1 // Copyright 2019 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/socket/client_socket_pool.h"
6
7 #include <string>
8 #include <vector>
9
10 #include "base/test/scoped_feature_list.h"
11 #include "net/base/features.h"
12 #include "net/base/host_port_pair.h"
13 #include "net/base/network_anonymization_key.h"
14 #include "net/base/privacy_mode.h"
15 #include "net/base/schemeful_site.h"
16 #include "net/dns/public/secure_dns_policy.h"
17 #include "testing/gtest/include/gtest/gtest.h"
18 #include "url/gurl.h"
19 #include "url/scheme_host_port.h"
20 #include "url/url_constants.h"
21
22 namespace net {
23
24 namespace {
25
TEST(ClientSocketPool,GroupIdOperators)26 TEST(ClientSocketPool, GroupIdOperators) {
27 base::test::ScopedFeatureList feature_list;
28 feature_list.InitAndEnableFeature(
29 features::kPartitionConnectionsByNetworkIsolationKey);
30
31 // Each of these lists is in "<" order, as defined by Group::operator< on the
32 // corresponding field.
33
34 const uint16_t kPorts[] = {
35 80,
36 81,
37 443,
38 };
39
40 const char* kSchemes[] = {
41 url::kHttpScheme,
42 url::kHttpsScheme,
43 };
44
45 const char* kHosts[] = {
46 "a",
47 "b",
48 "c",
49 };
50
51 const PrivacyMode kPrivacyModes[] = {
52 PrivacyMode::PRIVACY_MODE_DISABLED,
53 PrivacyMode::PRIVACY_MODE_ENABLED,
54 };
55
56 const SchemefulSite kSiteA(GURL("http://a.test/"));
57 const SchemefulSite kSiteB(GURL("http://b.test/"));
58 const NetworkAnonymizationKey kNetworkAnonymizationKeys[] = {
59 NetworkAnonymizationKey::CreateSameSite(kSiteA),
60 NetworkAnonymizationKey::CreateSameSite(kSiteB),
61 };
62
63 const SecureDnsPolicy kDisableSecureDnsValues[] = {SecureDnsPolicy::kAllow,
64 SecureDnsPolicy::kDisable};
65
66 // All previously created |group_ids|. They should all be less than the
67 // current group under consideration.
68 std::vector<ClientSocketPool::GroupId> group_ids;
69
70 // Iterate through all sets of group ids, from least to greatest.
71 for (const auto& port : kPorts) {
72 SCOPED_TRACE(port);
73 for (const char* scheme : kSchemes) {
74 SCOPED_TRACE(scheme);
75 for (const char* host : kHosts) {
76 SCOPED_TRACE(host);
77 for (const auto& privacy_mode : kPrivacyModes) {
78 SCOPED_TRACE(privacy_mode);
79 for (const auto& network_anonymization_key :
80 kNetworkAnonymizationKeys) {
81 SCOPED_TRACE(network_anonymization_key.ToDebugString());
82 for (const auto& secure_dns_policy : kDisableSecureDnsValues) {
83 ClientSocketPool::GroupId group_id(
84 url::SchemeHostPort(scheme, host, port), privacy_mode,
85 network_anonymization_key, secure_dns_policy,
86 /*disable_cert_network_fetches=*/false);
87 for (const auto& lower_group_id : group_ids) {
88 EXPECT_FALSE(lower_group_id == group_id);
89 EXPECT_TRUE(lower_group_id < group_id);
90 EXPECT_FALSE(group_id < lower_group_id);
91 }
92
93 group_ids.push_back(group_id);
94
95 // Compare |group_id| to itself. Use two different copies of
96 // |group_id|'s value, since to protect against bugs where an
97 // object only equals itself.
98 EXPECT_TRUE(group_ids.back() == group_id);
99 EXPECT_FALSE(group_ids.back() < group_id);
100 EXPECT_FALSE(group_id < group_ids.back());
101 }
102 }
103 }
104 }
105 }
106 }
107 }
108
TEST(ClientSocketPool,GroupIdToString)109 TEST(ClientSocketPool, GroupIdToString) {
110 base::test::ScopedFeatureList feature_list;
111 feature_list.InitAndEnableFeature(
112 features::kPartitionConnectionsByNetworkIsolationKey);
113
114 EXPECT_EQ("http://foo <null>",
115 ClientSocketPool::GroupId(
116 url::SchemeHostPort(url::kHttpScheme, "foo", 80),
117 PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
118 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
119 .ToString());
120 EXPECT_EQ("http://bar:443 <null>",
121 ClientSocketPool::GroupId(
122 url::SchemeHostPort(url::kHttpScheme, "bar", 443),
123 PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
124 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
125 .ToString());
126 EXPECT_EQ("pm/http://bar <null>",
127 ClientSocketPool::GroupId(
128 url::SchemeHostPort(url::kHttpScheme, "bar", 80),
129 PrivacyMode::PRIVACY_MODE_ENABLED, NetworkAnonymizationKey(),
130 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
131 .ToString());
132
133 EXPECT_EQ("https://foo:80 <null>",
134 ClientSocketPool::GroupId(
135 url::SchemeHostPort(url::kHttpsScheme, "foo", 80),
136 PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
137 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
138 .ToString());
139 EXPECT_EQ("https://bar <null>",
140 ClientSocketPool::GroupId(
141 url::SchemeHostPort(url::kHttpsScheme, "bar", 443),
142 PrivacyMode::PRIVACY_MODE_DISABLED, NetworkAnonymizationKey(),
143 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
144 .ToString());
145 EXPECT_EQ("pm/https://bar:80 <null>",
146 ClientSocketPool::GroupId(
147 url::SchemeHostPort(url::kHttpsScheme, "bar", 80),
148 PrivacyMode::PRIVACY_MODE_ENABLED, NetworkAnonymizationKey(),
149 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
150 .ToString());
151
152 EXPECT_EQ("https://foo <https://foo.test cross_site>",
153 ClientSocketPool::GroupId(
154 url::SchemeHostPort(url::kHttpsScheme, "foo", 443),
155 PrivacyMode::PRIVACY_MODE_DISABLED,
156 NetworkAnonymizationKey::CreateCrossSite(
157 SchemefulSite(GURL("https://foo.test"))),
158 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false)
159 .ToString());
160
161 EXPECT_EQ(
162 "dsd/pm/https://bar:80 <null>",
163 ClientSocketPool::GroupId(
164 url::SchemeHostPort(url::kHttpsScheme, "bar", 80),
165 PrivacyMode::PRIVACY_MODE_ENABLED, NetworkAnonymizationKey(),
166 SecureDnsPolicy::kDisable, /*disable_cert_network_fetches=*/false)
167 .ToString());
168
169 EXPECT_EQ("disable_cert_network_fetches/pm/https://bar:80 <null>",
170 ClientSocketPool::GroupId(
171 url::SchemeHostPort(url::kHttpsScheme, "bar", 80),
172 PrivacyMode::PRIVACY_MODE_ENABLED, NetworkAnonymizationKey(),
173 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/true)
174 .ToString());
175 }
176
TEST(ClientSocketPool,PartitionConnectionsByNetworkIsolationKeyDisabled)177 TEST(ClientSocketPool, PartitionConnectionsByNetworkIsolationKeyDisabled) {
178 const SchemefulSite kSiteFoo(GURL("https://foo.com"));
179 const SchemefulSite kSiteBar(GURL("https://bar.com"));
180 base::test::ScopedFeatureList feature_list;
181 feature_list.InitAndDisableFeature(
182 features::kPartitionConnectionsByNetworkIsolationKey);
183
184 ClientSocketPool::GroupId group_id1(
185 url::SchemeHostPort(url::kHttpsScheme, "foo", 443),
186 PrivacyMode::PRIVACY_MODE_DISABLED,
187 NetworkAnonymizationKey::CreateSameSite(kSiteFoo),
188 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
189
190 ClientSocketPool::GroupId group_id2(
191 url::SchemeHostPort(url::kHttpsScheme, "foo", 443),
192 PrivacyMode::PRIVACY_MODE_DISABLED,
193 NetworkAnonymizationKey::CreateSameSite(kSiteBar),
194 SecureDnsPolicy::kAllow, /*disable_cert_network_fetches=*/false);
195
196 EXPECT_FALSE(group_id1.network_anonymization_key().IsFullyPopulated());
197 EXPECT_FALSE(group_id2.network_anonymization_key().IsFullyPopulated());
198 EXPECT_EQ(group_id1.network_anonymization_key(),
199 group_id2.network_anonymization_key());
200 EXPECT_EQ(group_id1, group_id2);
201
202 EXPECT_EQ("https://foo", group_id1.ToString());
203 EXPECT_EQ("https://foo", group_id2.ToString());
204 }
205
206 } // namespace
207
208 } // namespace net
209