base_test_server.cc revision 0529e5d033099cbfc42635f6f6183833b09dff6e
1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/test/spawned_test_server/base_test_server.h" 6 7#include <string> 8#include <vector> 9 10#include "base/base64.h" 11#include "base/file_util.h" 12#include "base/json/json_reader.h" 13#include "base/logging.h" 14#include "base/path_service.h" 15#include "base/values.h" 16#include "net/base/address_list.h" 17#include "net/base/host_port_pair.h" 18#include "net/base/net_errors.h" 19#include "net/base/net_log.h" 20#include "net/base/net_util.h" 21#include "net/base/test_completion_callback.h" 22#include "net/cert/test_root_certs.h" 23#include "net/dns/host_resolver.h" 24#include "url/gurl.h" 25 26namespace net { 27 28namespace { 29 30std::string GetHostname(BaseTestServer::Type type, 31 const BaseTestServer::SSLOptions& options) { 32 if (BaseTestServer::UsingSSL(type) && 33 options.server_certificate == 34 BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) { 35 // Return a different hostname string that resolves to the same hostname. 36 return "localhost"; 37 } 38 39 // Use the 127.0.0.1 as default. 40 return BaseTestServer::kLocalhost; 41} 42 43void GetKeyExchangesList(int key_exchange, base::ListValue* values) { 44 if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_RSA) 45 values->Append(new base::StringValue("rsa")); 46 if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA) 47 values->Append(new base::StringValue("dhe_rsa")); 48} 49 50void GetCiphersList(int cipher, base::ListValue* values) { 51 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_RC4) 52 values->Append(new base::StringValue("rc4")); 53 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES128) 54 values->Append(new base::StringValue("aes128")); 55 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES256) 56 values->Append(new base::StringValue("aes256")); 57 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_3DES) 58 values->Append(new base::StringValue("3des")); 59} 60 61} // namespace 62 63BaseTestServer::SSLOptions::SSLOptions() 64 : server_certificate(CERT_OK), 65 ocsp_status(OCSP_OK), 66 cert_serial(0), 67 request_client_certificate(false), 68 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY), 69 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), 70 record_resume(false), 71 tls_intolerant(TLS_INTOLERANT_NONE), 72 fallback_scsv_enabled(false), 73 staple_ocsp_response(false), 74 enable_npn(false) {} 75 76BaseTestServer::SSLOptions::SSLOptions( 77 BaseTestServer::SSLOptions::ServerCertificate cert) 78 : server_certificate(cert), 79 ocsp_status(OCSP_OK), 80 cert_serial(0), 81 request_client_certificate(false), 82 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY), 83 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), 84 record_resume(false), 85 tls_intolerant(TLS_INTOLERANT_NONE), 86 fallback_scsv_enabled(false), 87 staple_ocsp_response(false), 88 enable_npn(false) {} 89 90BaseTestServer::SSLOptions::~SSLOptions() {} 91 92base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const { 93 switch (server_certificate) { 94 case CERT_OK: 95 case CERT_MISMATCHED_NAME: 96 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem")); 97 case CERT_EXPIRED: 98 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem")); 99 case CERT_CHAIN_WRONG_ROOT: 100 // This chain uses its own dedicated test root certificate to avoid 101 // side-effects that may affect testing. 102 return base::FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem")); 103 case CERT_AUTO: 104 return base::FilePath(); 105 default: 106 NOTREACHED(); 107 } 108 return base::FilePath(); 109} 110 111std::string BaseTestServer::SSLOptions::GetOCSPArgument() const { 112 if (server_certificate != CERT_AUTO) 113 return std::string(); 114 115 switch (ocsp_status) { 116 case OCSP_OK: 117 return "ok"; 118 case OCSP_REVOKED: 119 return "revoked"; 120 case OCSP_INVALID: 121 return "invalid"; 122 case OCSP_UNAUTHORIZED: 123 return "unauthorized"; 124 case OCSP_UNKNOWN: 125 return "unknown"; 126 default: 127 NOTREACHED(); 128 return std::string(); 129 } 130} 131 132const char BaseTestServer::kLocalhost[] = "127.0.0.1"; 133 134BaseTestServer::BaseTestServer(Type type, const std::string& host) 135 : type_(type), 136 started_(false), 137 log_to_console_(false) { 138 Init(host); 139} 140 141BaseTestServer::BaseTestServer(Type type, const SSLOptions& ssl_options) 142 : ssl_options_(ssl_options), 143 type_(type), 144 started_(false), 145 log_to_console_(false) { 146 DCHECK(UsingSSL(type)); 147 Init(GetHostname(type, ssl_options)); 148} 149 150BaseTestServer::~BaseTestServer() {} 151 152const HostPortPair& BaseTestServer::host_port_pair() const { 153 DCHECK(started_); 154 return host_port_pair_; 155} 156 157const base::DictionaryValue& BaseTestServer::server_data() const { 158 DCHECK(started_); 159 DCHECK(server_data_.get()); 160 return *server_data_; 161} 162 163std::string BaseTestServer::GetScheme() const { 164 switch (type_) { 165 case TYPE_FTP: 166 return "ftp"; 167 case TYPE_HTTP: 168 return "http"; 169 case TYPE_HTTPS: 170 return "https"; 171 case TYPE_WS: 172 return "ws"; 173 case TYPE_WSS: 174 return "wss"; 175 case TYPE_TCP_ECHO: 176 case TYPE_UDP_ECHO: 177 default: 178 NOTREACHED(); 179 } 180 return std::string(); 181} 182 183bool BaseTestServer::GetAddressList(AddressList* address_list) const { 184 DCHECK(address_list); 185 186 scoped_ptr<HostResolver> resolver(HostResolver::CreateDefaultResolver(NULL)); 187 HostResolver::RequestInfo info(host_port_pair_); 188 TestCompletionCallback callback; 189 int rv = resolver->Resolve(info, 190 DEFAULT_PRIORITY, 191 address_list, 192 callback.callback(), 193 NULL, 194 BoundNetLog()); 195 if (rv == ERR_IO_PENDING) 196 rv = callback.WaitForResult(); 197 if (rv != net::OK) { 198 LOG(ERROR) << "Failed to resolve hostname: " << host_port_pair_.host(); 199 return false; 200 } 201 return true; 202} 203 204uint16 BaseTestServer::GetPort() { 205 return host_port_pair_.port(); 206} 207 208void BaseTestServer::SetPort(uint16 port) { 209 host_port_pair_.set_port(port); 210} 211 212GURL BaseTestServer::GetURL(const std::string& path) const { 213 return GURL(GetScheme() + "://" + host_port_pair_.ToString() + "/" + path); 214} 215 216GURL BaseTestServer::GetURLWithUser(const std::string& path, 217 const std::string& user) const { 218 return GURL(GetScheme() + "://" + user + "@" + host_port_pair_.ToString() + 219 "/" + path); 220} 221 222GURL BaseTestServer::GetURLWithUserAndPassword(const std::string& path, 223 const std::string& user, 224 const std::string& password) const { 225 return GURL(GetScheme() + "://" + user + ":" + password + "@" + 226 host_port_pair_.ToString() + "/" + path); 227} 228 229// static 230bool BaseTestServer::GetFilePathWithReplacements( 231 const std::string& original_file_path, 232 const std::vector<StringPair>& text_to_replace, 233 std::string* replacement_path) { 234 std::string new_file_path = original_file_path; 235 bool first_query_parameter = true; 236 const std::vector<StringPair>::const_iterator end = text_to_replace.end(); 237 for (std::vector<StringPair>::const_iterator it = text_to_replace.begin(); 238 it != end; 239 ++it) { 240 const std::string& old_text = it->first; 241 const std::string& new_text = it->second; 242 std::string base64_old; 243 std::string base64_new; 244 base::Base64Encode(old_text, &base64_old); 245 base::Base64Encode(new_text, &base64_new); 246 if (first_query_parameter) { 247 new_file_path += "?"; 248 first_query_parameter = false; 249 } else { 250 new_file_path += "&"; 251 } 252 new_file_path += "replace_text="; 253 new_file_path += base64_old; 254 new_file_path += ":"; 255 new_file_path += base64_new; 256 } 257 258 *replacement_path = new_file_path; 259 return true; 260} 261 262void BaseTestServer::Init(const std::string& host) { 263 host_port_pair_ = HostPortPair(host, 0); 264 265 // TODO(battre) Remove this after figuring out why the TestServer is flaky. 266 // http://crbug.com/96594 267 log_to_console_ = true; 268} 269 270void BaseTestServer::SetResourcePath(const base::FilePath& document_root, 271 const base::FilePath& certificates_dir) { 272 // This method shouldn't get called twice. 273 DCHECK(certificates_dir_.empty()); 274 document_root_ = document_root; 275 certificates_dir_ = certificates_dir; 276 DCHECK(!certificates_dir_.empty()); 277} 278 279bool BaseTestServer::ParseServerData(const std::string& server_data) { 280 VLOG(1) << "Server data: " << server_data; 281 base::JSONReader json_reader; 282 scoped_ptr<base::Value> value(json_reader.ReadToValue(server_data)); 283 if (!value.get() || !value->IsType(base::Value::TYPE_DICTIONARY)) { 284 LOG(ERROR) << "Could not parse server data: " 285 << json_reader.GetErrorMessage(); 286 return false; 287 } 288 289 server_data_.reset(static_cast<base::DictionaryValue*>(value.release())); 290 int port = 0; 291 if (!server_data_->GetInteger("port", &port)) { 292 LOG(ERROR) << "Could not find port value"; 293 return false; 294 } 295 if ((port <= 0) || (port > kuint16max)) { 296 LOG(ERROR) << "Invalid port value: " << port; 297 return false; 298 } 299 host_port_pair_.set_port(port); 300 301 return true; 302} 303 304bool BaseTestServer::LoadTestRootCert() const { 305 TestRootCerts* root_certs = TestRootCerts::GetInstance(); 306 if (!root_certs) 307 return false; 308 309 // Should always use absolute path to load the root certificate. 310 base::FilePath root_certificate_path = certificates_dir_; 311 if (!certificates_dir_.IsAbsolute()) { 312 base::FilePath src_dir; 313 if (!PathService::Get(base::DIR_SOURCE_ROOT, &src_dir)) 314 return false; 315 root_certificate_path = src_dir.Append(certificates_dir_); 316 } 317 318 return root_certs->AddFromFile( 319 root_certificate_path.AppendASCII("root_ca_cert.pem")); 320} 321 322bool BaseTestServer::SetupWhenServerStarted() { 323 DCHECK(host_port_pair_.port()); 324 325 if (UsingSSL(type_) && !LoadTestRootCert()) 326 return false; 327 328 started_ = true; 329 allowed_port_.reset(new ScopedPortException(host_port_pair_.port())); 330 return true; 331} 332 333void BaseTestServer::CleanUpWhenStoppingServer() { 334 TestRootCerts* root_certs = TestRootCerts::GetInstance(); 335 root_certs->Clear(); 336 337 host_port_pair_.set_port(0); 338 allowed_port_.reset(); 339 started_ = false; 340} 341 342// Generates a dictionary of arguments to pass to the Python test server via 343// the test server spawner, in the form of 344// { argument-name: argument-value, ... } 345// Returns false if an invalid configuration is specified. 346bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const { 347 DCHECK(arguments); 348 349 arguments->SetString("host", host_port_pair_.host()); 350 arguments->SetInteger("port", host_port_pair_.port()); 351 arguments->SetString("data-dir", document_root_.value()); 352 353 if (VLOG_IS_ON(1) || log_to_console_) 354 arguments->Set("log-to-console", base::Value::CreateNullValue()); 355 356 if (UsingSSL(type_)) { 357 // Check the certificate arguments of the HTTPS server. 358 base::FilePath certificate_path(certificates_dir_); 359 base::FilePath certificate_file(ssl_options_.GetCertificateFile()); 360 if (!certificate_file.value().empty()) { 361 certificate_path = certificate_path.Append(certificate_file); 362 if (certificate_path.IsAbsolute() && 363 !base::PathExists(certificate_path)) { 364 LOG(ERROR) << "Certificate path " << certificate_path.value() 365 << " doesn't exist. Can't launch https server."; 366 return false; 367 } 368 arguments->SetString("cert-and-key-file", certificate_path.value()); 369 } 370 371 // Check the client certificate related arguments. 372 if (ssl_options_.request_client_certificate) 373 arguments->Set("ssl-client-auth", base::Value::CreateNullValue()); 374 scoped_ptr<base::ListValue> ssl_client_certs(new base::ListValue()); 375 376 std::vector<base::FilePath>::const_iterator it; 377 for (it = ssl_options_.client_authorities.begin(); 378 it != ssl_options_.client_authorities.end(); ++it) { 379 if (it->IsAbsolute() && !base::PathExists(*it)) { 380 LOG(ERROR) << "Client authority path " << it->value() 381 << " doesn't exist. Can't launch https server."; 382 return false; 383 } 384 ssl_client_certs->Append(new base::StringValue(it->value())); 385 } 386 387 if (ssl_client_certs->GetSize()) 388 arguments->Set("ssl-client-ca", ssl_client_certs.release()); 389 } 390 391 if (type_ == TYPE_HTTPS) { 392 arguments->Set("https", base::Value::CreateNullValue()); 393 394 std::string ocsp_arg = ssl_options_.GetOCSPArgument(); 395 if (!ocsp_arg.empty()) 396 arguments->SetString("ocsp", ocsp_arg); 397 398 if (ssl_options_.cert_serial != 0) { 399 arguments->Set("cert-serial", 400 base::Value::CreateIntegerValue(ssl_options_.cert_serial)); 401 } 402 403 // Check key exchange argument. 404 scoped_ptr<base::ListValue> key_exchange_values(new base::ListValue()); 405 GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get()); 406 if (key_exchange_values->GetSize()) 407 arguments->Set("ssl-key-exchange", key_exchange_values.release()); 408 // Check bulk cipher argument. 409 scoped_ptr<base::ListValue> bulk_cipher_values(new base::ListValue()); 410 GetCiphersList(ssl_options_.bulk_ciphers, bulk_cipher_values.get()); 411 if (bulk_cipher_values->GetSize()) 412 arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release()); 413 if (ssl_options_.record_resume) 414 arguments->Set("https-record-resume", base::Value::CreateNullValue()); 415 if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) { 416 arguments->Set("tls-intolerant", 417 new base::FundamentalValue(ssl_options_.tls_intolerant)); 418 } 419 if (ssl_options_.fallback_scsv_enabled) 420 arguments->Set("fallback-scsv", base::Value::CreateNullValue()); 421 if (!ssl_options_.signed_cert_timestamps_tls_ext.empty()) { 422 std::string b64_scts_tls_ext; 423 base::Base64Encode(ssl_options_.signed_cert_timestamps_tls_ext, 424 &b64_scts_tls_ext); 425 arguments->SetString("signed-cert-timestamps-tls-ext", b64_scts_tls_ext); 426 } 427 if (ssl_options_.staple_ocsp_response) 428 arguments->Set("staple-ocsp-response", base::Value::CreateNullValue()); 429 if (ssl_options_.enable_npn) 430 arguments->Set("enable-npn", base::Value::CreateNullValue()); 431 } 432 433 return GenerateAdditionalArguments(arguments); 434} 435 436bool BaseTestServer::GenerateAdditionalArguments( 437 base::DictionaryValue* arguments) const { 438 return true; 439} 440 441} // namespace net 442