// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
+#include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h"
+
#include <stdint.h>
#include "base/command_line.h"
#include "chrome/browser/browsing_data/browsing_data_remover.h"
#include "chrome/browser/browsing_data/browsing_data_remover_test_util.h"
#include "chrome/browser/profiles/profile.h"
-#include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h"
#include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
const char kGoogleHost[] = "google.com";
const char kExampleHost[] = "example.com";
-const char* kForgetAtSessionEnd = "-1";
-const char* kForgetInstantly = "0";
-const char* kDeltaSecondsString = "86400";
+const char kForgetAtSessionEnd[] = "-1";
+const char kForgetInstantly[] = "0";
+const char kDeltaSecondsString[] = "86400";
const uint64_t kDeltaOneDayInSeconds = UINT64_C(86400);
scoped_refptr<net::X509Certificate> GetGoogleCert() {
content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate();
bool unused_value;
- // Verifying that all three of the certs we will be looking at are unknown
+ // Verifying that all three of the certs we will be looking at are denied
// before any action has been taken.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kExampleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
// Simulate a user decision to allow an invalid certificate exception for
// kWWWGoogleHost.
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
// Verify that only kWWWGoogleHost is allowed and that the other two certs
- // being tested still have no decision associated with them.
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ // being tested still are denied.
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kExampleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
// Simulate a user decision to allow an invalid certificate exception for
// kExampleHost.
state->AllowCert(
- kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ kExampleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
// Verify that both kWWWGoogleHost and kExampleHost have allow exceptions
- // while kGoogleHost still has no associated decision.
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ // while kGoogleHost still is denied.
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kExampleHost,
- google_cert.get(),
- net::CERT_STATUS_DATE_INVALID,
- &unused_value));
-
- // Simulate a user decision to deny an invalid certificate for kExampleHost.
- state->DenyCert(
- kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
-
- // Verify that kWWWGoogleHost is allowed and kExampleHost is denied while
- // kGoogleHost still has no associated decision.
- EXPECT_EQ(net::CertPolicy::ALLOWED,
- state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
- net::CERT_STATUS_DATE_INVALID,
- &unused_value));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
- state->QueryPolicy(kGoogleHost,
- google_cert.get(),
- net::CERT_STATUS_DATE_INVALID,
- &unused_value));
- EXPECT_EQ(net::CertPolicy::DENIED,
- state->QueryPolicy(kExampleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
// HasPolicyAndRevoke unit tests the expected behavior of calling
-// HasUserDecision before and after calling RevokeUserDecisions on the
+// HasAllowException before and after calling RevokeUserAllowExceptions on the
// SSLHostStateDelegate class.
IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) {
scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert();
// Simulate a user decision to allow an invalid certificate exception for
// kWWWGoogleHost and for kExampleHost.
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
state->AllowCert(
- kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
-
- // Verify that HasUserDecision correctly acknowledges that a user decision has
- // been made about kWWWGoogleHost. Then verify that HasUserDecision correctly
- // identifies that the decision has been revoked.
- EXPECT_TRUE(state->HasUserDecision(kWWWGoogleHost));
- state->RevokeUserDecisions(kWWWGoogleHost);
- EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ kExampleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+
+ // Verify that HasAllowException correctly acknowledges that a user decision
+ // has been made about kWWWGoogleHost. Then verify that HasAllowException
+ // correctly identifies that the decision has been revoked.
+ EXPECT_TRUE(state->HasAllowException(kWWWGoogleHost));
+ state->RevokeUserAllowExceptions(kWWWGoogleHost);
+ EXPECT_FALSE(state->HasAllowException(kWWWGoogleHost));
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
// Verify that the revocation of the kWWWGoogleHost decision does not affect
// the Allow for kExampleHost.
- EXPECT_TRUE(state->HasUserDecision(kExampleHost));
+ EXPECT_TRUE(state->HasAllowException(kExampleHost));
// Verify the revocation of the kWWWGoogleHost decision does not affect the
// non-decision for kGoogleHost. Then verify that a revocation of a URL with
// no decision has no effect.
- EXPECT_FALSE(state->HasUserDecision(kGoogleHost));
- state->RevokeUserDecisions(kGoogleHost);
- EXPECT_FALSE(state->HasUserDecision(kGoogleHost));
+ EXPECT_FALSE(state->HasAllowException(kGoogleHost));
+ state->RevokeUserAllowExceptions(kGoogleHost);
+ EXPECT_FALSE(state->HasAllowException(kGoogleHost));
}
// Clear unit tests the expected behavior of calling Clear to forget all cert
// Simulate a user decision to allow an invalid certificate exception for
// kWWWGoogleHost and for kExampleHost.
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
// Do a full clear, then make sure that both kWWWGoogleHost, which had a
- // decision made, and kExampleHost, which was untouched, are now in a
- // non-decision state.
+ // decision made, and kExampleHost, which was untouched, are now in a denied
+ // state.
state->Clear();
- EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_FALSE(state->HasAllowException(kWWWGoogleHost));
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
- EXPECT_FALSE(state->HasUserDecision(kExampleHost));
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_FALSE(state->HasAllowException(kExampleHost));
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kExampleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
EXPECT_TRUE(state->DidHostRunInsecureContent("example.com", 42));
}
+// QueryPolicyExpired unit tests to make sure that if a certificate decision has
+// expired, the return value from QueryPolicy returns the correct vaule.
+IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, PRE_QueryPolicyExpired) {
+ scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert();
+ content::WebContents* tab =
+ browser()->tab_strip_model()->GetActiveWebContents();
+ Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext());
+ content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate();
+ bool expired_previous_decision;
+
+ // The certificate has never been seen before, so it should be UNKNOWN and
+ // should also indicate that it hasn't expired.
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
+ state->QueryPolicy(kWWWGoogleHost,
+ *google_cert.get(),
+ net::CERT_STATUS_DATE_INVALID,
+ &expired_previous_decision));
+ EXPECT_FALSE(expired_previous_decision);
+
+ // After allowing the certificate, a query should say that it is allowed and
+ // also specify that it hasn't expired.
+ state->AllowCert(
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
+ state->QueryPolicy(kWWWGoogleHost,
+ *google_cert.get(),
+ net::CERT_STATUS_DATE_INVALID,
+ &expired_previous_decision));
+ EXPECT_FALSE(expired_previous_decision);
+}
+
+// Since this is being checked on a browser instance that expires security
+// decisions after restart, the test needs to wait until after a restart to
+// verify that the expiration state is correct.
+IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, QueryPolicyExpired) {
+ scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert();
+ content::WebContents* tab =
+ browser()->tab_strip_model()->GetActiveWebContents();
+ Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext());
+ content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate();
+ bool expired_previous_decision;
+
+ // The browser content has restart thus expiring the user decision made above,
+ // so it should indicate that the certificate and error are DENIED but also
+ // that they expired since the last query.
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
+ state->QueryPolicy(kWWWGoogleHost,
+ *google_cert.get(),
+ net::CERT_STATUS_DATE_INVALID,
+ &expired_previous_decision));
+ EXPECT_TRUE(expired_previous_decision);
+
+ // However, with a new query, it should indicate that no new expiration has
+ // occurred.
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
+ state->QueryPolicy(kWWWGoogleHost,
+ *google_cert.get(),
+ net::CERT_STATUS_DATE_INVALID,
+ &expired_previous_decision));
+ EXPECT_FALSE(expired_previous_decision);
+}
+
// Tests the basic behavior of cert memory in incognito.
class IncognitoSSLHostStateDelegateTest
: public ChromeSSLHostStateDelegateTest {
// Add a cert exception to the profile and then verify that it still exists
// in the incognito profile.
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
scoped_ptr<Profile> incognito(profile->CreateOffTheRecordProfile());
content::SSLHostStateDelegate* incognito_state =
incognito->GetSSLHostStateDelegate();
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
incognito_state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
// error than above thus mapping to a second exception. Also validate that it
// was not added as an exception to the regular profile.
incognito_state->AllowCert(
- kGoogleHost, google_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID);
+ kGoogleHost, *google_cert.get(), net::CERT_STATUS_COMMON_NAME_INVALID);
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_COMMON_NAME_INVALID,
&unused_value));
}
// Verify that the exception added before restart to the regular
// (non-incognito) profile still exists and was not cleared after the
// incognito session ended.
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
// Verify that the exception added before restart to the incognito profile was
// cleared when the incognito session ended.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
incognito_state->QueryPolicy(kGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_COMMON_NAME_INVALID,
&unused_value));
}
bool unused_value;
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate();
bool unused_value;
- // The cert should now be |UNKONWN| because the profile is set to forget cert
+ // The cert should now be |DENIED| because the profile is set to forget cert
// exceptions after session end.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
clock->SetNow(base::Time::NowFromSystemTime());
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
-// Tests to make sure that if the remember value is set to a non-zero value0,
+// Tests to make sure that if the remember value is set to a non-zero value,
// any decisions will be remembered over a restart, but only for the length
// specified.
class RememberSSLHostStateDelegateTest : public ChromeSSLHostStateDelegateTest {
bool unused_value;
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
// This should only pass if the cert was allowed before the test was restart
// and thus has now been rememebered across browser restarts.
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
// Simulate the clock advancing by the specified delta.
clock->Advance(base::TimeDelta::FromSeconds(kDeltaOneDayInSeconds + 1));
- // The cert should now be |UNKONWN| because the specified delta has passed.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ // The cert should now be |DENIED| because the specified delta has passed.
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}
-// QueryPolicyExpired unit tests to make sure that if a certificate decision has
-// expired, the return value from QueryPolicy returns the correct vaule.
+// The same test as ChromeSSLHostStateDelegateTest.QueryPolicyExpired but now
+// applied to a browser context that expires based on time, not restart. This
+// unit tests to make sure that if a certificate decision has expired, the
+// return value from QueryPolicy returns the correct vaule.
IN_PROC_BROWSER_TEST_F(RememberSSLHostStateDelegateTest, QueryPolicyExpired) {
scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert();
content::WebContents* tab =
// The certificate has never been seen before, so it should be UNKONWN and
// should also indicate that it hasn't expired.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&expired_previous_decision));
EXPECT_FALSE(expired_previous_decision);
// After allowing the certificate, a query should say that it is allowed and
// also specify that it hasn't expired.
state->AllowCert(
- kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
- EXPECT_EQ(net::CertPolicy::ALLOWED,
+ kWWWGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ EXPECT_EQ(content::SSLHostStateDelegate::ALLOWED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&expired_previous_decision));
EXPECT_FALSE(expired_previous_decision);
clock->Advance(base::TimeDelta::FromSeconds(kDeltaOneDayInSeconds + 1));
// The decision expiration time has come, so it should indicate that the
- // certificate and error are UNKOWN but also that they expired since the last
+ // certificate and error are DENIED but also that they expired since the last
// query.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&expired_previous_decision));
EXPECT_TRUE(expired_previous_decision);
// However, with a new query, it should indicate that no new expiration has
// occurred.
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kWWWGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&expired_previous_decision));
EXPECT_FALSE(expired_previous_decision);
// Add an exception for an invalid certificate. Then remove the last hour's
// worth of browsing history and verify that the exception has been deleted.
state->AllowCert(
- kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID);
+ kGoogleHost, *google_cert.get(), net::CERT_STATUS_DATE_INVALID);
RemoveAndWait(profile);
- EXPECT_EQ(net::CertPolicy::UNKNOWN,
+ EXPECT_EQ(content::SSLHostStateDelegate::DENIED,
state->QueryPolicy(kGoogleHost,
- google_cert.get(),
+ *google_cert.get(),
net::CERT_STATUS_DATE_INVALID,
&unused_value));
}