| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/command_line.h" | 5 #include "base/command_line.h" |
| 6 #include "base/path_service.h" | 6 #include "base/path_service.h" |
| 7 #include "base/string_util.h" | 7 #include "base/string_util.h" |
| 8 #include "base/stringprintf.h" | 8 #include "base/stringprintf.h" |
| 9 #include "base/time.h" | 9 #include "base/time.h" |
| 10 #include "base/utf_string_conversions.h" | 10 #include "base/utf_string_conversions.h" |
| 11 #include "chrome/app/chrome_command_ids.h" | 11 #include "chrome/app/chrome_command_ids.h" |
| 12 #include "chrome/browser/content_settings/host_content_settings_map.h" |
| 12 #include "chrome/browser/prefs/pref_service.h" | 13 #include "chrome/browser/prefs/pref_service.h" |
| 13 #include "chrome/browser/profiles/profile.h" | 14 #include "chrome/browser/profiles/profile.h" |
| 14 #include "chrome/browser/ui/browser.h" | 15 #include "chrome/browser/ui/browser.h" |
| 15 #include "chrome/browser/ui/browser_commands.h" | 16 #include "chrome/browser/ui/browser_commands.h" |
| 16 #include "chrome/browser/ui/browser_navigator.h" | 17 #include "chrome/browser/ui/browser_navigator.h" |
| 17 #include "chrome/browser/ui/browser_tabstrip.h" | 18 #include "chrome/browser/ui/browser_tabstrip.h" |
| 18 #include "chrome/browser/ui/constrained_window_tab_helper.h" | 19 #include "chrome/browser/ui/constrained_window_tab_helper.h" |
| 19 #include "chrome/browser/ui/tab_contents/tab_contents.h" | 20 #include "chrome/browser/ui/tab_contents/tab_contents.h" |
| 20 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 21 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| 21 #include "chrome/common/chrome_notification_types.h" | 22 #include "chrome/common/chrome_notification_types.h" |
| 22 #include "chrome/common/chrome_paths.h" | 23 #include "chrome/common/chrome_paths.h" |
| 23 #include "chrome/common/chrome_switches.h" | 24 #include "chrome/common/chrome_switches.h" |
| 24 #include "chrome/common/pref_names.h" | 25 #include "chrome/common/pref_names.h" |
| 25 #include "chrome/test/base/in_process_browser_test.h" | 26 #include "chrome/test/base/in_process_browser_test.h" |
| 26 #include "chrome/test/base/ui_test_utils.h" | 27 #include "chrome/test/base/ui_test_utils.h" |
| 27 #include "content/public/browser/browser_context.h" | 28 #include "content/public/browser/browser_context.h" |
| 28 #include "content/public/browser/interstitial_page.h" | 29 #include "content/public/browser/interstitial_page.h" |
| 29 #include "content/public/browser/navigation_controller.h" | 30 #include "content/public/browser/navigation_controller.h" |
| 30 #include "content/public/browser/navigation_entry.h" | 31 #include "content/public/browser/navigation_entry.h" |
| 31 #include "content/public/browser/notification_service.h" | 32 #include "content/public/browser/notification_service.h" |
| 32 #include "content/public/browser/render_view_host.h" | 33 #include "content/public/browser/render_view_host.h" |
| 33 #include "content/public/browser/web_contents.h" | 34 #include "content/public/browser/web_contents.h" |
| 34 #include "content/public/browser/web_contents_observer.h" | 35 #include "content/public/browser/web_contents_observer.h" |
| 35 #include "content/public/common/security_style.h" | 36 #include "content/public/common/security_style.h" |
| 36 #include "content/public/common/ssl_status.h" | 37 #include "content/public/common/ssl_status.h" |
| 37 #include "content/public/test/browser_test_utils.h" | 38 #include "content/public/test/browser_test_utils.h" |
| 38 #include "content/public/test/download_test_observer.h" | 39 #include "content/public/test/download_test_observer.h" |
| 39 #include "content/public/test/test_renderer_host.h" | 40 #include "content/public/test/test_renderer_host.h" |
| 41 #include "crypto/nss_util.h" |
| 40 #include "net/base/cert_status_flags.h" | 42 #include "net/base/cert_status_flags.h" |
| 43 #include "net/base/crypto_module.h" |
| 44 #include "net/base/net_errors.h" |
| 41 #include "net/test/test_server.h" | 45 #include "net/test/test_server.h" |
| 42 | 46 |
| 47 #if defined(USE_NSS) |
| 48 #include "net/base/nss_cert_database.h" |
| 49 #endif // defined(USE_NSS) |
| 50 |
| 43 using content::InterstitialPage; | 51 using content::InterstitialPage; |
| 44 using content::NavigationController; | 52 using content::NavigationController; |
| 45 using content::NavigationEntry; | 53 using content::NavigationEntry; |
| 46 using content::SSLStatus; | 54 using content::SSLStatus; |
| 47 using content::WebContents; | 55 using content::WebContents; |
| 48 | 56 |
| 49 const FilePath::CharType kDocRoot[] = FILE_PATH_LITERAL("chrome/test/data"); | 57 const FilePath::CharType kDocRoot[] = FILE_PATH_LITERAL("chrome/test/data"); |
| 50 | 58 |
| 51 namespace { | 59 namespace { |
| 52 | 60 |
| (...skipping 555 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 608 | 616 |
| 609 // Proceed anyway. | 617 // Proceed anyway. |
| 610 ProceedThroughInterstitial(tab); | 618 ProceedThroughInterstitial(tab); |
| 611 | 619 |
| 612 // Test page run a WebSocket wss connection test. The result will be shown | 620 // Test page run a WebSocket wss connection test. The result will be shown |
| 613 // as page title. | 621 // as page title. |
| 614 const string16 result = watcher.WaitAndGetTitle(); | 622 const string16 result = watcher.WaitAndGetTitle(); |
| 615 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); | 623 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); |
| 616 } | 624 } |
| 617 | 625 |
| 626 #if defined(USE_NSS) |
| 627 // SSL client certificate tests are only enabled when using NSS for private key |
| 628 // storage, as only NSS can avoid modifying global machine state when testing. |
| 629 // See http://crbug.com/51132 |
| 630 |
| 631 // Visit a HTTPS page which requires client cert authentication. The client |
| 632 // cert will be selected automatically, then a test which uses WebSocket runs. |
| 633 IN_PROC_BROWSER_TEST_F(SSLUITest, TestWSSClientCert) { |
| 634 // Open a temporary NSS DB for testing. |
| 635 crypto::ScopedTestNSSDB test_nssdb; |
| 636 ASSERT_TRUE(test_nssdb.is_open()); |
| 637 |
| 638 // Import client cert for test. These interfaces require NSS. |
| 639 net::NSSCertDatabase* cert_db = net::NSSCertDatabase::GetInstance(); |
| 640 scoped_refptr<net::CryptoModule> crypt_module = cert_db->GetPublicModule(); |
| 641 std::string pkcs12_data; |
| 642 FilePath cert_path; |
| 643 ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &cert_path)); |
| 644 cert_path = cert_path.Append( |
| 645 FILE_PATH_LITERAL("net/data/ssl/certificates/websocket_client_cert.p12")); |
| 646 EXPECT_TRUE(file_util::ReadFileToString(cert_path, &pkcs12_data)); |
| 647 EXPECT_EQ(net::OK, cert_db->ImportFromPKCS12(crypt_module, |
| 648 pkcs12_data, |
| 649 string16(), |
| 650 true, |
| 651 NULL)); |
| 652 |
| 653 // Start WebSocket test server with TLS and client cert authentication. |
| 654 net::TestServer::SSLOptions options(net::TestServer::SSLOptions::CERT_OK); |
| 655 options.request_client_certificate = true; |
| 656 FilePath ca_path; |
| 657 ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &ca_path)); |
| 658 ca_path = ca_path.Append( |
| 659 FILE_PATH_LITERAL("net/data/ssl/certificates/websocket_cacert.pem")); |
| 660 options.client_authorities.push_back(ca_path); |
| 661 net::TestServer wss_server(net::TestServer::TYPE_WSS, |
| 662 options, |
| 663 FilePath(FILE_PATH_LITERAL( |
| 664 "net/data/websocket"))); |
| 665 ASSERT_TRUE(wss_server.Start()); |
| 666 std::string scheme("https"); |
| 667 GURL::Replacements replacements; |
| 668 replacements.SetSchemeStr(scheme); |
| 669 GURL url = |
| 670 wss_server.GetURL("connect_check.html").ReplaceComponents(replacements); |
| 671 |
| 672 // Setup page title observer. |
| 673 WebContents* tab = chrome::GetActiveWebContents(browser()); |
| 674 content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS")); |
| 675 watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL")); |
| 676 |
| 677 // Add an entry into AutoSelectCertificateForUrls policy for automatic client |
| 678 // cert selection. |
| 679 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 680 DCHECK(profile); |
| 681 scoped_ptr<DictionaryValue> dict(new DictionaryValue()); |
| 682 dict->SetString("ISSUER.CN", "pywebsocket"); |
| 683 profile->GetHostContentSettingsMap()->SetWebsiteSetting( |
| 684 ContentSettingsPattern::FromURL(url), |
| 685 ContentSettingsPattern::FromURL(url), |
| 686 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE, |
| 687 std::string(), |
| 688 dict.release()); |
| 689 |
| 690 // Visit a HTTPS page which requires client certs. |
| 691 ui_test_utils::NavigateToURL(browser(), url); |
| 692 CheckAuthenticatedState(tab, false); |
| 693 |
| 694 // Test page runs a WebSocket wss connection test. The result will be shown |
| 695 // as page title. |
| 696 const string16 result = watcher.WaitAndGetTitle(); |
| 697 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); |
| 698 } |
| 699 #endif // defined(USE_NSS) |
| 700 |
| 618 // Flaky on CrOS http://crbug.com/92292 | 701 // Flaky on CrOS http://crbug.com/92292 |
| 619 #if defined(OS_CHROMEOS) | 702 #if defined(OS_CHROMEOS) |
| 620 #define MAYBE_TestHTTPSErrorWithNoNavEntry \ | 703 #define MAYBE_TestHTTPSErrorWithNoNavEntry \ |
| 621 DISABLED_TestHTTPSErrorWithNoNavEntry | 704 DISABLED_TestHTTPSErrorWithNoNavEntry |
| 622 #else | 705 #else |
| 623 #define MAYBE_TestHTTPSErrorWithNoNavEntry TestHTTPSErrorWithNoNavEntry | 706 #define MAYBE_TestHTTPSErrorWithNoNavEntry TestHTTPSErrorWithNoNavEntry |
| 624 #endif // defined(OS_CHROMEOS) | 707 #endif // defined(OS_CHROMEOS) |
| 625 | 708 |
| 626 // Open a page with a HTTPS error in a tab with no prior navigation (through a | 709 // Open a page with a HTTPS error in a tab with no prior navigation (through a |
| 627 // link with a blank target). This is to test that the lack of navigation entry | 710 // link with a blank target). This is to test that the lack of navigation entry |
| (...skipping 898 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1526 | 1609 |
| 1527 // Visit a page over https that contains a frame with a redirect. | 1610 // Visit a page over https that contains a frame with a redirect. |
| 1528 | 1611 |
| 1529 // XMLHttpRequest insecure content in synchronous mode. | 1612 // XMLHttpRequest insecure content in synchronous mode. |
| 1530 | 1613 |
| 1531 // XMLHttpRequest insecure content in asynchronous mode. | 1614 // XMLHttpRequest insecure content in asynchronous mode. |
| 1532 | 1615 |
| 1533 // XMLHttpRequest over bad ssl in synchronous mode. | 1616 // XMLHttpRequest over bad ssl in synchronous mode. |
| 1534 | 1617 |
| 1535 // XMLHttpRequest over OK ssl in synchronous mode. | 1618 // XMLHttpRequest over OK ssl in synchronous mode. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10703189:
Add end to end client cert auth test for wss (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src