base_test_server.cc revision 0529e5d033099cbfc42635f6f6183833b09dff6e 
1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "net/test/spawned_test_server/base_test_server.h"
6
7#include <string>
8#include <vector>
9
10#include "base/base64.h"
11#include "base/file_util.h"
12#include "base/json/json_reader.h"
13#include "base/logging.h"
14#include "base/path_service.h"
15#include "base/values.h"
16#include "net/base/address_list.h"
17#include "net/base/host_port_pair.h"
18#include "net/base/net_errors.h"
19#include "net/base/net_log.h"
20#include "net/base/net_util.h"
21#include "net/base/test_completion_callback.h"
22#include "net/cert/test_root_certs.h"
23#include "net/dns/host_resolver.h"
24#include "url/gurl.h"
25
26namespace net {
27
28namespace {
29
30std::string GetHostname(BaseTestServer::Type type,
31                        const BaseTestServer::SSLOptions& options) {
32  if (BaseTestServer::UsingSSL(type) &&
33      options.server_certificate ==
34          BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) {
35    // Return a different hostname string that resolves to the same hostname.
36    return "localhost";
37  }
38
39  // Use the 127.0.0.1 as default.
40  return BaseTestServer::kLocalhost;
41}
42
43void GetKeyExchangesList(int key_exchange, base::ListValue* values) {
44  if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_RSA)
45    values->Append(new base::StringValue("rsa"));
46  if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA)
47    values->Append(new base::StringValue("dhe_rsa"));
48}
49
50void GetCiphersList(int cipher, base::ListValue* values) {
51  if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_RC4)
52    values->Append(new base::StringValue("rc4"));
53  if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES128)
54    values->Append(new base::StringValue("aes128"));
55  if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES256)
56    values->Append(new base::StringValue("aes256"));
57  if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_3DES)
58    values->Append(new base::StringValue("3des"));
59}
60
61}  // namespace
62
63BaseTestServer::SSLOptions::SSLOptions()
64    : server_certificate(CERT_OK),
65      ocsp_status(OCSP_OK),
66      cert_serial(0),
67      request_client_certificate(false),
68      key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
69      bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
70      record_resume(false),
71      tls_intolerant(TLS_INTOLERANT_NONE),
72      fallback_scsv_enabled(false),
73      staple_ocsp_response(false),
74      enable_npn(false) {}
75
76BaseTestServer::SSLOptions::SSLOptions(
77    BaseTestServer::SSLOptions::ServerCertificate cert)
78    : server_certificate(cert),
79      ocsp_status(OCSP_OK),
80      cert_serial(0),
81      request_client_certificate(false),
82      key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
83      bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
84      record_resume(false),
85      tls_intolerant(TLS_INTOLERANT_NONE),
86      fallback_scsv_enabled(false),
87      staple_ocsp_response(false),
88      enable_npn(false) {}
89
90BaseTestServer::SSLOptions::~SSLOptions() {}
91
92base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {
93  switch (server_certificate) {
94    case CERT_OK:
95    case CERT_MISMATCHED_NAME:
96      return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
97    case CERT_EXPIRED:
98      return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
99    case CERT_CHAIN_WRONG_ROOT:
100      // This chain uses its own dedicated test root certificate to avoid
101      // side-effects that may affect testing.
102      return base::FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem"));
103    case CERT_AUTO:
104      return base::FilePath();
105    default:
106      NOTREACHED();
107  }
108  return base::FilePath();
109}
110
111std::string BaseTestServer::SSLOptions::GetOCSPArgument() const {
112  if (server_certificate != CERT_AUTO)
113    return std::string();
114
115  switch (ocsp_status) {
116    case OCSP_OK:
117      return "ok";
118    case OCSP_REVOKED:
119      return "revoked";
120    case OCSP_INVALID:
121      return "invalid";
122    case OCSP_UNAUTHORIZED:
123      return "unauthorized";
124    case OCSP_UNKNOWN:
125      return "unknown";
126    default:
127      NOTREACHED();
128      return std::string();
129  }
130}
131
132const char BaseTestServer::kLocalhost[] = "127.0.0.1";
133
134BaseTestServer::BaseTestServer(Type type, const std::string& host)
135    : type_(type),
136      started_(false),
137      log_to_console_(false) {
138  Init(host);
139}
140
141BaseTestServer::BaseTestServer(Type type, const SSLOptions& ssl_options)
142    : ssl_options_(ssl_options),
143      type_(type),
144      started_(false),
145      log_to_console_(false) {
146  DCHECK(UsingSSL(type));
147  Init(GetHostname(type, ssl_options));
148}
149
150BaseTestServer::~BaseTestServer() {}
151
152const HostPortPair& BaseTestServer::host_port_pair() const {
153  DCHECK(started_);
154  return host_port_pair_;
155}
156
157const base::DictionaryValue& BaseTestServer::server_data() const {
158  DCHECK(started_);
159  DCHECK(server_data_.get());
160  return *server_data_;
161}
162
163std::string BaseTestServer::GetScheme() const {
164  switch (type_) {
165    case TYPE_FTP:
166      return "ftp";
167    case TYPE_HTTP:
168      return "http";
169    case TYPE_HTTPS:
170      return "https";
171    case TYPE_WS:
172      return "ws";
173    case TYPE_WSS:
174      return "wss";
175    case TYPE_TCP_ECHO:
176    case TYPE_UDP_ECHO:
177    default:
178      NOTREACHED();
179  }
180  return std::string();
181}
182
183bool BaseTestServer::GetAddressList(AddressList* address_list) const {
184  DCHECK(address_list);
185
186  scoped_ptr<HostResolver> resolver(HostResolver::CreateDefaultResolver(NULL));
187  HostResolver::RequestInfo info(host_port_pair_);
188  TestCompletionCallback callback;
189  int rv = resolver->Resolve(info,
190                             DEFAULT_PRIORITY,
191                             address_list,
192                             callback.callback(),
193                             NULL,
194                             BoundNetLog());
195  if (rv == ERR_IO_PENDING)
196    rv = callback.WaitForResult();
197  if (rv != net::OK) {
198    LOG(ERROR) << "Failed to resolve hostname: " << host_port_pair_.host();
199    return false;
200  }
201  return true;
202}
203
204uint16 BaseTestServer::GetPort() {
205  return host_port_pair_.port();
206}
207
208void BaseTestServer::SetPort(uint16 port) {
209  host_port_pair_.set_port(port);
210}
211
212GURL BaseTestServer::GetURL(const std::string& path) const {
213  return GURL(GetScheme() + "://" + host_port_pair_.ToString() + "/" + path);
214}
215
216GURL BaseTestServer::GetURLWithUser(const std::string& path,
217                                const std::string& user) const {
218  return GURL(GetScheme() + "://" + user + "@" + host_port_pair_.ToString() +
219              "/" + path);
220}
221
222GURL BaseTestServer::GetURLWithUserAndPassword(const std::string& path,
223                                           const std::string& user,
224                                           const std::string& password) const {
225  return GURL(GetScheme() + "://" + user + ":" + password + "@" +
226              host_port_pair_.ToString() + "/" + path);
227}
228
229// static
230bool BaseTestServer::GetFilePathWithReplacements(
231    const std::string& original_file_path,
232    const std::vector<StringPair>& text_to_replace,
233    std::string* replacement_path) {
234  std::string new_file_path = original_file_path;
235  bool first_query_parameter = true;
236  const std::vector<StringPair>::const_iterator end = text_to_replace.end();
237  for (std::vector<StringPair>::const_iterator it = text_to_replace.begin();
238       it != end;
239       ++it) {
240    const std::string& old_text = it->first;
241    const std::string& new_text = it->second;
242    std::string base64_old;
243    std::string base64_new;
244    base::Base64Encode(old_text, &base64_old);
245    base::Base64Encode(new_text, &base64_new);
246    if (first_query_parameter) {
247      new_file_path += "?";
248      first_query_parameter = false;
249    } else {
250      new_file_path += "&";
251    }
252    new_file_path += "replace_text=";
253    new_file_path += base64_old;
254    new_file_path += ":";
255    new_file_path += base64_new;
256  }
257
258  *replacement_path = new_file_path;
259  return true;
260}
261
262void BaseTestServer::Init(const std::string& host) {
263  host_port_pair_ = HostPortPair(host, 0);
264
265  // TODO(battre) Remove this after figuring out why the TestServer is flaky.
266  // http://crbug.com/96594
267  log_to_console_ = true;
268}
269
270void BaseTestServer::SetResourcePath(const base::FilePath& document_root,
271                                     const base::FilePath& certificates_dir) {
272  // This method shouldn't get called twice.
273  DCHECK(certificates_dir_.empty());
274  document_root_ = document_root;
275  certificates_dir_ = certificates_dir;
276  DCHECK(!certificates_dir_.empty());
277}
278
279bool BaseTestServer::ParseServerData(const std::string& server_data) {
280  VLOG(1) << "Server data: " << server_data;
281  base::JSONReader json_reader;
282  scoped_ptr<base::Value> value(json_reader.ReadToValue(server_data));
283  if (!value.get() || !value->IsType(base::Value::TYPE_DICTIONARY)) {
284    LOG(ERROR) << "Could not parse server data: "
285               << json_reader.GetErrorMessage();
286    return false;
287  }
288
289  server_data_.reset(static_cast<base::DictionaryValue*>(value.release()));
290  int port = 0;
291  if (!server_data_->GetInteger("port", &port)) {
292    LOG(ERROR) << "Could not find port value";
293    return false;
294  }
295  if ((port <= 0) || (port > kuint16max)) {
296    LOG(ERROR) << "Invalid port value: " << port;
297    return false;
298  }
299  host_port_pair_.set_port(port);
300
301  return true;
302}
303
304bool BaseTestServer::LoadTestRootCert() const {
305  TestRootCerts* root_certs = TestRootCerts::GetInstance();
306  if (!root_certs)
307    return false;
308
309  // Should always use absolute path to load the root certificate.
310  base::FilePath root_certificate_path = certificates_dir_;
311  if (!certificates_dir_.IsAbsolute()) {
312    base::FilePath src_dir;
313    if (!PathService::Get(base::DIR_SOURCE_ROOT, &src_dir))
314      return false;
315    root_certificate_path = src_dir.Append(certificates_dir_);
316  }
317
318  return root_certs->AddFromFile(
319      root_certificate_path.AppendASCII("root_ca_cert.pem"));
320}
321
322bool BaseTestServer::SetupWhenServerStarted() {
323  DCHECK(host_port_pair_.port());
324
325  if (UsingSSL(type_) && !LoadTestRootCert())
326      return false;
327
328  started_ = true;
329  allowed_port_.reset(new ScopedPortException(host_port_pair_.port()));
330  return true;
331}
332
333void BaseTestServer::CleanUpWhenStoppingServer() {
334  TestRootCerts* root_certs = TestRootCerts::GetInstance();
335  root_certs->Clear();
336
337  host_port_pair_.set_port(0);
338  allowed_port_.reset();
339  started_ = false;
340}
341
342// Generates a dictionary of arguments to pass to the Python test server via
343// the test server spawner, in the form of
344// { argument-name: argument-value, ... }
345// Returns false if an invalid configuration is specified.
346bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const {
347  DCHECK(arguments);
348
349  arguments->SetString("host", host_port_pair_.host());
350  arguments->SetInteger("port", host_port_pair_.port());
351  arguments->SetString("data-dir", document_root_.value());
352
353  if (VLOG_IS_ON(1) || log_to_console_)
354    arguments->Set("log-to-console", base::Value::CreateNullValue());
355
356  if (UsingSSL(type_)) {
357    // Check the certificate arguments of the HTTPS server.
358    base::FilePath certificate_path(certificates_dir_);
359    base::FilePath certificate_file(ssl_options_.GetCertificateFile());
360    if (!certificate_file.value().empty()) {
361      certificate_path = certificate_path.Append(certificate_file);
362      if (certificate_path.IsAbsolute() &&
363          !base::PathExists(certificate_path)) {
364        LOG(ERROR) << "Certificate path " << certificate_path.value()
365                   << " doesn't exist. Can't launch https server.";
366        return false;
367      }
368      arguments->SetString("cert-and-key-file", certificate_path.value());
369    }
370
371    // Check the client certificate related arguments.
372    if (ssl_options_.request_client_certificate)
373      arguments->Set("ssl-client-auth", base::Value::CreateNullValue());
374    scoped_ptr<base::ListValue> ssl_client_certs(new base::ListValue());
375
376    std::vector<base::FilePath>::const_iterator it;
377    for (it = ssl_options_.client_authorities.begin();
378         it != ssl_options_.client_authorities.end(); ++it) {
379      if (it->IsAbsolute() && !base::PathExists(*it)) {
380        LOG(ERROR) << "Client authority path " << it->value()
381                   << " doesn't exist. Can't launch https server.";
382        return false;
383      }
384      ssl_client_certs->Append(new base::StringValue(it->value()));
385    }
386
387    if (ssl_client_certs->GetSize())
388      arguments->Set("ssl-client-ca", ssl_client_certs.release());
389  }
390
391  if (type_ == TYPE_HTTPS) {
392    arguments->Set("https", base::Value::CreateNullValue());
393
394    std::string ocsp_arg = ssl_options_.GetOCSPArgument();
395    if (!ocsp_arg.empty())
396      arguments->SetString("ocsp", ocsp_arg);
397
398    if (ssl_options_.cert_serial != 0) {
399      arguments->Set("cert-serial",
400                     base::Value::CreateIntegerValue(ssl_options_.cert_serial));
401    }
402
403    // Check key exchange argument.
404    scoped_ptr<base::ListValue> key_exchange_values(new base::ListValue());
405    GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get());
406    if (key_exchange_values->GetSize())
407      arguments->Set("ssl-key-exchange", key_exchange_values.release());
408    // Check bulk cipher argument.
409    scoped_ptr<base::ListValue> bulk_cipher_values(new base::ListValue());
410    GetCiphersList(ssl_options_.bulk_ciphers, bulk_cipher_values.get());
411    if (bulk_cipher_values->GetSize())
412      arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release());
413    if (ssl_options_.record_resume)
414      arguments->Set("https-record-resume", base::Value::CreateNullValue());
415    if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) {
416      arguments->Set("tls-intolerant",
417                     new base::FundamentalValue(ssl_options_.tls_intolerant));
418    }
419    if (ssl_options_.fallback_scsv_enabled)
420      arguments->Set("fallback-scsv", base::Value::CreateNullValue());
421    if (!ssl_options_.signed_cert_timestamps_tls_ext.empty()) {
422      std::string b64_scts_tls_ext;
423      base::Base64Encode(ssl_options_.signed_cert_timestamps_tls_ext,
424                         &b64_scts_tls_ext);
425      arguments->SetString("signed-cert-timestamps-tls-ext", b64_scts_tls_ext);
426    }
427    if (ssl_options_.staple_ocsp_response)
428      arguments->Set("staple-ocsp-response", base::Value::CreateNullValue());
429    if (ssl_options_.enable_npn)
430      arguments->Set("enable-npn", base::Value::CreateNullValue());
431  }
432
433  return GenerateAdditionalArguments(arguments);
434}
435
436bool BaseTestServer::GenerateAdditionalArguments(
437    base::DictionaryValue* arguments) const {
438  return true;
439}
440
441}  // namespace net
442