diff options
| author | nick@chromium.org <nick@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-02 22:03:12 +0000 |
|---|---|---|
| committer | nick@chromium.org <nick@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-02 22:03:12 +0000 |
| commit | 58a496f954596fc8720777c14213f4a35533147e (patch) | |
| tree | 65b4220a7f685e08eab9a94d73629f6405e59a73 /net/socket | |
| parent | 4d299ea9d1a3d8a582cc96bf8efb5e84f09b77d7 (diff) | |
| download | chromium_src-58a496f954596fc8720777c14213f4a35533147e.zip chromium_src-58a496f954596fc8720777c14213f4a35533147e.tar.gz chromium_src-58a496f954596fc8720777c14213f4a35533147e.tar.bz2 | |
Revert 54405 - Fix late binding induced mismatch of Socket and AuthController
[Reason for revert: large spike in crash rate on reliability bots]
ClientSocketPool treats all pending SocketParams as interchangeable. Therefore they can not contain any connection specific data. This only affects the Http Proxy tunnel case. The lowest risk change to fix this problem is to create the HttpAuthController in the HttpProxyClientSocket. If we get a 407 and need to restart the Tunnel, the pending HttpProxyClientSocket is returned to the HttpNetworkTransaction in the additional error state of the connection and then complete the auth in a pair of states in the HttpNetworkTransaction. This reintroduces a dependency between tunnel setup and the HttpNetworkTransaction, but that will need to be fixed at a later date.
BUG=49493,50822
TEST=existing unit tests + manually visiting many SSL sites through a kerberized http proxy.
Review URL: http://codereview.chromium.org/3058013
TBR=vandebo@chromium.org
Review URL: http://codereview.chromium.org/3056040
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54616 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/socket')
| -rw-r--r-- | net/socket/client_socket_handle.cc | 1 | ||||
| -rw-r--r-- | net/socket/client_socket_handle.h | 7 | ||||
| -rw-r--r-- | net/socket/socket_test_util.cc | 47 | ||||
| -rw-r--r-- | net/socket/socket_test_util.h | 40 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_pool.cc | 28 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_pool.h | 4 | ||||
| -rw-r--r-- | net/socket/ssl_client_socket_pool_unittest.cc | 236 |
7 files changed, 293 insertions, 70 deletions
diff --git a/net/socket/client_socket_handle.cc b/net/socket/client_socket_handle.cc index d9ccbd5..de2fd94 100644 --- a/net/socket/client_socket_handle.cc +++ b/net/socket/client_socket_handle.cc @@ -59,7 +59,6 @@ void ClientSocketHandle::ResetInternal(bool cancel) { void ClientSocketHandle::ResetErrorState() { is_ssl_error_ = false; ssl_error_response_info_ = HttpResponseInfo(); - pending_http_proxy_connection_.reset(); } LoadState ClientSocketHandle::GetLoadState() const { diff --git a/net/socket/client_socket_handle.h b/net/socket/client_socket_handle.h index adccc89..a25bfdb 100644 --- a/net/socket/client_socket_handle.h +++ b/net/socket/client_socket_handle.h @@ -109,9 +109,6 @@ class ClientSocketHandle { void set_ssl_error_response_info(const HttpResponseInfo& ssl_error_state) { ssl_error_response_info_ = ssl_error_state; } - void set_pending_http_proxy_connection(ClientSocketHandle* connection) { - pending_http_proxy_connection_.reset(connection); - } // Only valid if there is no |socket_|. bool is_ssl_error() const { @@ -124,9 +121,6 @@ class ClientSocketHandle { const HttpResponseInfo& ssl_error_response_info() const { return ssl_error_response_info_; } - ClientSocketHandle* release_pending_http_proxy_connection() { - return pending_http_proxy_connection_.release(); - } // These may only be used if is_initialized() is true. const std::string& group_name() const { return group_name_; } @@ -185,7 +179,6 @@ class ClientSocketHandle { int pool_id_; // See ClientSocketPool::ReleaseSocket() for an explanation. bool is_ssl_error_; HttpResponseInfo ssl_error_response_info_; - scoped_ptr<ClientSocketHandle> pending_http_proxy_connection_; base::TimeTicks init_time_; base::TimeDelta setup_time_; diff --git a/net/socket/socket_test_util.cc b/net/socket/socket_test_util.cc index ce7f3fc06..d4d74a7 100644 --- a/net/socket/socket_test_util.cc +++ b/net/socket/socket_test_util.cc @@ -886,6 +886,53 @@ void MockSOCKSClientSocketPool::ReleaseSocket(const std::string& group_name, MockSOCKSClientSocketPool::~MockSOCKSClientSocketPool() {} +MockHttpAuthController::MockHttpAuthController() + : HttpAuthController(HttpAuth::AUTH_PROXY, GURL(), + scoped_refptr<HttpNetworkSession>(NULL)), + data_(NULL), + data_index_(0), + data_count_(0) { +} + +void MockHttpAuthController::SetMockAuthControllerData( + struct MockHttpAuthControllerData* data, size_t count) { + data_ = data; + data_count_ = count; +} + +int MockHttpAuthController::MaybeGenerateAuthToken( + const HttpRequestInfo* request, + CompletionCallback* callback, + const BoundNetLog& net_log) { + return OK; +} + +void MockHttpAuthController::AddAuthorizationHeader( + HttpRequestHeaders* authorization_headers) { + authorization_headers->AddHeadersFromString(CurrentData().auth_header); +} + +int MockHttpAuthController::HandleAuthChallenge( + scoped_refptr<HttpResponseHeaders> headers, + bool do_not_send_server_auth, + bool establishing_tunnel, + const BoundNetLog& net_log) { + return OK; +} + +void MockHttpAuthController::ResetAuth(const string16& username, + const string16& password) { + data_index_++; +} + +bool MockHttpAuthController::HaveAuth() const { + return CurrentData().auth_header.size() != 0; +} + +bool MockHttpAuthController::HaveAuthHandler() const { + return HaveAuth(); +} + const char kSOCKS5GreetRequest[] = { 0x05, 0x01, 0x00 }; const int kSOCKS5GreetRequestLength = arraysize(kSOCKS5GreetRequest); diff --git a/net/socket/socket_test_util.h b/net/socket/socket_test_util.h index 0ccf878..1a0ab11 100644 --- a/net/socket/socket_test_util.h +++ b/net/socket/socket_test_util.h @@ -695,6 +695,46 @@ class MockSOCKSClientSocketPool : public SOCKSClientSocketPool { DISALLOW_COPY_AND_ASSIGN(MockSOCKSClientSocketPool); }; +struct MockHttpAuthControllerData { + explicit MockHttpAuthControllerData(std::string header) + : auth_header(header) {} + + std::string auth_header; +}; + +class MockHttpAuthController : public HttpAuthController { + public: + MockHttpAuthController(); + void SetMockAuthControllerData(struct MockHttpAuthControllerData* data, + size_t data_length); + + // HttpAuthController methods. + virtual int MaybeGenerateAuthToken(const HttpRequestInfo* request, + CompletionCallback* callback, + const BoundNetLog& net_log); + virtual void AddAuthorizationHeader( + HttpRequestHeaders* authorization_headers); + virtual int HandleAuthChallenge(scoped_refptr<HttpResponseHeaders> headers, + bool do_not_send_server_auth, + bool establishing_tunnel, + const BoundNetLog& net_log); + virtual void ResetAuth(const string16& username, + const string16& password); + virtual bool HaveAuthHandler() const; + virtual bool HaveAuth() const; + + private: + virtual ~MockHttpAuthController() {} + const struct MockHttpAuthControllerData& CurrentData() const { + DCHECK(data_index_ < data_count_); + return data_[data_index_]; + } + + MockHttpAuthControllerData* data_; + size_t data_index_; + size_t data_count_; +}; + // Constants for a successful SOCKS v5 handshake. extern const char kSOCKS5GreetRequest[]; extern const int kSOCKS5GreetRequestLength; diff --git a/net/socket/ssl_client_socket_pool.cc b/net/socket/ssl_client_socket_pool.cc index 5ed450e..03e2e80 100644 --- a/net/socket/ssl_client_socket_pool.cc +++ b/net/socket/ssl_client_socket_pool.cc @@ -103,6 +103,11 @@ LoadState SSLConnectJob::GetLoadState() const { } int SSLConnectJob::ConnectInternal() { + DetermineFirstState(); + return DoLoop(OK); +} + +void SSLConnectJob::DetermineFirstState() { switch (params_->proxy()) { case ProxyServer::SCHEME_DIRECT: next_state_ = STATE_TCP_CONNECT; @@ -118,7 +123,6 @@ int SSLConnectJob::ConnectInternal() { NOTREACHED() << "unknown proxy type"; break; } - return DoLoop(OK); } void SSLConnectJob::OnIOComplete(int result) { @@ -210,7 +214,6 @@ int SSLConnectJob::DoSOCKSConnectComplete(int result) { int SSLConnectJob::DoTunnelConnect() { DCHECK(http_proxy_pool_.get()); next_state_ = STATE_TUNNEL_CONNECT_COMPLETE; - transport_socket_handle_.reset(new ClientSocketHandle()); scoped_refptr<HttpProxySocketParams> http_proxy_params = params_->http_proxy_params(); @@ -225,6 +228,12 @@ int SSLConnectJob::DoTunnelConnectComplete(int result) { HttpProxyClientSocket* tunnel_socket = static_cast<HttpProxyClientSocket*>(socket); + if (result == ERR_RETRY_CONNECTION) { + DetermineFirstState(); + transport_socket_handle_->socket()->Disconnect(); + return OK; + } + // Extract the information needed to prompt for the proxy authentication. // so that when ClientSocketPoolBaseHelper calls |GetAdditionalErrorState|, // we can easily set the state. @@ -234,17 +243,20 @@ int SSLConnectJob::DoTunnelConnectComplete(int result) { if (result < 0) return result; - DCHECK(tunnel_socket->IsConnected()); + if (tunnel_socket->NeedsRestartWithAuth()) { + // We must have gotten an 'idle' tunnel socket that is waiting for auth. + // The HttpAuthController should have new credentials, we just need + // to retry. + next_state_ = STATE_TUNNEL_CONNECT_COMPLETE; + return tunnel_socket->RestartWithAuth(&callback_); + } + next_state_ = STATE_SSL_CONNECT; return result; } void SSLConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) { - if (error_response_info_.headers) { - handle->set_ssl_error_response_info(error_response_info_); - handle->set_pending_http_proxy_connection( - transport_socket_handle_.release()); - } + handle->set_ssl_error_response_info(error_response_info_); if (!ssl_connect_start_time_.is_null()) handle->set_is_ssl_error(true); } diff --git a/net/socket/ssl_client_socket_pool.h b/net/socket/ssl_client_socket_pool.h index 9857c61..b44985f 100644 --- a/net/socket/ssl_client_socket_pool.h +++ b/net/socket/ssl_client_socket_pool.h @@ -44,7 +44,7 @@ class SSLSocketParams : public base::RefCounted<SSLSocketParams> { bool want_spdy_over_npn); const scoped_refptr<TCPSocketParams>& tcp_params() { return tcp_params_; } - const scoped_refptr<HttpProxySocketParams>& http_proxy_params() { + const scoped_refptr<HttpProxySocketParams>& http_proxy_params () { return http_proxy_params_; } const scoped_refptr<SOCKSSocketParams>& socks_params() { @@ -114,6 +114,8 @@ class SSLConnectJob : public ConnectJob { // Otherwise, it returns a net error code. virtual int ConnectInternal(); + void DetermineFirstState(); + void OnIOComplete(int result); // Runs the state transition loop. diff --git a/net/socket/ssl_client_socket_pool_unittest.cc b/net/socket/ssl_client_socket_pool_unittest.cc index 047a647..efc4795 100644 --- a/net/socket/ssl_client_socket_pool_unittest.cc +++ b/net/socket/ssl_client_socket_pool_unittest.cc @@ -6,14 +6,13 @@ #include "base/callback.h" #include "base/compiler_specific.h" -#include "base/string_util.h" #include "base/time.h" #include "net/base/auth.h" #include "net/base/mock_host_resolver.h" #include "net/base/net_errors.h" #include "net/base/test_completion_callback.h" #include "net/base/ssl_config_service_defaults.h" -#include "net/http/http_auth_handler_factory.h" +#include "net/http/http_auth_controller.h" #include "net/http/http_network_session.h" #include "net/http/http_request_headers.h" #include "net/http/http_response_headers.h" @@ -21,7 +20,6 @@ #include "net/socket/client_socket_handle.h" #include "net/socket/client_socket_pool_histograms.h" #include "net/socket/socket_test_util.h" -#include "net/spdy/spdy_session_pool.h" #include "testing/gtest/include/gtest/gtest.h" namespace net { @@ -34,16 +32,7 @@ const int kMaxSocketsPerGroup = 6; class SSLClientSocketPoolTest : public ClientSocketPoolTest { protected: SSLClientSocketPoolTest() - : http_auth_handler_factory_(HttpAuthHandlerFactory::CreateDefault()), - session_(new HttpNetworkSession(new MockHostResolver, - ProxyService::CreateNull(), - &socket_factory_, - new SSLConfigServiceDefaults, - new SpdySessionPool(), - http_auth_handler_factory_.get(), - NULL, - NULL)), - direct_tcp_socket_params_(new TCPSocketParams( + : direct_tcp_socket_params_(new TCPSocketParams( HostPortPair("host", 443), MEDIUM, GURL(), false)), tcp_socket_pool_(new MockTCPClientSocketPool( kMaxSockets, @@ -52,9 +41,6 @@ class SSLClientSocketPoolTest : public ClientSocketPoolTest { &socket_factory_)), proxy_tcp_socket_params_(new TCPSocketParams( HostPortPair("proxy", 443), MEDIUM, GURL(), false)), - http_proxy_socket_params_(new HttpProxySocketParams( - proxy_tcp_socket_params_, GURL("http://host"), - HostPortPair("host", 80), session_, true)), http_proxy_socket_pool_(new HttpProxyClientSocketPool( kMaxSockets, kMaxSocketsPerGroup, @@ -88,30 +74,33 @@ class SSLClientSocketPoolTest : public ClientSocketPoolTest { NULL); } - scoped_refptr<SSLSocketParams> SSLParams(ProxyServer::Scheme proxy, - bool want_spdy_over_npn) { + scoped_refptr<SSLSocketParams> SSLParams( + ProxyServer::Scheme proxy, struct MockHttpAuthControllerData* auth_data, + size_t auth_data_len, bool want_spdy_over_ssl, bool want_spdy_over_npn) { + scoped_refptr<HttpProxySocketParams> http_proxy_params; + if (proxy == ProxyServer::SCHEME_HTTP) { + scoped_refptr<MockHttpAuthController> auth_controller = + new MockHttpAuthController(); + auth_controller->SetMockAuthControllerData(auth_data, auth_data_len); + http_proxy_params = new HttpProxySocketParams(proxy_tcp_socket_params_, + GURL("http://host"), + HostPortPair("host", 80), + auth_controller, true); + } + return make_scoped_refptr(new SSLSocketParams( proxy == ProxyServer::SCHEME_DIRECT ? direct_tcp_socket_params_ : NULL, - proxy == ProxyServer::SCHEME_HTTP ? http_proxy_socket_params_ : NULL, + http_proxy_params, proxy == ProxyServer::SCHEME_SOCKS5 ? socks_socket_params_ : NULL, proxy, "host", ssl_config_, 0, - false, + want_spdy_over_ssl, want_spdy_over_npn)); } - void AddAuthToCache() { - const string16 kFoo(ASCIIToUTF16("foo")); - const string16 kBar(ASCIIToUTF16("bar")); - session_->auth_cache()->Add(GURL("http://proxy:443/"), "MyRealm1", "Basic", - "Basic realm=MyRealm1", kFoo, kBar, "/"); - } - MockClientSocketFactory socket_factory_; - scoped_ptr<HttpAuthHandlerFactory> http_auth_handler_factory_; - scoped_refptr<HttpNetworkSession> session_; scoped_refptr<TCPSocketParams> direct_tcp_socket_params_; scoped_refptr<MockTCPClientSocketPool> tcp_socket_pool_; @@ -134,7 +123,7 @@ TEST_F(SSLClientSocketPoolTest, TCPFail) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; int rv = handle.Init("a", params, MEDIUM, NULL, pool_, BoundNetLog()); @@ -151,7 +140,7 @@ TEST_F(SSLClientSocketPoolTest, TCPFailAsync) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -175,7 +164,7 @@ TEST_F(SSLClientSocketPoolTest, BasicDirect) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -193,7 +182,7 @@ TEST_F(SSLClientSocketPoolTest, BasicDirectAsync) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -215,7 +204,7 @@ TEST_F(SSLClientSocketPoolTest, DirectCertError) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -237,7 +226,7 @@ TEST_F(SSLClientSocketPoolTest, DirectSSLError) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -262,7 +251,7 @@ TEST_F(SSLClientSocketPoolTest, DirectWithNPN) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -288,7 +277,7 @@ TEST_F(SSLClientSocketPoolTest, DirectNoSPDY) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - true); + NULL, 0, false, true); ClientSocketHandle handle; TestCompletionCallback callback; @@ -313,7 +302,7 @@ TEST_F(SSLClientSocketPoolTest, DirectGotSPDY) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - true); + NULL, 0, false, true); ClientSocketHandle handle; TestCompletionCallback callback; @@ -344,7 +333,7 @@ TEST_F(SSLClientSocketPoolTest, DirectGotBonusSPDY) { CreatePool(true /* tcp pool */, false, false); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_DIRECT, - true); + NULL, 0, false, true); ClientSocketHandle handle; TestCompletionCallback callback; @@ -372,7 +361,7 @@ TEST_F(SSLClientSocketPoolTest, SOCKSFail) { CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -390,7 +379,7 @@ TEST_F(SSLClientSocketPoolTest, SOCKSFailAsync) { CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -414,7 +403,7 @@ TEST_F(SSLClientSocketPoolTest, SOCKSBasic) { CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -432,7 +421,7 @@ TEST_F(SSLClientSocketPoolTest, SOCKSBasicAsync) { CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_SOCKS5, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -453,7 +442,7 @@ TEST_F(SSLClientSocketPoolTest, HttpProxyFail) { CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -471,7 +460,7 @@ TEST_F(SSLClientSocketPoolTest, HttpProxyFailAsync) { CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, - false); + NULL, 0, false, false); ClientSocketHandle handle; TestCompletionCallback callback; @@ -492,7 +481,7 @@ TEST_F(SSLClientSocketPoolTest, HttpProxyBasic) { "CONNECT host:80 HTTP/1.1\r\n" "Host: host\r\n" "Proxy-Connection: keep-alive\r\n" - "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), + "Proxy-Authorization: Basic Zm9vOmJheg==\r\n\r\n"), }; MockRead reads[] = { MockRead(false, "HTTP/1.1 200 Connection Established\r\n\r\n"), @@ -501,12 +490,17 @@ TEST_F(SSLClientSocketPoolTest, HttpProxyBasic) { arraysize(writes)); data.set_connect_data(MockConnect(false, OK)); socket_factory_.AddSocketDataProvider(&data); - AddAuthToCache(); + MockHttpAuthControllerData auth_data[] = { + MockHttpAuthControllerData("Proxy-Authorization: Basic Zm9vOmJheg=="), + }; SSLSocketDataProvider ssl(false, OK); socket_factory_.AddSSLSocketDataProvider(&ssl); CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, + auth_data, + arraysize(auth_data), + false, false); ClientSocketHandle handle; @@ -522,7 +516,7 @@ TEST_F(SSLClientSocketPoolTest, HttpProxyBasicAsync) { MockWrite("CONNECT host:80 HTTP/1.1\r\n" "Host: host\r\n" "Proxy-Connection: keep-alive\r\n" - "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), + "Proxy-Authorization: Basic Zm9vOmJheg==\r\n\r\n"), }; MockRead reads[] = { MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"), @@ -530,12 +524,17 @@ TEST_F(SSLClientSocketPoolTest, HttpProxyBasicAsync) { StaticSocketDataProvider data(reads, arraysize(reads), writes, arraysize(writes)); socket_factory_.AddSocketDataProvider(&data); - AddAuthToCache(); + MockHttpAuthControllerData auth_data[] = { + MockHttpAuthControllerData("Proxy-Authorization: Basic Zm9vOmJheg=="), + }; SSLSocketDataProvider ssl(true, OK); socket_factory_.AddSSLSocketDataProvider(&ssl); CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, + auth_data, + arraysize(auth_data), + false, false); ClientSocketHandle handle; @@ -565,11 +564,135 @@ TEST_F(SSLClientSocketPoolTest, NeedProxyAuth) { StaticSocketDataProvider data(reads, arraysize(reads), writes, arraysize(writes)); socket_factory_.AddSocketDataProvider(&data); + MockHttpAuthControllerData auth_data[] = { + MockHttpAuthControllerData(""), + }; + SSLSocketDataProvider ssl(true, OK); + socket_factory_.AddSSLSocketDataProvider(&ssl); + + CreatePool(false, true /* http proxy pool */, true /* socks pool */); + scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, + auth_data, + arraysize(auth_data), + false, + false); + + ClientSocketHandle handle; + TestCompletionCallback callback; + int rv = handle.Init("a", params, MEDIUM, &callback, pool_, BoundNetLog()); + EXPECT_EQ(ERR_IO_PENDING, rv); + EXPECT_FALSE(handle.is_initialized()); + EXPECT_FALSE(handle.socket()); + + EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult()); + EXPECT_FALSE(handle.is_initialized()); + EXPECT_FALSE(handle.socket()); + EXPECT_FALSE(handle.is_ssl_error()); + const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info(); + EXPECT_EQ(tunnel_info.headers->response_code(), 407); +} + +TEST_F(SSLClientSocketPoolTest, DoProxyAuth) { + MockWrite writes[] = { + MockWrite("CONNECT host:80 HTTP/1.1\r\n" + "Host: host\r\n" + "Proxy-Connection: keep-alive\r\n\r\n"), + MockWrite("CONNECT host:80 HTTP/1.1\r\n" + "Host: host\r\n" + "Proxy-Connection: keep-alive\r\n" + "Proxy-Authorization: Basic Zm9vOmJheg==\r\n\r\n"), + }; + MockRead reads[] = { + MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"), + MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n"), + MockRead("Content-Length: 10\r\n\r\n"), + MockRead("0123456789"), + MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"), + }; + StaticSocketDataProvider data(reads, arraysize(reads), writes, + arraysize(writes)); + socket_factory_.AddSocketDataProvider(&data); + MockHttpAuthControllerData auth_data[] = { + MockHttpAuthControllerData(""), + MockHttpAuthControllerData("Proxy-Authorization: Basic Zm9vOmJheg=="), + }; + SSLSocketDataProvider ssl(true, OK); + socket_factory_.AddSSLSocketDataProvider(&ssl); + + CreatePool(false, true /* http proxy pool */, true /* socks pool */); + scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, + auth_data, + arraysize(auth_data), + false, + false); + + ClientSocketHandle handle; + TestCompletionCallback callback; + int rv = handle.Init("a", params, MEDIUM, &callback, pool_, BoundNetLog()); + EXPECT_EQ(ERR_IO_PENDING, rv); + EXPECT_FALSE(handle.is_initialized()); + EXPECT_FALSE(handle.socket()); + + EXPECT_EQ(ERR_PROXY_AUTH_REQUESTED, callback.WaitForResult()); + EXPECT_FALSE(handle.is_initialized()); + EXPECT_FALSE(handle.socket()); + EXPECT_FALSE(handle.is_ssl_error()); + const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info(); + EXPECT_EQ(tunnel_info.headers->response_code(), 407); + + params->http_proxy_params()->auth_controller()->ResetAuth(string16(), + string16()); + rv = handle.Init("a", params, MEDIUM, &callback, pool_, BoundNetLog()); + EXPECT_EQ(ERR_IO_PENDING, rv); + EXPECT_FALSE(handle.is_initialized()); + EXPECT_FALSE(handle.socket()); + + // Test that http://crbug.com/49325 doesn't regress. + EXPECT_EQ(handle.GetLoadState(), LOAD_STATE_ESTABLISHING_PROXY_TUNNEL); + + EXPECT_EQ(OK, callback.WaitForResult()); + EXPECT_TRUE(handle.is_initialized()); + EXPECT_TRUE(handle.socket()); +} + +TEST_F(SSLClientSocketPoolTest, DoProxyAuthNoKeepAlive) { + MockWrite writes1[] = { + MockWrite("CONNECT host:80 HTTP/1.1\r\n" + "Host: host\r\n" + "Proxy-Connection: keep-alive\r\n\r\n"), + }; + MockWrite writes2[] = { + MockWrite("CONNECT host:80 HTTP/1.1\r\n" + "Host: host\r\n" + "Proxy-Connection: keep-alive\r\n" + "Proxy-Authorization: Basic Zm9vOmJheg==\r\n\r\n"), + }; + MockRead reads1[] = { + MockRead("HTTP/1.1 407 Proxy Authentication Required\r\n"), + MockRead("Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n\r\n"), + MockRead("Content0123456789"), + }; + MockRead reads2[] = { + MockRead("HTTP/1.1 200 Connection Established\r\n\r\n"), + }; + StaticSocketDataProvider data1(reads1, arraysize(reads1), writes1, + arraysize(writes1)); + socket_factory_.AddSocketDataProvider(&data1); + StaticSocketDataProvider data2(reads2, arraysize(reads2), writes2, + arraysize(writes2)); + socket_factory_.AddSocketDataProvider(&data2); + MockHttpAuthControllerData auth_data[] = { + MockHttpAuthControllerData(""), + MockHttpAuthControllerData("Proxy-Authorization: Basic Zm9vOmJheg=="), + }; SSLSocketDataProvider ssl(true, OK); socket_factory_.AddSSLSocketDataProvider(&ssl); CreatePool(false, true /* http proxy pool */, true /* socks pool */); scoped_refptr<SSLSocketParams> params = SSLParams(ProxyServer::SCHEME_HTTP, + auth_data, + arraysize(auth_data), + false, false); ClientSocketHandle handle; @@ -585,10 +708,17 @@ TEST_F(SSLClientSocketPoolTest, NeedProxyAuth) { EXPECT_FALSE(handle.is_ssl_error()); const HttpResponseInfo& tunnel_info = handle.ssl_error_response_info(); EXPECT_EQ(tunnel_info.headers->response_code(), 407); - scoped_ptr<ClientSocketHandle> tunnel_handle( - handle.release_pending_http_proxy_connection()); - EXPECT_TRUE(tunnel_handle->socket()); - EXPECT_FALSE(tunnel_handle->socket()->IsConnected()); + + params->http_proxy_params()->auth_controller()->ResetAuth(string16(), + string16()); + rv = handle.Init("a", params, MEDIUM, &callback, pool_, BoundNetLog()); + EXPECT_EQ(ERR_IO_PENDING, rv); + EXPECT_FALSE(handle.is_initialized()); + EXPECT_FALSE(handle.socket()); + + EXPECT_EQ(OK, callback.WaitForResult()); + EXPECT_TRUE(handle.is_initialized()); + EXPECT_TRUE(handle.socket()); } // It would be nice to also test the timeouts in SSLClientSocketPool. |