Merge Chromium at r65505: Initial merge by git.

Change-Id: I31d8f1d8cd33caaf7f47ffa7350aef42d5fbdb45

1 files changed, 52 insertions, 21 deletions

diff --git a/net/tools/testserver/testserver.py b/net/tools/testserver/testserver.py
index c3fe86b..55aa6a9 100644..100755
--- a/net/tools/testserver/testserver.py
+++ b/net/tools/testserver/testserver.py
@@ -21,7 +21,7 @@ import shutil
 import SocketServer
 import sys
 import time
-import urllib2
+import urlparse
 import warnings
 
 # Ignore deprecation warnings, they make our output more cluttered.
@@ -64,7 +64,7 @@ class HTTPSServer(tlslite.api.TLSSocketServerMixIn, StoppableHTTPServer):
   """This is a specialization of StoppableHTTPerver that add https support."""
 
   def __init__(self, server_address, request_hander_class, cert_path,
-               ssl_client_auth, ssl_client_cas):
+               ssl_client_auth, ssl_client_cas, ssl_bulk_ciphers):
     s = open(cert_path).read()
     x509 = tlslite.api.X509()
     x509.parse(s)
@@ -78,6 +78,9 @@ class HTTPSServer(tlslite.api.TLSSocketServerMixIn, StoppableHTTPServer):
         x509 = tlslite.api.X509()
         x509.parse(s)
         self.ssl_client_cas.append(x509.subject)
+    self.ssl_handshake_settings = tlslite.api.HandshakeSettings()
+    if ssl_bulk_ciphers is not None:
+      self.ssl_handshake_settings.cipherNames = ssl_bulk_ciphers
 
     self.session_cache = tlslite.api.SessionCache()
     StoppableHTTPServer.__init__(self, server_address, request_hander_class)
@@ -89,6 +92,7 @@ class HTTPSServer(tlslite.api.TLSSocketServerMixIn, StoppableHTTPServer):
                                     privateKey=self.private_key,
                                     sessionCache=self.session_cache,
                                     reqCert=self.ssl_client_auth,
+                                    settings=self.ssl_handshake_settings,
                                     reqCAs=self.ssl_client_cas)
       tlsConnection.ignoreAbruptClose = True
       return True
@@ -569,6 +573,24 @@ class TestPageHandler(BaseHTTPServer.BaseHTTPRequestHandler):
     self.end_headers()
     return True
 
+  def _ReplaceFileData(self, data, query_parameters):
+    """Replaces matching substrings in a file.
+
+    If the 'replace_orig' and 'replace_new' URL query parameters are present,
+    a new string is returned with all occasions of the 'replace_orig' value
+    replaced by the 'replace_new' value.
+
+    If the parameters are not present, |data| is returned.
+    """
+    query_dict = cgi.parse_qs(query_parameters)
+    orig_values = query_dict.get('replace_orig', [])
+    new_values = query_dict.get('replace_new', [])
+    if not orig_values or not new_values:
+      return data
+    orig_value = orig_values[0]
+    new_value = new_values[0]
+    return data.replace(orig_value, new_value)
+
   def FileHandler(self):
     """This handler sends the contents of the requested file.  Wow, it's like
     a real webserver!"""
@@ -581,29 +603,27 @@ class TestPageHandler(BaseHTTPServer.BaseHTTPRequestHandler):
     if self.command == 'POST' or self.command == 'PUT' :
       self.rfile.read(int(self.headers.getheader('content-length')))
 
-    file = self.path[len(prefix):]
-    if file.find('?') > -1:
-      # Ignore the query parameters entirely.
-      url, querystring = file.split('?')
-    else:
-      url = file
-    entries = url.split('/')
-    path = os.path.join(self.server.data_dir, *entries)
-    if os.path.isdir(path):
-      path = os.path.join(path, 'index.html')
-
-    if not os.path.isfile(path):
-      print "File not found " + file + " full path:" + path
+    _, _, url_path, _, query, _ = urlparse.urlparse(self.path)
+    sub_path = url_path[len(prefix):]
+    entries = sub_path.split('/')
+    file_path = os.path.join(self.server.data_dir, *entries)
+    if os.path.isdir(file_path):
+      file_path = os.path.join(file_path, 'index.html')
+
+    if not os.path.isfile(file_path):
+      print "File not found " + sub_path + " full path:" + file_path
       self.send_error(404)
       return True
 
-    f = open(path, "rb")
+    f = open(file_path, "rb")
     data = f.read()
     f.close()
 
+    data = self._ReplaceFileData(data, query)
+
     # If file.mock-http-headers exists, it contains the headers we
     # should send.  Read them in and parse them.
-    headers_path = path + '.mock-http-headers'
+    headers_path = file_path + '.mock-http-headers'
     if os.path.isfile(headers_path):
       f = open(headers_path, "r")
 
@@ -623,7 +643,7 @@ class TestPageHandler(BaseHTTPServer.BaseHTTPRequestHandler):
       # Could be more generic once we support mime-type sniffing, but for
       # now we need to set it explicitly.
       self.send_response(200)
-      self.send_header('Content-type', self.GetMIMETypeFromName(file))
+      self.send_header('Content-type', self.GetMIMETypeFromName(file_path))
       self.send_header('Content-Length', len(data))
     self.end_headers()
 
@@ -1169,7 +1189,8 @@ def main(options, args):
                 ' exiting...'
           return
       server = HTTPSServer(('127.0.0.1', port), TestPageHandler, options.cert,
-                           options.ssl_client_auth, options.ssl_client_ca)
+                           options.ssl_client_auth, options.ssl_client_ca,
+                           options.ssl_bulk_cipher)
       print 'HTTPS server started on port %d...' % port
     else:
       server = StoppableHTTPServer(('127.0.0.1', port), TestPageHandler)
@@ -1240,8 +1261,18 @@ if __name__ == '__main__':
                            help='Require SSL client auth on every connection.')
   option_parser.add_option('', '--ssl-client-ca', action='append', default=[],
                            help='Specify that the client certificate request '
-                           'should indicate that it supports the CA contained '
-                           'in the specified certificate file')
+                           'should include the CA named in the subject of '
+                           'the DER-encoded certificate contained in the '
+                           'specified file. This option may appear multiple '
+                           'times, indicating multiple CA names should be '
+                           'sent in the request.')
+  option_parser.add_option('', '--ssl-bulk-cipher', action='append',
+                           help='Specify the bulk encryption algorithm(s)'
+                           'that will be accepted by the SSL server. Valid '
+                           'values are "aes256", "aes128", "3des", "rc4". If '
+                           'omitted, all algorithms will be used. This '
+                           'option may appear multiple times, indicating '
+                           'multiple algorithms should be enabled.');
   option_parser.add_option('', '--file-root-url', default='/files/',
                            help='Specify a root URL for files served.')
   option_parser.add_option('', '--startup-pipe', type='int',