| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" | 5 #include "base/bind.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/memory/ref_counted.h" | 7 #include "base/memory/ref_counted.h" |
| 8 #include "base/memory/scoped_vector.h" | 8 #include "base/memory/scoped_vector.h" |
| 9 #include "base/message_loop.h" | 9 #include "base/message_loop.h" |
| 10 #include "base/scoped_temp_dir.h" | 10 #include "base/scoped_temp_dir.h" |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 base::Time::FromInternalValue(1), | 75 base::Time::FromInternalValue(1), |
| 76 base::Time::FromInternalValue(2), | 76 base::Time::FromInternalValue(2), |
| 77 "a", "b")); | 77 "a", "b")); |
| 78 } | 78 } |
| 79 | 79 |
| 80 content::TestBrowserThread db_thread_; | 80 content::TestBrowserThread db_thread_; |
| 81 ScopedTempDir temp_dir_; | 81 ScopedTempDir temp_dir_; |
| 82 scoped_refptr<SQLiteServerBoundCertStore> store_; | 82 scoped_refptr<SQLiteServerBoundCertStore> store_; |
| 83 }; | 83 }; |
| 84 | 84 |
| 85 TEST_F(SQLiteServerBoundCertStoreTest, KeepOnDestruction) { | |
| 86 store_->SetClearLocalStateOnExit(false); | |
| 87 store_ = NULL; | |
| 88 // Make sure we wait until the destructor has run. | |
| 89 scoped_refptr<base::ThreadTestHelper> helper( | |
| 90 new base::ThreadTestHelper( | |
| 91 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | |
| 92 ASSERT_TRUE(helper->Run()); | |
| 93 | |
| 94 ASSERT_TRUE(file_util::PathExists( | |
| 95 temp_dir_.path().Append(chrome::kOBCertFilename))); | |
| 96 ASSERT_TRUE(file_util::Delete( | |
| 97 temp_dir_.path().Append(chrome::kOBCertFilename), false)); | |
| 98 } | |
| 99 | |
| 100 TEST_F(SQLiteServerBoundCertStoreTest, RemoveOnDestruction) { | |
| 101 store_->SetClearLocalStateOnExit(true); | |
| 102 // Replace the store effectively destroying the current one and forcing it | |
| 103 // to write its data to disk. Then we can see if after loading it again it | |
| 104 // is still there. | |
| 105 store_ = NULL; | |
| 106 // Make sure we wait until the destructor has run. | |
| 107 scoped_refptr<base::ThreadTestHelper> helper( | |
| 108 new base::ThreadTestHelper( | |
| 109 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | |
| 110 ASSERT_TRUE(helper->Run()); | |
| 111 | |
| 112 ASSERT_FALSE(file_util::PathExists( | |
| 113 temp_dir_.path().Append(chrome::kOBCertFilename))); | |
| 114 } | |
| 115 | |
| 116 // Test if data is stored as expected in the SQLite database. | 85 // Test if data is stored as expected in the SQLite database. |
| 117 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { | 86 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { |
| 118 store_->AddServerBoundCert( | 87 store_->AddServerBoundCert( |
| 119 net::DefaultServerBoundCertStore::ServerBoundCert( | 88 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 120 "foo.com", | 89 "foo.com", |
| 121 net::CLIENT_CERT_ECDSA_SIGN, | 90 net::CLIENT_CERT_ECDSA_SIGN, |
| 122 base::Time::FromInternalValue(3), | 91 base::Time::FromInternalValue(3), |
| 123 base::Time::FromInternalValue(4), | 92 base::Time::FromInternalValue(4), |
| 124 "c", "d")); | 93 "c", "d")); |
| 125 | 94 |
| (...skipping 407 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 533 return true; | 502 return true; |
| 534 } | 503 } |
| 535 } | 504 } |
| 536 return false; | 505 return false; |
| 537 } | 506 } |
| 538 | 507 |
| 539 } // namespace | 508 } // namespace |
| 540 | 509 |
| 541 // Tests the interaction with the clear on exit policy. | 510 // Tests the interaction with the clear on exit policy. |
| 542 TEST_F(SQLiteServerBoundCertStoreTest, TestClearOnExitPolicy) { | 511 TEST_F(SQLiteServerBoundCertStoreTest, TestClearOnExitPolicy) { |
| 543 // First, delete a possibly existing store. | |
| 544 store_->SetClearLocalStateOnExit(true); | |
| 545 store_ = NULL; | |
| 546 scoped_refptr<base::ThreadTestHelper> helper( | |
| 547 new base::ThreadTestHelper( | |
| 548 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | |
| 549 ASSERT_TRUE(helper->Run()); | |
| 550 | |
| 551 // Create a new store with three certificates in it. | 512 // Create a new store with three certificates in it. |
| 552 store_ = new SQLiteServerBoundCertStore( | 513 store_ = new SQLiteServerBoundCertStore( |
| 553 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 514 temp_dir_.path().AppendASCII("ClearOnExitDB"), NULL); |
| 554 | 515 |
| 555 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 516 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 556 ASSERT_TRUE(store_->Load(&certs.get())); | 517 ASSERT_TRUE(store_->Load(&certs.get())); |
| 557 ASSERT_EQ(0U, certs.size()); | 518 ASSERT_EQ(0U, certs.size()); |
| 558 | 519 |
| 559 store_->AddServerBoundCert( | 520 store_->AddServerBoundCert( |
| 560 net::DefaultServerBoundCertStore::ServerBoundCert( | 521 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 561 "other.com", | 522 "other.com", |
| 562 net::CLIENT_CERT_RSA_SIGN, | 523 net::CLIENT_CERT_RSA_SIGN, |
| 563 base::Time::FromInternalValue(1), | 524 base::Time::FromInternalValue(1), |
| 564 base::Time::FromInternalValue(2), | 525 base::Time::FromInternalValue(2), |
| 565 "a", "b")); | 526 "a", "b")); |
| 566 store_->AddServerBoundCert( | 527 store_->AddServerBoundCert( |
| 567 net::DefaultServerBoundCertStore::ServerBoundCert( | 528 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 568 "session.com", | 529 "session.com", |
| 569 net::CLIENT_CERT_RSA_SIGN, | 530 net::CLIENT_CERT_RSA_SIGN, |
| 570 base::Time::FromInternalValue(3), | 531 base::Time::FromInternalValue(3), |
| 571 base::Time::FromInternalValue(4), | 532 base::Time::FromInternalValue(4), |
| 572 "x", "y")); | 533 "x", "y")); |
| 573 store_->AddServerBoundCert( | 534 store_->AddServerBoundCert( |
| 574 net::DefaultServerBoundCertStore::ServerBoundCert( | 535 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 575 "protected.com", | 536 "protected.com", |
| 576 net::CLIENT_CERT_RSA_SIGN, | 537 net::CLIENT_CERT_RSA_SIGN, |
| 577 base::Time::FromInternalValue(5), | 538 base::Time::FromInternalValue(5), |
| 578 base::Time::FromInternalValue(6), | 539 base::Time::FromInternalValue(6), |
| 579 "n", "m")); | 540 "n", "m")); |
| 580 | 541 |
| 581 // Write out the certificates to disk. | 542 // Write out the certificates to disk. |
| 582 store_ = NULL; | 543 store_ = NULL; |
| 544 scoped_refptr<base::ThreadTestHelper> helper( |
| 545 new base::ThreadTestHelper( |
| 546 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); |
| 583 ASSERT_TRUE(helper->Run()); | 547 ASSERT_TRUE(helper->Run()); |
| 584 | 548 |
| 585 // Load the store again with a clear on exit policy. | 549 // Load the store again with a clear on exit policy. |
| 586 scoped_refptr<quota::MockSpecialStoragePolicy> storage_policy = | 550 scoped_refptr<quota::MockSpecialStoragePolicy> storage_policy = |
| 587 new quota::MockSpecialStoragePolicy; | 551 new quota::MockSpecialStoragePolicy; |
| 588 scoped_refptr<ClearOnExitPolicy> clear_policy = | 552 scoped_refptr<ClearOnExitPolicy> clear_policy = |
| 589 new ClearOnExitPolicy(storage_policy.get()); | 553 new ClearOnExitPolicy(storage_policy.get()); |
| 590 storage_policy->AddSessionOnly(GURL("https://session.com")); | 554 storage_policy->AddSessionOnly(GURL("https://session.com")); |
| 591 storage_policy->AddSessionOnly(GURL("https://protected.com")); | 555 storage_policy->AddSessionOnly(GURL("https://protected.com")); |
| 592 storage_policy->AddProtected(GURL("https://protected.com")); | 556 storage_policy->AddProtected(GURL("https://protected.com")); |
| 593 store_ = new SQLiteServerBoundCertStore( | 557 store_ = new SQLiteServerBoundCertStore( |
| 594 temp_dir_.path().Append(chrome::kOBCertFilename), clear_policy.get()); | 558 temp_dir_.path().AppendASCII("ClearOnExitDB"), clear_policy.get()); |
| 595 ASSERT_TRUE(store_->Load(&certs.get())); | 559 ASSERT_TRUE(store_->Load(&certs.get())); |
| 596 ASSERT_EQ(3U, certs.size()); | 560 ASSERT_EQ(3U, certs.size()); |
| 597 | 561 |
| 598 // Delete the store. This should apply the clear on exit policy. | 562 // We've put a exit policy in place, but force the state to be saved. |
| 563 store_->SetForceKeepSessionState(); |
| 564 store_ = NULL; |
| 565 ASSERT_TRUE(helper->Run()); |
| 566 |
| 567 // Reload the store and check that the certs are still there. |
| 568 store_ = new SQLiteServerBoundCertStore( |
| 569 temp_dir_.path().AppendASCII("ClearOnExitDB"), clear_policy.get()); |
| 570 |
| 571 // Reload and test for persistence |
| 572 certs.reset(); |
| 573 ASSERT_TRUE(store_->Load(&certs.get())); |
| 574 ASSERT_EQ(3U, certs.size()); |
| 575 |
| 576 // Delete the store. This time, the exit policy should be in place. |
| 599 store_ = NULL; | 577 store_ = NULL; |
| 600 // Make sure we wait until the destructor has run. | 578 // Make sure we wait until the destructor has run. |
| 601 ASSERT_TRUE(helper->Run()); | 579 ASSERT_TRUE(helper->Run()); |
| 602 | 580 |
| 603 store_ = new SQLiteServerBoundCertStore( | 581 store_ = new SQLiteServerBoundCertStore( |
| 604 temp_dir_.path().Append(chrome::kOBCertFilename), clear_policy.get()); | 582 temp_dir_.path().AppendASCII("ClearOnExitDB"), clear_policy.get()); |
| 605 | 583 |
| 606 // Reload and test for persistence | 584 // Reload and test for persistence |
| 607 certs.reset(); | 585 certs.reset(); |
| 608 ASSERT_TRUE(store_->Load(&certs.get())); | 586 ASSERT_TRUE(store_->Load(&certs.get())); |
| 609 ASSERT_EQ(2U, certs.size()); | 587 ASSERT_EQ(2U, certs.size()); |
| 610 | 588 |
| 611 ASSERT_TRUE(CertificateExistsInList(&certs.get(), | 589 ASSERT_TRUE(CertificateExistsInList(&certs.get(), |
| 612 "other.com", | 590 "other.com", |
| 613 net::CLIENT_CERT_RSA_SIGN, | 591 net::CLIENT_CERT_RSA_SIGN, |
| 614 "a", "b", 1, 2)); | 592 "a", "b", 1, 2)); |
| 615 ASSERT_TRUE(CertificateExistsInList(&certs.get(), | 593 ASSERT_TRUE(CertificateExistsInList(&certs.get(), |
| 616 "protected.com", | 594 "protected.com", |
| 617 net::CLIENT_CERT_RSA_SIGN, | 595 net::CLIENT_CERT_RSA_SIGN, |
| 618 "n", "m", 5, 6)); | 596 "n", "m", 5, 6)); |
| 619 } | 597 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10447117:
Unwire the clear on exit preference from the storage systems. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src