| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/chromeos/cros/onc_network_parser.h" | |
| 6 | |
| 7 #include <cert.h> | |
| 8 #include <keyhi.h> | |
| 9 #include <pk11pub.h> | |
| 10 | |
| 11 #include "base/file_util.h" | |
| 12 #include "base/json/json_reader.h" | |
| 13 #include "base/json/json_string_value_serializer.h" | |
| 14 #include "base/lazy_instance.h" | |
| 15 #include "base/message_loop.h" | |
| 16 #include "base/path_service.h" | |
| 17 #include "base/stringprintf.h" | |
| 18 #include "base/threading/thread_restrictions.h" | |
| 19 #include "base/values.h" | |
| 20 #include "chrome/browser/chromeos/cros/certificate_pattern.h" | |
| 21 #include "chrome/browser/chromeos/cros/cros_library.h" | |
| 22 #include "chrome/browser/chromeos/cros/network_library.h" | |
| 23 #include "chrome/browser/chromeos/login/mock_user_manager.h" | |
| 24 #include "chrome/browser/net/pref_proxy_config_tracker_impl.h" | |
| 25 #include "chrome/common/chrome_paths.h" | |
| 26 #include "chrome/common/net/x509_certificate_model.h" | |
| 27 #include "chrome/test/base/testing_browser_process.h" | |
| 28 #include "chrome/test/base/testing_pref_service.h" | |
| 29 #include "chromeos/dbus/dbus_thread_manager.h" | |
| 30 #include "chromeos/network/onc/onc_constants.h" | |
| 31 #include "chromeos/network/onc/onc_utils.h" | |
| 32 #include "content/public/test/test_browser_thread.h" | |
| 33 #include "crypto/nss_util.h" | |
| 34 #include "net/base/cert_type.h" | |
| 35 #include "net/base/crypto_module.h" | |
| 36 #include "net/base/nss_cert_database.h" | |
| 37 #include "net/base/x509_certificate.h" | |
| 38 #include "net/proxy/proxy_config.h" | |
| 39 #include "testing/gtest/include/gtest/gtest.h" | |
| 40 #include "third_party/cros_system_api/dbus/service_constants.h" | |
| 41 | |
| 42 using ::testing::AnyNumber; | |
| 43 using ::testing::Return; | |
| 44 | |
| 45 namespace chromeos { | |
| 46 | |
| 47 namespace { | |
| 48 | |
| 49 const char g_token_name[] = "OncNetworkParserTest token"; | |
| 50 | |
| 51 net::CertType GetCertType(const net::X509Certificate* cert) { | |
| 52 DCHECK(cert); | |
| 53 return x509_certificate_model::GetType(cert->os_cert_handle()); | |
| 54 } | |
| 55 | |
| 56 } // namespace | |
| 57 | |
| 58 class OncNetworkParserTest : public testing::Test { | |
| 59 public: | |
| 60 virtual void SetUp() { | |
| 61 ASSERT_TRUE(test_nssdb_.is_open()); | |
| 62 | |
| 63 slot_ = net::NSSCertDatabase::GetInstance()->GetPublicModule(); | |
| 64 | |
| 65 // Don't run the test if the setup failed. | |
| 66 ASSERT_TRUE(slot_->os_module_handle()); | |
| 67 | |
| 68 // Test db should be empty at start of test. | |
| 69 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | |
| 70 } | |
| 71 | |
| 72 virtual void TearDown() { | |
| 73 EXPECT_TRUE(CleanupSlotContents(slot_->os_module_handle())); | |
| 74 EXPECT_EQ(0U, ListCertsInSlot(slot_->os_module_handle()).size()); | |
| 75 } | |
| 76 | |
| 77 virtual scoped_ptr<base::ListValue> ReadNetworkConfigs( | |
| 78 const std::string& filename) { | |
| 79 FilePath path; | |
| 80 PathService::Get(chrome::DIR_TEST_DATA, &path); | |
| 81 path = path.AppendASCII("chromeos").AppendASCII("cros").Append(filename); | |
| 82 CHECK(file_util::PathExists(path)) | |
| 83 << "Couldn't find test data file " << path.value(); | |
| 84 std::string contents; | |
| 85 CHECK(file_util::ReadFileToString(path, &contents)) | |
| 86 << "Unable to read test data file " << path.value(); | |
| 87 | |
| 88 scoped_ptr<base::DictionaryValue> root = | |
| 89 onc::ReadDictionaryFromJson(contents); | |
| 90 CHECK(root.get() != NULL) << "ONC is not a valid JSON dictionary."; | |
| 91 | |
| 92 base::ListValue* network_configs; | |
| 93 CHECK(root->GetListWithoutPathExpansion(onc::kNetworkConfigurations, | |
| 94 &network_configs)); | |
| 95 return make_scoped_ptr(network_configs->DeepCopy()); | |
| 96 } | |
| 97 | |
| 98 const base::Value* GetExpectedProperty(const Network* network, | |
| 99 PropertyIndex index, | |
| 100 base::Value::Type expected_type); | |
| 101 void CheckStringProperty(const Network* network, | |
| 102 PropertyIndex index, | |
| 103 const char* expected); | |
| 104 void CheckBooleanProperty(const Network* network, | |
| 105 PropertyIndex index, | |
| 106 bool expected); | |
| 107 | |
| 108 void TestProxySettings(const std::string proxy_settings_blob, | |
| 109 net::ProxyConfig* net_config); | |
| 110 | |
| 111 protected: | |
| 112 scoped_refptr<net::CryptoModule> slot_; | |
| 113 | |
| 114 private: | |
| 115 net::CertificateList ListCertsInSlot(PK11SlotInfo* slot) { | |
| 116 net::CertificateList result; | |
| 117 CERTCertList* cert_list = PK11_ListCertsInSlot(slot); | |
| 118 for (CERTCertListNode* node = CERT_LIST_HEAD(cert_list); | |
| 119 !CERT_LIST_END(node, cert_list); | |
| 120 node = CERT_LIST_NEXT(node)) { | |
| 121 result.push_back(net::X509Certificate::CreateFromHandle( | |
| 122 node->cert, net::X509Certificate::OSCertHandles())); | |
| 123 } | |
| 124 CERT_DestroyCertList(cert_list); | |
| 125 | |
| 126 // Sort the result so that test comparisons can be deterministic. | |
| 127 std::sort(result.begin(), result.end(), net::X509Certificate::LessThan()); | |
| 128 return result; | |
| 129 } | |
| 130 | |
| 131 bool CleanupSlotContents(PK11SlotInfo* slot) { | |
| 132 bool ok = true; | |
| 133 net::CertificateList certs = ListCertsInSlot(slot); | |
| 134 for (size_t i = 0; i < certs.size(); ++i) { | |
| 135 if (!net::NSSCertDatabase::GetInstance()->DeleteCertAndKey(certs[i])) | |
| 136 ok = false; | |
| 137 } | |
| 138 return ok; | |
| 139 } | |
| 140 | |
| 141 ScopedStubCrosEnabler stub_cros_enabler_; | |
| 142 crypto::ScopedTestNSSDB test_nssdb_; | |
| 143 }; | |
| 144 | |
| 145 const base::Value* OncNetworkParserTest::GetExpectedProperty( | |
| 146 const Network* network, | |
| 147 PropertyIndex index, | |
| 148 base::Value::Type expected_type) { | |
| 149 const base::Value* value; | |
| 150 if (!network->GetProperty(index, &value)) { | |
| 151 ADD_FAILURE() << "Property " << index << " does not exist"; | |
| 152 return NULL; | |
| 153 } | |
| 154 if (!value->IsType(expected_type)) { | |
| 155 ADD_FAILURE() << "Property " << index << " expected type " | |
| 156 << expected_type << " actual type " | |
| 157 << value->GetType(); | |
| 158 return NULL; | |
| 159 } | |
| 160 return value; | |
| 161 } | |
| 162 | |
| 163 void OncNetworkParserTest::CheckStringProperty(const Network* network, | |
| 164 PropertyIndex index, | |
| 165 const char* expected) { | |
| 166 const base::Value* value = | |
| 167 GetExpectedProperty(network, index, base::Value::TYPE_STRING); | |
| 168 if (!value) | |
| 169 return; | |
| 170 std::string string_value; | |
| 171 value->GetAsString(&string_value); | |
| 172 EXPECT_EQ(expected, string_value); | |
| 173 } | |
| 174 | |
| 175 void OncNetworkParserTest::CheckBooleanProperty(const Network* network, | |
| 176 PropertyIndex index, | |
| 177 bool expected) { | |
| 178 const base::Value* value = | |
| 179 GetExpectedProperty(network, index, base::Value::TYPE_BOOLEAN); | |
| 180 if (!value) | |
| 181 return; | |
| 182 bool bool_value = false; | |
| 183 value->GetAsBoolean(&bool_value); | |
| 184 EXPECT_EQ(expected, bool_value); | |
| 185 } | |
| 186 | |
| 187 void OncNetworkParserTest::TestProxySettings(const std::string filename, | |
| 188 net::ProxyConfig* net_config) { | |
| 189 // Parse Network Configuration including ProxySettings dictionary. | |
| 190 scoped_ptr<base::ListValue> network_configs = ReadNetworkConfigs(filename); | |
| 191 OncNetworkParser parser(*network_configs, | |
| 192 onc::ONC_SOURCE_USER_IMPORT); | |
| 193 | |
| 194 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 195 ASSERT_TRUE(network.get()); | |
| 196 EXPECT_FALSE(network->proxy_config().empty()); | |
| 197 | |
| 198 // Deserialize ProxyConfig string property of Network into | |
| 199 // ProxyConfigDictionary and decode into net::ProxyConfig. | |
| 200 JSONStringValueSerializer serializer(network->proxy_config()); | |
| 201 scoped_ptr<Value> value(serializer.Deserialize(NULL, NULL)); | |
| 202 ASSERT_TRUE(value.get()); | |
| 203 EXPECT_TRUE(value->GetType() == Value::TYPE_DICTIONARY); | |
| 204 DictionaryValue* dict = static_cast<DictionaryValue*>(value.get()); | |
| 205 ProxyConfigDictionary proxy_dict(dict); | |
| 206 EXPECT_TRUE(PrefProxyConfigTrackerImpl::PrefConfigToNetConfig(proxy_dict, | |
| 207 net_config)); | |
| 208 } | |
| 209 | |
| 210 TEST_F(OncNetworkParserTest, TestCreateNetworkWifi) { | |
| 211 scoped_ptr<base::ListValue> network_configs = | |
| 212 ReadNetworkConfigs("network-wifi.onc"); | |
| 213 OncNetworkParser parser(*network_configs, | |
| 214 onc::ONC_SOURCE_USER_IMPORT); | |
| 215 | |
| 216 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 217 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 218 ASSERT_TRUE(network.get()); | |
| 219 | |
| 220 EXPECT_EQ(chromeos::TYPE_WIFI, network->type()); | |
| 221 WifiNetwork* wifi = static_cast<WifiNetwork*>(network.get()); | |
| 222 EXPECT_EQ(chromeos::SECURITY_WEP, wifi->encryption()); | |
| 223 CheckStringProperty(wifi, PROPERTY_INDEX_SECURITY, flimflam::kSecurityWep); | |
| 224 EXPECT_EQ("ssid", wifi->name()); | |
| 225 CheckStringProperty(wifi, PROPERTY_INDEX_SSID, "ssid"); | |
| 226 EXPECT_FALSE(wifi->auto_connect()); | |
| 227 EXPECT_EQ("0x1234567890", wifi->passphrase()); | |
| 228 CheckStringProperty(wifi, PROPERTY_INDEX_PASSPHRASE, "0x1234567890"); | |
| 229 } | |
| 230 | |
| 231 TEST_F(OncNetworkParserTest, TestCreateNetworkEthernet) { | |
| 232 scoped_ptr<base::ListValue> network_configs = | |
| 233 ReadNetworkConfigs("network-ethernet.onc"); | |
| 234 OncNetworkParser parser(*network_configs, | |
| 235 onc::ONC_SOURCE_USER_IMPORT); | |
| 236 | |
| 237 EXPECT_GE(parser.GetNetworkConfigsSize(), 1); | |
| 238 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 239 ASSERT_TRUE(network.get()); | |
| 240 | |
| 241 EXPECT_EQ(chromeos::TYPE_ETHERNET, network->type()); | |
| 242 EthernetNetwork* ethernet = static_cast<EthernetNetwork*>(network.get()); | |
| 243 EXPECT_EQ(ethernet->unique_id(), "{485d6076-dd44-6b6d-69787465725f5045}"); | |
| 244 } | |
| 245 | |
| 246 TEST_F(OncNetworkParserTest, TestLoadWifiCertificatePattern) { | |
| 247 scoped_ptr<base::ListValue> network_configs = | |
| 248 ReadNetworkConfigs("cert-pattern.onc"); | |
| 249 OncNetworkParser parser(*network_configs, | |
| 250 onc::ONC_SOURCE_USER_IMPORT); | |
| 251 ASSERT_TRUE(parser.parse_error().empty()); | |
| 252 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 253 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 254 ASSERT_TRUE(network.get()); | |
| 255 | |
| 256 EXPECT_EQ(chromeos::TYPE_WIFI, network->type()); | |
| 257 WifiNetwork* wifi = static_cast<WifiNetwork*>(network.get()); | |
| 258 EXPECT_EQ(chromeos::SECURITY_8021X, wifi->encryption()); | |
| 259 EXPECT_EQ("WirelessNetwork", wifi->name()); | |
| 260 EXPECT_FALSE(wifi->auto_connect()); | |
| 261 EXPECT_EQ("", wifi->passphrase()); | |
| 262 EXPECT_EQ(chromeos::EAP_METHOD_TLS, wifi->eap_method()); | |
| 263 EXPECT_EQ(chromeos::CLIENT_CERT_TYPE_PATTERN, wifi->client_cert_type()); | |
| 264 EXPECT_EQ("Google, Inc.", | |
| 265 wifi->client_cert_pattern().issuer().organization()); | |
| 266 ASSERT_EQ(2ul, wifi->client_cert_pattern().enrollment_uri_list().size()); | |
| 267 EXPECT_EQ("http://youtu.be/dQw4w9WgXcQ", | |
| 268 wifi->client_cert_pattern().enrollment_uri_list()[0]); | |
| 269 EXPECT_EQ("chrome-extension://abc/keygen-cert.html", | |
| 270 wifi->client_cert_pattern().enrollment_uri_list()[1]); | |
| 271 } | |
| 272 | |
| 273 | |
| 274 TEST_F(OncNetworkParserTest, TestLoadVPNCertificatePattern) { | |
| 275 scoped_ptr<base::ListValue> network_configs = | |
| 276 ReadNetworkConfigs("cert-pattern-vpn.onc"); | |
| 277 OncNetworkParser parser(*network_configs, | |
| 278 onc::ONC_SOURCE_USER_IMPORT); | |
| 279 ASSERT_TRUE(parser.parse_error().empty()); | |
| 280 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 281 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 282 ASSERT_TRUE(network.get()); | |
| 283 | |
| 284 EXPECT_EQ(chromeos::TYPE_VPN, network->type()); | |
| 285 VirtualNetwork* vpn = static_cast<VirtualNetwork*>(network.get()); | |
| 286 EXPECT_EQ("MyVPN", vpn->name()); | |
| 287 EXPECT_FALSE(vpn->auto_connect()); | |
| 288 EXPECT_EQ(chromeos::CLIENT_CERT_TYPE_PATTERN, vpn->client_cert_type()); | |
| 289 EXPECT_EQ("Google, Inc.", | |
| 290 vpn->client_cert_pattern().issuer().organization()); | |
| 291 ASSERT_EQ(2ul, vpn->client_cert_pattern().enrollment_uri_list().size()); | |
| 292 EXPECT_EQ("http://youtu.be/dQw4w9WgXcQ", | |
| 293 vpn->client_cert_pattern().enrollment_uri_list()[0]); | |
| 294 EXPECT_EQ("chrome-extension://abc/keygen-cert.html", | |
| 295 vpn->client_cert_pattern().enrollment_uri_list()[1]); | |
| 296 } | |
| 297 | |
| 298 TEST_F(OncNetworkParserTest, TestNoCertificatePatternForDevicePolicy) { | |
| 299 scoped_ptr<base::ListValue> network_configs = | |
| 300 ReadNetworkConfigs("cert-pattern.onc"); | |
| 301 OncNetworkParser parser(*network_configs, | |
| 302 onc::ONC_SOURCE_DEVICE_POLICY); | |
| 303 | |
| 304 // Make sure we fail when parsing a certificate pattern from a device policy | |
| 305 // ONC file. | |
| 306 ASSERT_TRUE(parser.parse_error().empty()); | |
| 307 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 308 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 309 ASSERT_TRUE(network.get()); | |
| 310 | |
| 311 EXPECT_EQ(chromeos::TYPE_WIFI, network->type()); | |
| 312 WifiNetwork* wifi = static_cast<WifiNetwork*>(network.get()); | |
| 313 EXPECT_EQ(chromeos::SECURITY_8021X, wifi->encryption()); | |
| 314 EXPECT_EQ("WirelessNetwork", wifi->name()); | |
| 315 EXPECT_FALSE(wifi->auto_connect()); | |
| 316 EXPECT_EQ("", wifi->passphrase()); | |
| 317 EXPECT_EQ(chromeos::EAP_METHOD_TLS, wifi->eap_method()); | |
| 318 EXPECT_EQ(chromeos::CLIENT_CERT_TYPE_PATTERN, wifi->client_cert_type()); | |
| 319 EXPECT_EQ("", wifi->client_cert_pattern().issuer().organization()); | |
| 320 ASSERT_EQ(0ul, wifi->client_cert_pattern().enrollment_uri_list().size()); | |
| 321 } | |
| 322 | |
| 323 TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP1) { | |
| 324 scoped_ptr<base::ListValue> network_configs = | |
| 325 ReadNetworkConfigs("network-wifi-eap1.onc"); | |
| 326 OncNetworkParser parser(*network_configs, | |
| 327 onc::ONC_SOURCE_USER_IMPORT); | |
| 328 | |
| 329 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 330 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 331 ASSERT_TRUE(network.get()); | |
| 332 | |
| 333 EXPECT_EQ(chromeos::TYPE_WIFI, network->type()); | |
| 334 WifiNetwork* wifi = static_cast<WifiNetwork*>(network.get()); | |
| 335 EXPECT_EQ(chromeos::SECURITY_8021X, wifi->encryption()); | |
| 336 CheckStringProperty(wifi, PROPERTY_INDEX_SECURITY, flimflam::kSecurity8021x); | |
| 337 EXPECT_EQ("ssid", wifi->name()); | |
| 338 EXPECT_EQ(true, wifi->auto_connect()); | |
| 339 CheckBooleanProperty(wifi, PROPERTY_INDEX_AUTO_CONNECT, true); | |
| 340 EXPECT_EQ(EAP_METHOD_PEAP, wifi->eap_method()); | |
| 341 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_METHOD, | |
| 342 flimflam::kEapMethodPEAP); | |
| 343 EXPECT_FALSE(wifi->eap_use_system_cas()); | |
| 344 } | |
| 345 | |
| 346 TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP2) { | |
| 347 scoped_ptr<base::ListValue> network_configs = | |
| 348 ReadNetworkConfigs("network-wifi-eap2.onc"); | |
| 349 OncNetworkParser parser(*network_configs, | |
| 350 onc::ONC_SOURCE_USER_IMPORT); | |
| 351 | |
| 352 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 353 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 354 ASSERT_TRUE(network.get()); | |
| 355 | |
| 356 EXPECT_EQ(chromeos::TYPE_WIFI, network->type()); | |
| 357 WifiNetwork* wifi = static_cast<WifiNetwork*>(network.get()); | |
| 358 EXPECT_EQ(chromeos::SECURITY_8021X, wifi->encryption()); | |
| 359 EXPECT_EQ("ssid", wifi->name()); | |
| 360 EXPECT_FALSE(wifi->auto_connect()); | |
| 361 EXPECT_EQ(EAP_METHOD_LEAP, wifi->eap_method()); | |
| 362 EXPECT_EQ(true, wifi->eap_use_system_cas()); | |
| 363 EXPECT_EQ("user", wifi->eap_identity()); | |
| 364 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_IDENTITY, "user"); | |
| 365 EXPECT_EQ("pass", wifi->eap_passphrase()); | |
| 366 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_PASSWORD, "pass"); | |
| 367 EXPECT_EQ("anon", wifi->eap_anonymous_identity()); | |
| 368 CheckStringProperty(wifi, PROPERTY_INDEX_EAP_ANONYMOUS_IDENTITY, "anon"); | |
| 369 } | |
| 370 | |
| 371 TEST_F(OncNetworkParserTest, TestCreateNetworkUnknownFields) { | |
| 372 scoped_ptr<base::ListValue> network_configs = | |
| 373 ReadNetworkConfigs("network-unknown-fields.onc"); | |
| 374 OncNetworkParser parser(*network_configs, | |
| 375 onc::ONC_SOURCE_USER_IMPORT); | |
| 376 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 377 ASSERT_TRUE(network.get()); | |
| 378 | |
| 379 EXPECT_EQ(chromeos::TYPE_WIFI, network->type()); | |
| 380 WifiNetwork* wifi = static_cast<WifiNetwork*>(network.get()); | |
| 381 EXPECT_EQ(chromeos::SECURITY_WEP, wifi->encryption()); | |
| 382 EXPECT_EQ("ssid", wifi->name()); | |
| 383 EXPECT_EQ("z123456789012", wifi->passphrase()); | |
| 384 } | |
| 385 | |
| 386 TEST_F(OncNetworkParserTest, TestCreateNetworkOpenVPN) { | |
| 387 scoped_ptr<base::ListValue> network_configs = | |
| 388 ReadNetworkConfigs("network-openvpn.onc"); | |
| 389 OncNetworkParser parser(*network_configs, | |
| 390 onc::ONC_SOURCE_USER_IMPORT); | |
| 391 | |
| 392 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 393 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 394 ASSERT_TRUE(network.get() != NULL); | |
| 395 | |
| 396 EXPECT_EQ(chromeos::TYPE_VPN, network->type()); | |
| 397 CheckStringProperty(network.get(), PROPERTY_INDEX_TYPE, flimflam::kTypeVPN); | |
| 398 VirtualNetwork* vpn = static_cast<VirtualNetwork*>(network.get()); | |
| 399 EXPECT_EQ("MyVPN", vpn->name()); | |
| 400 EXPECT_EQ(PROVIDER_TYPE_OPEN_VPN, vpn->provider_type()); | |
| 401 CheckStringProperty(vpn, PROPERTY_INDEX_PROVIDER_TYPE, | |
| 402 flimflam::kProviderOpenVpn); | |
| 403 EXPECT_EQ("vpn.acme.org", vpn->server_hostname()); | |
| 404 CheckStringProperty(vpn, PROPERTY_INDEX_PROVIDER_HOST, "vpn.acme.org"); | |
| 405 CheckStringProperty(vpn, PROPERTY_INDEX_VPN_DOMAIN, ""); | |
| 406 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_AUTHRETRY, "interact"); | |
| 407 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_CACERT, | |
| 408 "{55ca78f6-0842-4e1b-96a3-09a9e1a26ef5}"); | |
| 409 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_COMPLZO, "true"); | |
| 410 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_KEYDIRECTION, "1"); | |
| 411 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_PORT, "443"); | |
| 412 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_PROTO, "udp"); | |
| 413 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_PUSHPEERINFO, "true"); | |
| 414 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_REMOTECERTEKU, | |
| 415 "TLS Web Server Authentication"); | |
| 416 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_REMOTECERTKU, "eo"); | |
| 417 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_REMOTECERTTLS, "server"); | |
| 418 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_RENEGSEC, "0"); | |
| 419 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_SERVERPOLLTIMEOUT, "10"); | |
| 420 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_STATICCHALLENGE, | |
| 421 "My static challenge"); | |
| 422 // Check the default properties are set. | |
| 423 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_AUTHUSERPASS, ""); | |
| 424 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_MGMT_ENABLE, ""); | |
| 425 | |
| 426 std::string tls_auth_contents; | |
| 427 const Value* tls_auth_value = | |
| 428 GetExpectedProperty(vpn, PROPERTY_INDEX_OPEN_VPN_TLSAUTHCONTENTS, | |
| 429 base::Value::TYPE_STRING); | |
| 430 if (tls_auth_value != NULL) { | |
| 431 tls_auth_value->GetAsString(&tls_auth_contents); | |
| 432 EXPECT_NE(std::string::npos, | |
| 433 tls_auth_contents.find("END OpenVPN Static key V1-----\n")); | |
| 434 EXPECT_NE(std::string::npos, | |
| 435 tls_auth_contents.find( | |
| 436 "-----BEGIN OpenVPN Static key V1-----\n")); | |
| 437 } | |
| 438 CheckStringProperty(vpn, PROPERTY_INDEX_OPEN_VPN_TLSREMOTE, | |
| 439 "MyOpenVPNServer"); | |
| 440 EXPECT_FALSE(vpn->save_credentials()); | |
| 441 EXPECT_EQ("{55ca78f6-0842-4e1b-96a3-09a9e1a26ef5}", vpn->ca_cert_nss()); | |
| 442 } | |
| 443 | |
| 444 TEST_F(OncNetworkParserTest, TestCreateNetworkL2TPIPsec) { | |
| 445 scoped_ptr<base::ListValue> network_configs = | |
| 446 ReadNetworkConfigs("network-l2tp-ipsec.onc"); | |
| 447 OncNetworkParser parser(*network_configs, | |
| 448 onc::ONC_SOURCE_USER_IMPORT); | |
| 449 | |
| 450 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 451 scoped_ptr<Network> network(parser.ParseNetwork(0, NULL)); | |
| 452 ASSERT_TRUE(network != NULL); | |
| 453 | |
| 454 EXPECT_EQ(chromeos::TYPE_VPN, network->type()); | |
| 455 CheckStringProperty(network.get(), PROPERTY_INDEX_TYPE, flimflam::kTypeVPN); | |
| 456 VirtualNetwork* vpn = static_cast<VirtualNetwork*>(network.get()); | |
| 457 EXPECT_EQ("MyL2TPVPN", vpn->name()); | |
| 458 EXPECT_EQ(PROVIDER_TYPE_L2TP_IPSEC_PSK, vpn->provider_type()); | |
| 459 CheckStringProperty(vpn, PROPERTY_INDEX_PROVIDER_TYPE, | |
| 460 flimflam::kProviderL2tpIpsec); | |
| 461 EXPECT_EQ("l2tp.acme.org", vpn->server_hostname()); | |
| 462 CheckStringProperty(vpn, PROPERTY_INDEX_PROVIDER_HOST, "l2tp.acme.org"); | |
| 463 CheckStringProperty(vpn, PROPERTY_INDEX_VPN_DOMAIN, ""); | |
| 464 EXPECT_EQ("passphrase", vpn->psk_passphrase()); | |
| 465 CheckStringProperty(vpn, PROPERTY_INDEX_L2TPIPSEC_PSK, "passphrase"); | |
| 466 CheckStringProperty(vpn, PROPERTY_INDEX_IPSEC_IKEVERSION, "1"); | |
| 467 EXPECT_FALSE(vpn->save_credentials()); | |
| 468 } | |
| 469 | |
| 470 TEST_F(OncNetworkParserTest, TestProxySettingsDirect) { | |
| 471 net::ProxyConfig net_config; | |
| 472 TestProxySettings("network-wifi-proxy-direct.onc", &net_config); | |
| 473 EXPECT_EQ(net::ProxyConfig::ProxyRules::TYPE_NO_RULES, | |
| 474 net_config.proxy_rules().type); | |
| 475 EXPECT_FALSE(net_config.HasAutomaticSettings()); | |
| 476 } | |
| 477 | |
| 478 TEST_F(OncNetworkParserTest, TestProxySettingsWpad) { | |
| 479 net::ProxyConfig net_config; | |
| 480 TestProxySettings("network-wifi-proxy-wpad.onc", &net_config); | |
| 481 EXPECT_EQ(net::ProxyConfig::ProxyRules::TYPE_NO_RULES, | |
| 482 net_config.proxy_rules().type); | |
| 483 EXPECT_TRUE(net_config.HasAutomaticSettings()); | |
| 484 EXPECT_TRUE(net_config.auto_detect()); | |
| 485 EXPECT_FALSE(net_config.has_pac_url()); | |
| 486 } | |
| 487 | |
| 488 TEST_F(OncNetworkParserTest, TestProxySettingsPac) { | |
| 489 const std::string kPacUrl("http://proxyconfig.corp.google.com/wpad.dat"); | |
| 490 net::ProxyConfig net_config; | |
| 491 TestProxySettings("network-wifi-proxy-pac.onc", &net_config); | |
| 492 EXPECT_EQ(net::ProxyConfig::ProxyRules::TYPE_NO_RULES, | |
| 493 net_config.proxy_rules().type); | |
| 494 EXPECT_TRUE(net_config.HasAutomaticSettings()); | |
| 495 EXPECT_FALSE(net_config.auto_detect()); | |
| 496 EXPECT_TRUE(net_config.has_pac_url()); | |
| 497 EXPECT_EQ(GURL(kPacUrl), net_config.pac_url()); | |
| 498 } | |
| 499 | |
| 500 TEST_F(OncNetworkParserTest, TestProxySettingsManual) { | |
| 501 const std::string kHttpHost("http.example.com"); | |
| 502 const std::string kHttpsHost("https.example.com"); | |
| 503 const std::string kFtpHost("ftp.example.com"); | |
| 504 const std::string socks_host("socks5://socks.example.com"); | |
| 505 const uint16 kHttpPort = 1234; | |
| 506 const uint16 kHttpsPort = 3456; | |
| 507 const uint16 kFtpPort = 5678; | |
| 508 const uint16 kSocksPort = 7890; | |
| 509 | |
| 510 net::ProxyConfig net_config; | |
| 511 TestProxySettings("network-wifi-proxy-manual.onc", &net_config); | |
| 512 const net::ProxyConfig::ProxyRules& rules = net_config.proxy_rules(); | |
| 513 EXPECT_EQ(net::ProxyConfig::ProxyRules::TYPE_PROXY_PER_SCHEME, rules.type); | |
| 514 // Verify http proxy server. | |
| 515 EXPECT_TRUE(rules.proxy_for_http.is_valid()); | |
| 516 EXPECT_EQ(rules.proxy_for_http, | |
| 517 net::ProxyServer(net::ProxyServer::SCHEME_HTTP, | |
| 518 net::HostPortPair(kHttpHost, kHttpPort))); | |
| 519 // Verify https proxy server. | |
| 520 EXPECT_TRUE(rules.proxy_for_https.is_valid()); | |
| 521 EXPECT_EQ(rules.proxy_for_https, | |
| 522 net::ProxyServer(net::ProxyServer::SCHEME_HTTP, | |
| 523 net::HostPortPair(kHttpsHost, kHttpsPort))); | |
| 524 // Verify ftp proxy server. | |
| 525 EXPECT_TRUE(rules.proxy_for_ftp.is_valid()); | |
| 526 EXPECT_EQ(rules.proxy_for_ftp, | |
| 527 net::ProxyServer(net::ProxyServer::SCHEME_HTTP, | |
| 528 net::HostPortPair(kFtpHost, kFtpPort))); | |
| 529 // Verify socks server. | |
| 530 EXPECT_TRUE(rules.fallback_proxy.is_valid()); | |
| 531 EXPECT_EQ(rules.fallback_proxy, | |
| 532 net::ProxyServer(net::ProxyServer::SCHEME_SOCKS5, | |
| 533 net::HostPortPair(socks_host, kSocksPort))); | |
| 534 // Verify bypass rules. | |
| 535 net::ProxyBypassRules expected_bypass_rules; | |
| 536 expected_bypass_rules.AddRuleFromString("google.com"); | |
| 537 expected_bypass_rules.AddRuleToBypassLocal(); | |
| 538 EXPECT_TRUE(expected_bypass_rules.Equals(rules.bypass_rules)); | |
| 539 } | |
| 540 | |
| 541 TEST(OncNetworkParserUserExpansionTest, GetUserExpandedValue) { | |
| 542 ScopedMockUserManagerEnabler mock_user_manager; | |
| 543 mock_user_manager.user_manager()->SetLoggedInUser("onc@example.com"); | |
| 544 | |
| 545 EXPECT_CALL(*mock_user_manager.user_manager(), IsUserLoggedIn()) | |
| 546 .Times(2) | |
| 547 .WillRepeatedly(Return(false)); | |
| 548 | |
| 549 onc::ONCSource source = onc::ONC_SOURCE_USER_IMPORT; | |
| 550 | |
| 551 // Setup environment needed by UserManager. | |
| 552 MessageLoop loop; | |
| 553 content::TestBrowserThread ui_thread(content::BrowserThread::UI, &loop); | |
| 554 base::ShadowingAtExitManager at_exit_manager; | |
| 555 ScopedTestingLocalState local_state(TestingBrowserProcess::GetGlobal()); | |
| 556 | |
| 557 base::StringValue login_id_pattern("a ${LOGIN_ID} b"); | |
| 558 base::StringValue login_email_pattern("a ${LOGIN_EMAIL} b"); | |
| 559 | |
| 560 // No expansion if there is no user logged in. | |
| 561 EXPECT_EQ("a ${LOGIN_ID} b", | |
| 562 chromeos::OncNetworkParser::GetUserExpandedValue( | |
| 563 login_id_pattern, source)); | |
| 564 EXPECT_EQ("a ${LOGIN_EMAIL} b", | |
| 565 chromeos::OncNetworkParser::GetUserExpandedValue( | |
| 566 login_email_pattern, source)); | |
| 567 | |
| 568 // Log in a user and check that the expansions work as expected. | |
| 569 EXPECT_CALL(*mock_user_manager.user_manager(), IsUserLoggedIn()) | |
| 570 .Times(2) | |
| 571 .WillRepeatedly(Return(true)); | |
| 572 | |
| 573 EXPECT_EQ("a onc b", | |
| 574 chromeos::OncNetworkParser::GetUserExpandedValue( | |
| 575 login_id_pattern, source)); | |
| 576 EXPECT_EQ("a onc@example.com b", | |
| 577 chromeos::OncNetworkParser::GetUserExpandedValue( | |
| 578 login_email_pattern, source)); | |
| 579 } | |
| 580 | |
| 581 TEST_F(OncNetworkParserTest, TestRemoveNetworkWifi) { | |
| 582 scoped_ptr<base::ListValue> network_configs = | |
| 583 ReadNetworkConfigs("network-wifi-remove.onc"); | |
| 584 OncNetworkParser parser(*network_configs, | |
| 585 onc::ONC_SOURCE_USER_IMPORT); | |
| 586 EXPECT_EQ(1, parser.GetNetworkConfigsSize()); | |
| 587 bool marked_for_removal = false; | |
| 588 scoped_ptr<Network> network(parser.ParseNetwork(0, &marked_for_removal)); | |
| 589 | |
| 590 EXPECT_TRUE(marked_for_removal); | |
| 591 EXPECT_EQ("{485d6076-dd44-6b6d-69787465725f5045}", network->unique_id()); | |
| 592 } | |
| 593 | |
| 594 } // namespace chromeos | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11578052:
Replace OncNetworkParser by the new ONC translator. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@extend_onc_to_shill