParamInterface< std::tuple</*enable_encryption*/ bool, /*set_provider*/ bool>> { … }; // This test verifies that SetCookieEncryptionProvider API on the // network_service functions correctly. In the case where // SetCookieEncryptionProvider is called with a provider, and // enable_encrypted_cookies is on, then the GetEncryptor method is called and // the returned Encryptor is used for encryption. TEST_P(NetworkServiceCookieTest, CookieEncryptionProvider) { … } INSTANTIATE_TEST_SUITE_P(…); class NetworkServiceTestWithService : public testing::Test { … }; // Verifies that loading a URL through the network service's mojo interface // works. TEST_F(NetworkServiceTestWithService, Basic) { … } // Verifies that a passed net log file is successfully opened and sane data // written to it. TEST_F(NetworkServiceTestWithService, StartsNetLog) { … } // Verifies that a passed net log file is successfully opened and sane data // written to it up until the max file size. TEST_F(NetworkServiceTestWithService, StartsNetLogBounded) { … } // Verifies that raw headers are only reported if requested. TEST_F(NetworkServiceTestWithService, RawRequestHeadersAbsent) { … } class NetworkServiceTestWithResolverMap : public NetworkServiceTestWithService { … }; TEST_F(NetworkServiceTestWithService, SetNetworkConditions) { … } // Integration test confirming that the SetTrustTokenKeyCommitments IPC is wired // up correctly by verifying that it's possible to read a value previously // passed to the setter. TEST_F(NetworkServiceTestWithService, SetsTrustTokenKeyCommitments) { … } TEST_F(NetworkServiceTestWithService, GetDnsConfigChangeManager) { … } TEST_F(NetworkServiceTestWithService, GetNetworkList) { … } class TestNetworkChangeManagerClient : public mojom::NetworkChangeManagerClient { … }; class NetworkChangeTest : public testing::Test { … }; TEST_F(NetworkChangeTest, NetworkChangeManagerRequest) { … } class NetworkServiceNetworkChangeTest : public testing::Test { … }; TEST_F(NetworkServiceNetworkChangeTest, NetworkChangeManagerRequest) { … } class NetworkServiceNetworkDelegateTest : public NetworkServiceTest { … }; class ClearSiteDataAuthCertObserver : public TestURLLoaderNetworkObserver { … }; // Check that |NetworkServiceNetworkDelegate| handles Clear-Site-Data header // w/ and w/o |NetworkContextCient|. TEST_F(NetworkServiceNetworkDelegateTest, ClearSiteDataObserver) { … } // Check that headers are handled and passed to the client correctly. TEST_F(NetworkServiceNetworkDelegateTest, HandleClearSiteDataHeaders) { … } class TestNetworkAnnotationMonitor : public mojom::NetworkAnnotationMonitor { … }; TEST_F(NetworkServiceNetworkDelegateTest, NetworkAnnotationMonitor) { … } #if BUILDFLAG(ENABLE_WEBSOCKETS) // Verify that network requests without a loader are reported to Network // Annotation Monitor. This test uses a PAC fetch as an example of such request. TEST_F(NetworkServiceNetworkDelegateTest, NetworkAnnotationMonitorWithoutLoader) { … } #endif // BUILDFLAG(ENABLE_WEBSOCKETS) class NetworkServiceTestWithSystemDnsResolver : public NetworkServiceTestWithService { … }; class StubHostResolverClient : public mojom::ResolveHostClient { … }; TEST_F(NetworkServiceTestWithSystemDnsResolver, HandlesDeadSystemDnsResolverService) { … } TEST_F(NetworkServiceTest, NetworkAnnotationMonitor) { … } } // namespace } // namespace network
Codebase Browser
chromium