| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <string> |
| 6 |
| 7 #include "base/pickle.h" |
| 8 #include "base/values.h" |
| 9 #include "chrome/common/extensions/permissions/permissions_info.h" |
| 10 #include "chrome/common/extensions/permissions/socket_permission.h" |
| 11 #include "chrome/common/extensions/permissions/socket_permission_data.h" |
| 12 #include "ipc/ipc_message.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" |
| 14 |
| 15 using extensions::SocketPermissionData; |
| 16 |
| 17 namespace { |
| 18 |
| 19 std::string Parse(const std::string& permission) { |
| 20 SocketPermissionData data; |
| 21 CHECK(data.Parse(permission)) << "Parse permission \"" << permission |
| 22 << "\" failed."; |
| 23 return data.GetAsString(); |
| 24 } |
| 25 |
| 26 } // namespace |
| 27 |
| 28 namespace extensions { |
| 29 |
| 30 class SocketPermissionTest : public testing::Test { |
| 31 }; |
| 32 |
| 33 TEST(SocketPermissionTest, General) { |
| 34 SocketPermissionData data1, data2; |
| 35 |
| 36 CHECK(data1.Parse("tcp-connect")); |
| 37 CHECK(data2.Parse("tcp-connect")); |
| 38 |
| 39 EXPECT_TRUE(data1 == data2); |
| 40 EXPECT_FALSE(data1 < data2); |
| 41 |
| 42 CHECK(data1.Parse("tcp-connect")); |
| 43 CHECK(data2.Parse("tcp-connect:www.example.com")); |
| 44 |
| 45 EXPECT_FALSE(data1 == data2); |
| 46 EXPECT_TRUE(data1 < data2); |
| 47 } |
| 48 |
| 49 TEST(SocketPermissionTest, Parse) { |
| 50 SocketPermissionData data; |
| 51 |
| 52 EXPECT_FALSE(data.Parse("")); |
| 53 EXPECT_FALSE(data.Parse("*")); |
| 54 EXPECT_FALSE(data.Parse("\00\00*")); |
| 55 EXPECT_FALSE(data.Parse("\01*")); |
| 56 EXPECT_FALSE(data.Parse("tcp-connect:www.example.com:-1")); |
| 57 EXPECT_FALSE(data.Parse("tcp-connect:www.example.com:65536")); |
| 58 EXPECT_FALSE(data.Parse("tcp-connect:::")); |
| 59 EXPECT_FALSE(data.Parse("tcp-connect::0")); |
| 60 EXPECT_FALSE(data.Parse("tcp-connect: www.exmaple.com: 99 ")); |
| 61 EXPECT_FALSE(data.Parse("tcp-connect:*.exmaple.com :99")); |
| 62 EXPECT_FALSE(data.Parse("tcp-connect:*.exmaple.com: 99")); |
| 63 EXPECT_FALSE(data.Parse("tcp-connect:*.exmaple.com:99 ")); |
| 64 EXPECT_FALSE(data.Parse("tcp-connect:\t*.exmaple.com:99")); |
| 65 EXPECT_FALSE(data.Parse("tcp-connect:\n*.exmaple.com:99")); |
| 66 |
| 67 EXPECT_EQ(Parse("tcp-connect"), "tcp-connect:*:*"); |
| 68 EXPECT_EQ(Parse("tcp-listen"), "tcp-listen:*:*"); |
| 69 EXPECT_EQ(Parse("udp-bind"), "udp-bind:*:*"); |
| 70 EXPECT_EQ(Parse("udp-send-to"), "udp-send-to:*:*"); |
| 71 |
| 72 EXPECT_EQ(Parse("tcp-connect:"), "tcp-connect:*:*"); |
| 73 EXPECT_EQ(Parse("tcp-listen:"), "tcp-listen:*:*"); |
| 74 EXPECT_EQ(Parse("udp-bind:"), "udp-bind:*:*"); |
| 75 EXPECT_EQ(Parse("udp-send-to:"), "udp-send-to:*:*"); |
| 76 |
| 77 EXPECT_EQ(Parse("tcp-connect::"), "tcp-connect:*:*"); |
| 78 EXPECT_EQ(Parse("tcp-listen::"), "tcp-listen:*:*"); |
| 79 EXPECT_EQ(Parse("udp-bind::"), "udp-bind:*:*"); |
| 80 EXPECT_EQ(Parse("udp-send-to::"), "udp-send-to:*:*"); |
| 81 |
| 82 EXPECT_EQ(Parse("tcp-connect:*"), "tcp-connect:*:*"); |
| 83 EXPECT_EQ(Parse("tcp-listen:*"), "tcp-listen:*:*"); |
| 84 EXPECT_EQ(Parse("udp-bind:*"), "udp-bind:*:*"); |
| 85 EXPECT_EQ(Parse("udp-send-to:*"), "udp-send-to:*:*"); |
| 86 |
| 87 EXPECT_EQ(Parse("tcp-connect:*:"), "tcp-connect:*:*"); |
| 88 EXPECT_EQ(Parse("tcp-listen:*:"), "tcp-listen:*:*"); |
| 89 EXPECT_EQ(Parse("udp-bind:*:"), "udp-bind:*:*"); |
| 90 EXPECT_EQ(Parse("udp-send-to:*:"), "udp-send-to:*:*"); |
| 91 |
| 92 EXPECT_EQ(Parse("tcp-connect::*"), "tcp-connect:*:*"); |
| 93 EXPECT_EQ(Parse("tcp-listen::*"), "tcp-listen:*:*"); |
| 94 EXPECT_EQ(Parse("udp-bind::*"), "udp-bind:*:*"); |
| 95 EXPECT_EQ(Parse("udp-send-to::*"), "udp-send-to:*:*"); |
| 96 |
| 97 EXPECT_EQ(Parse("tcp-connect:www.example.com"), |
| 98 "tcp-connect:www.example.com:*"); |
| 99 EXPECT_EQ(Parse("tcp-listen:www.example.com"), |
| 100 "tcp-listen:www.example.com:*"); |
| 101 EXPECT_EQ(Parse("udp-bind:www.example.com"), |
| 102 "udp-bind:www.example.com:*"); |
| 103 EXPECT_EQ(Parse("udp-send-to:www.example.com"), |
| 104 "udp-send-to:www.example.com:*"); |
| 105 EXPECT_EQ(Parse("udp-send-to:wWW.ExAmPlE.cOm"), |
| 106 "udp-send-to:www.example.com:*"); |
| 107 |
| 108 EXPECT_EQ(Parse("tcp-connect:.example.com"), |
| 109 "tcp-connect:*.example.com:*"); |
| 110 EXPECT_EQ(Parse("tcp-listen:.example.com"), |
| 111 "tcp-listen:*.example.com:*"); |
| 112 EXPECT_EQ(Parse("udp-bind:.example.com"), |
| 113 "udp-bind:*.example.com:*"); |
| 114 EXPECT_EQ(Parse("udp-send-to:.example.com"), |
| 115 "udp-send-to:*.example.com:*"); |
| 116 |
| 117 EXPECT_EQ(Parse("tcp-connect:*.example.com"), |
| 118 "tcp-connect:*.example.com:*"); |
| 119 EXPECT_EQ(Parse("tcp-listen:*.example.com"), |
| 120 "tcp-listen:*.example.com:*"); |
| 121 EXPECT_EQ(Parse("udp-bind:*.example.com"), |
| 122 "udp-bind:*.example.com:*"); |
| 123 EXPECT_EQ(Parse("udp-send-to:*.example.com"), |
| 124 "udp-send-to:*.example.com:*"); |
| 125 |
| 126 EXPECT_EQ(Parse("tcp-connect::99"), "tcp-connect:*:99"); |
| 127 EXPECT_EQ(Parse("tcp-listen::99"), "tcp-listen:*:99"); |
| 128 EXPECT_EQ(Parse("udp-bind::99"), "udp-bind:*:99"); |
| 129 EXPECT_EQ(Parse("udp-send-to::99"), "udp-send-to:*:99"); |
| 130 |
| 131 EXPECT_EQ(Parse("tcp-connect:www.example.com"), |
| 132 "tcp-connect:www.example.com:*"); |
| 133 |
| 134 EXPECT_EQ(Parse("tcp-connect:*.example.com:99"), |
| 135 "tcp-connect:*.example.com:99"); |
| 136 } |
| 137 |
| 138 TEST(SocketPermissionTest, Match) { |
| 139 SocketPermissionData data; |
| 140 |
| 141 CHECK(data.Parse("tcp-connect")); |
| 142 EXPECT_TRUE(data.Match( |
| 143 SocketPermissionData::TCP_CONNECT, "www.example.com", 80)); |
| 144 EXPECT_FALSE(data.Match( |
| 145 SocketPermissionData::UDP_SEND_TO, "www.example.com", 80)); |
| 146 |
| 147 CHECK(data.Parse("udp-send-to::8800")); |
| 148 EXPECT_TRUE(data.Match( |
| 149 SocketPermissionData::UDP_SEND_TO, "www.example.com", 8800)); |
| 150 EXPECT_TRUE(data.Match( |
| 151 SocketPermissionData::UDP_SEND_TO, "smtp.example.com", 8800)); |
| 152 EXPECT_FALSE(data.Match( |
| 153 SocketPermissionData::TCP_CONNECT, "www.example.com", 80)); |
| 154 |
| 155 CHECK(data.Parse("udp-send-to:*.example.com:8800")); |
| 156 EXPECT_TRUE(data.Match( |
| 157 SocketPermissionData::UDP_SEND_TO, "www.example.com", 8800)); |
| 158 EXPECT_TRUE(data.Match( |
| 159 SocketPermissionData::UDP_SEND_TO, "smtp.example.com", 8800)); |
| 160 EXPECT_TRUE(data.Match( |
| 161 SocketPermissionData::UDP_SEND_TO, "SMTP.example.com", 8800)); |
| 162 EXPECT_FALSE(data.Match( |
| 163 SocketPermissionData::TCP_CONNECT, "www.example.com", 80)); |
| 164 EXPECT_FALSE(data.Match( |
| 165 SocketPermissionData::UDP_SEND_TO, "www.google.com", 8800)); |
| 166 EXPECT_FALSE(data.Match( |
| 167 SocketPermissionData::UDP_SEND_TO, "wwwexample.com", 8800)); |
| 168 |
| 169 CHECK(data.Parse("udp-send-to:*.ExAmPlE.cOm:8800")); |
| 170 EXPECT_TRUE(data.Match( |
| 171 SocketPermissionData::UDP_SEND_TO, "www.example.com", 8800)); |
| 172 EXPECT_TRUE(data.Match( |
| 173 SocketPermissionData::UDP_SEND_TO, "smtp.example.com", 8800)); |
| 174 EXPECT_TRUE(data.Match( |
| 175 SocketPermissionData::UDP_SEND_TO, "SMTP.example.com", 8800)); |
| 176 EXPECT_FALSE(data.Match( |
| 177 SocketPermissionData::TCP_CONNECT, "www.example.com", 80)); |
| 178 EXPECT_FALSE(data.Match( |
| 179 SocketPermissionData::UDP_SEND_TO, "www.google.com", 8800)); |
| 180 |
| 181 CHECK(data.Parse("udp-bind::8800")); |
| 182 EXPECT_TRUE(data.Match( |
| 183 SocketPermissionData::UDP_BIND, "127.0.0.1", 8800)); |
| 184 EXPECT_FALSE(data.Match( |
| 185 SocketPermissionData::UDP_BIND, "127.0.0.1", 8888)); |
| 186 EXPECT_FALSE(data.Match( |
| 187 SocketPermissionData::TCP_CONNECT, "www.example.com", 80)); |
| 188 EXPECT_FALSE(data.Match( |
| 189 SocketPermissionData::UDP_SEND_TO, "www.google.com", 8800)); |
| 190 |
| 191 // Do not wildcard part of ip address. |
| 192 CHECK(data.Parse("tcp-connect:*.168.0.1:8800")); |
| 193 EXPECT_FALSE(data.Match( |
| 194 SocketPermissionData::TCP_CONNECT, "192.168.0.1", 8800)); |
| 195 } |
| 196 |
| 197 TEST(SocketPermissionTest, IPC) { |
| 198 scoped_refptr<APIPermissionDetail> detail1; |
| 199 scoped_refptr<APIPermissionDetail> detail2; |
| 200 |
| 201 const APIPermission* permission = |
| 202 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); |
| 203 |
| 204 { |
| 205 IPC::Message m; |
| 206 |
| 207 detail1 = permission->CreateDetail(); |
| 208 detail2 = permission->CreateDetail(); |
| 209 |
| 210 detail1->Write(&m); |
| 211 PickleIterator iter(m); |
| 212 detail2->Read(&m, &iter); |
| 213 |
| 214 EXPECT_TRUE(detail1->Equal(detail2)); |
| 215 } |
| 216 |
| 217 |
| 218 { |
| 219 IPC::Message m; |
| 220 |
| 221 detail1 = permission->CreateDetail(); |
| 222 detail2 = permission->CreateDetail(); |
| 223 |
| 224 scoped_ptr<ListValue> value(new ListValue()); |
| 225 value->Append(Value::CreateStringValue("tcp-connect:*.example.com:80")); |
| 226 value->Append(Value::CreateStringValue("udp-bind::8080")); |
| 227 value->Append(Value::CreateStringValue("udp-send-to::8888")); |
| 228 CHECK(detail1->FromValue(value.get())); |
| 229 |
| 230 EXPECT_FALSE(detail1->Equal(detail2)); |
| 231 |
| 232 detail1->Write(&m); |
| 233 PickleIterator iter(m); |
| 234 detail2->Read(&m, &iter); |
| 235 EXPECT_TRUE(detail1->Equal(detail2)); |
| 236 } |
| 237 } |
| 238 |
| 239 TEST(SocketPermissionTest, Value) { |
| 240 scoped_refptr<APIPermissionDetail> detail1; |
| 241 scoped_refptr<APIPermissionDetail> detail2; |
| 242 |
| 243 const APIPermission* permission = |
| 244 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); |
| 245 |
| 246 detail1 = permission->CreateDetail(); |
| 247 detail2 = permission->CreateDetail(); |
| 248 |
| 249 scoped_ptr<ListValue> value(new ListValue()); |
| 250 value->Append(Value::CreateStringValue("tcp-connect:*.example.com:80")); |
| 251 value->Append(Value::CreateStringValue("udp-bind::8080")); |
| 252 value->Append(Value::CreateStringValue("udp-send-to::8888")); |
| 253 CHECK(detail1->FromValue(value.get())); |
| 254 |
| 255 EXPECT_FALSE(detail1->Equal(detail2)); |
| 256 |
| 257 base::Value* vtmp = NULL; |
| 258 detail1->ToValue(&vtmp); |
| 259 CHECK(vtmp); |
| 260 CHECK(detail2->FromValue(vtmp)); |
| 261 EXPECT_TRUE(detail1->Equal(detail2)); |
| 262 |
| 263 delete vtmp; |
| 264 } |
| 265 |
| 266 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10692160:
Support socket endpoint permissions for AppsV2 Socket API. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master