base_test_server.h revision a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7 
1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_
6#define NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_
7
8#include <string>
9#include <utility>
10#include <vector>
11
12#include "base/compiler_specific.h"
13#include "base/files/file_path.h"
14#include "base/memory/scoped_ptr.h"
15#include "net/base/host_port_pair.h"
16
17class GURL;
18
19namespace base {
20class DictionaryValue;
21}
22
23namespace net {
24
25class AddressList;
26class ScopedPortException;
27
28// The base class of Test server implementation.
29class BaseTestServer {
30 public:
31  typedef std::pair<std::string, std::string> StringPair;
32
33  // Following types represent protocol schemes. See also
34  // http://www.iana.org/assignments/uri-schemes.html
35  enum Type {
36    TYPE_BASIC_AUTH_PROXY,
37    TYPE_FTP,
38    TYPE_HTTP,
39    TYPE_HTTPS,
40    TYPE_WS,
41    TYPE_WSS,
42    TYPE_TCP_ECHO,
43    TYPE_UDP_ECHO,
44  };
45
46  // Container for various options to control how the HTTPS or WSS server is
47  // initialized.
48  struct SSLOptions {
49    enum ServerCertificate {
50      CERT_OK,
51
52      // CERT_AUTO causes the testserver to generate a test certificate issued
53      // by "Testing CA" (see net/data/ssl/certificates/ocsp-test-root.pem).
54      CERT_AUTO,
55
56      CERT_MISMATCHED_NAME,
57      CERT_EXPIRED,
58      // Cross-signed certificate to test PKIX path building. Contains an
59      // intermediate cross-signed by an unknown root, while the client (via
60      // TestRootStore) is expected to have a self-signed version of the
61      // intermediate.
62      CERT_CHAIN_WRONG_ROOT,
63    };
64
65    // OCSPStatus enumerates the types of OCSP response that the testserver
66    // can produce.
67    enum OCSPStatus {
68      OCSP_OK,
69      OCSP_REVOKED,
70      OCSP_INVALID,
71      OCSP_UNAUTHORIZED,
72      OCSP_UNKNOWN,
73    };
74
75    // Bitmask of bulk encryption algorithms that the test server supports
76    // and that can be selectively enabled or disabled.
77    enum BulkCipher {
78      // Special value used to indicate that any algorithm the server supports
79      // is acceptable. Preferred over explicitly OR-ing all ciphers.
80      BULK_CIPHER_ANY    = 0,
81
82      BULK_CIPHER_RC4    = (1 << 0),
83      BULK_CIPHER_AES128 = (1 << 1),
84      BULK_CIPHER_AES256 = (1 << 2),
85
86      // NOTE: 3DES support in the Python test server has external
87      // dependencies and not be available on all machines. Clients may not
88      // be able to connect if only 3DES is specified.
89      BULK_CIPHER_3DES   = (1 << 3),
90    };
91
92    // NOTE: the values of these enumerators are passed to the the Python test
93    // server. Do not change them.
94    enum TLSIntolerantLevel {
95      TLS_INTOLERANT_NONE = 0,
96      TLS_INTOLERANT_ALL = 1,  // Intolerant of all TLS versions.
97      TLS_INTOLERANT_TLS1_1 = 2,  // Intolerant of TLS 1.1 or higher.
98      TLS_INTOLERANT_TLS1_2 = 3,  // Intolerant of TLS 1.2 or higher.
99    };
100
101    // Initialize a new SSLOptions using CERT_OK as the certificate.
102    SSLOptions();
103
104    // Initialize a new SSLOptions that will use the specified certificate.
105    explicit SSLOptions(ServerCertificate cert);
106    ~SSLOptions();
107
108    // Returns the relative filename of the file that contains the
109    // |server_certificate|.
110    base::FilePath GetCertificateFile() const;
111
112    // GetOCSPArgument returns the value of any OCSP argument to testserver or
113    // the empty string if there is none.
114    std::string GetOCSPArgument() const;
115
116    // The certificate to use when serving requests.
117    ServerCertificate server_certificate;
118
119    // If |server_certificate==CERT_AUTO| then this determines the type of OCSP
120    // response returned.
121    OCSPStatus ocsp_status;
122
123    // If not zero, |cert_serial| will be the serial number of the
124    // auto-generated leaf certificate when |server_certificate==CERT_AUTO|.
125    uint64 cert_serial;
126
127    // True if a CertificateRequest should be sent to the client during
128    // handshaking.
129    bool request_client_certificate;
130
131    // If |request_client_certificate| is true, an optional list of files,
132    // each containing a single, PEM-encoded X.509 certificates. The subject
133    // from each certificate will be added to the certificate_authorities
134    // field of the CertificateRequest.
135    std::vector<base::FilePath> client_authorities;
136
137    // A bitwise-OR of BulkCipher that should be used by the
138    // HTTPS server, or BULK_CIPHER_ANY to indicate that all implemented
139    // ciphers are acceptable.
140    int bulk_ciphers;
141
142    // If true, pass the --https-record-resume argument to testserver.py which
143    // causes it to log session cache actions and echo the log on
144    // /ssl-session-cache.
145    bool record_resume;
146
147    // If not TLS_INTOLERANT_NONE, the server will abort any handshake that
148    // negotiates an intolerant TLS version in order to test version fallback.
149    TLSIntolerantLevel tls_intolerant;
150
151    // (Fake) SignedCertificateTimestampList (as a raw binary string) to send in
152    // a TLS extension.
153    // Temporary glue for testing: validation of SCTs is application-controlled
154    // and can be appropriately mocked out, so sending fake data here does not
155    // affect handshaking behaviour.
156    // TODO(ekasper): replace with valid SCT files for test certs.
157    std::string signed_cert_timestamps;
158  };
159
160  // Pass as the 'host' parameter during construction to server on 127.0.0.1
161  static const char kLocalhost[];
162
163  // Initialize a TestServer listening on a specific host (IP or hostname).
164  BaseTestServer(Type type,  const std::string& host);
165
166  // Initialize a TestServer with a specific set of SSLOptions for HTTPS or WSS.
167  explicit BaseTestServer(Type type, const SSLOptions& ssl_options);
168
169  // Returns the host port pair used by current Python based test server only
170  // if the server is started.
171  const HostPortPair& host_port_pair() const;
172
173  const base::FilePath& document_root() const { return document_root_; }
174  const base::DictionaryValue& server_data() const;
175  std::string GetScheme() const;
176  bool GetAddressList(AddressList* address_list) const WARN_UNUSED_RESULT;
177
178  GURL GetURL(const std::string& path) const;
179
180  GURL GetURLWithUser(const std::string& path,
181                      const std::string& user) const;
182
183  GURL GetURLWithUserAndPassword(const std::string& path,
184                                 const std::string& user,
185                                 const std::string& password) const;
186
187  static bool GetFilePathWithReplacements(
188      const std::string& original_path,
189      const std::vector<StringPair>& text_to_replace,
190      std::string* replacement_path);
191
192  static bool UsingSSL(Type type) {
193    return type == BaseTestServer::TYPE_HTTPS ||
194           type == BaseTestServer::TYPE_WSS;
195  }
196
197 protected:
198  virtual ~BaseTestServer();
199  Type type() const { return type_; }
200
201  // Gets port currently assigned to host_port_pair_ without checking
202  // whether it's available (server started) or not.
203  uint16 GetPort();
204
205  // Sets |port| as the actual port used by Python based test server.
206  void SetPort(uint16 port);
207
208  // Set up internal status when the server is started.
209  bool SetupWhenServerStarted() WARN_UNUSED_RESULT;
210
211  // Clean up internal status when starting to stop server.
212  void CleanUpWhenStoppingServer();
213
214  // Set path of test resources.
215  void SetResourcePath(const base::FilePath& document_root,
216                       const base::FilePath& certificates_dir);
217
218  // Parses the server data read from the test server.  Returns true
219  // on success.
220  bool ParseServerData(const std::string& server_data) WARN_UNUSED_RESULT;
221
222  // Generates a DictionaryValue with the arguments for launching the external
223  // Python test server.
224  bool GenerateArguments(base::DictionaryValue* arguments) const
225    WARN_UNUSED_RESULT;
226
227  // Subclasses can override this to add arguments that are specific to their
228  // own test servers.
229  virtual bool GenerateAdditionalArguments(
230      base::DictionaryValue* arguments) const WARN_UNUSED_RESULT;
231
232 private:
233  void Init(const std::string& host);
234
235  // Marks the root certificate of an HTTPS test server as trusted for
236  // the duration of tests.
237  bool LoadTestRootCert() const WARN_UNUSED_RESULT;
238
239  // Document root of the test server.
240  base::FilePath document_root_;
241
242  // Directory that contains the SSL certificates.
243  base::FilePath certificates_dir_;
244
245  // Address the test server listens on.
246  HostPortPair host_port_pair_;
247
248  // Holds the data sent from the server (e.g., port number).
249  scoped_ptr<base::DictionaryValue> server_data_;
250
251  // If |type_| is TYPE_HTTPS or TYPE_WSS, the TLS settings to use for the test
252  // server.
253  SSLOptions ssl_options_;
254
255  Type type_;
256
257  // Has the server been started?
258  bool started_;
259
260  // Enables logging of the server to the console.
261  bool log_to_console_;
262
263  scoped_ptr<ScopedPortException> allowed_port_;
264
265  DISALLOW_COPY_AND_ASSIGN(BaseTestServer);
266};
267
268}  // namespace net
269
270#endif  // NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_
271