1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/test/spawned_test_server/base_test_server.h"
10 #include "base/base64.h"
11 #include "base/file_util.h"
12 #include "base/json/json_reader.h"
13 #include "base/logging.h"
14 #include "base/path_service.h"
15 #include "base/values.h"
16 #include "net/base/address_list.h"
17 #include "net/base/host_port_pair.h"
18 #include "net/base/net_errors.h"
19 #include "net/base/net_log.h"
20 #include "net/base/net_util.h"
21 #include "net/base/test_completion_callback.h"
22 #include "net/cert/test_root_certs.h"
23 #include "net/dns/host_resolver.h"
30 std::string GetHostname(BaseTestServer::Type type,
31 const BaseTestServer::SSLOptions& options) {
32 if (BaseTestServer::UsingSSL(type) &&
33 options.server_certificate ==
34 BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) {
35 // Return a different hostname string that resolves to the same hostname.
39 // Use the 127.0.0.1 as default.
40 return BaseTestServer::kLocalhost;
43 void GetKeyExchangesList(int key_exchange, base::ListValue* values) {
44 if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_RSA)
45 values->Append(new base::StringValue("rsa"));
46 if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA)
47 values->Append(new base::StringValue("dhe_rsa"));
50 void GetCiphersList(int cipher, base::ListValue* values) {
51 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_RC4)
52 values->Append(new base::StringValue("rc4"));
53 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES128)
54 values->Append(new base::StringValue("aes128"));
55 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES256)
56 values->Append(new base::StringValue("aes256"));
57 if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_3DES)
58 values->Append(new base::StringValue("3des"));
63 BaseTestServer::SSLOptions::SSLOptions()
64 : server_certificate(CERT_OK),
67 request_client_certificate(false),
68 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
69 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
71 tls_intolerant(TLS_INTOLERANT_NONE),
72 fallback_scsv_enabled(false),
73 staple_ocsp_response(false),
76 BaseTestServer::SSLOptions::SSLOptions(
77 BaseTestServer::SSLOptions::ServerCertificate cert)
78 : server_certificate(cert),
81 request_client_certificate(false),
82 key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
83 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
85 tls_intolerant(TLS_INTOLERANT_NONE),
86 fallback_scsv_enabled(false),
87 staple_ocsp_response(false),
90 BaseTestServer::SSLOptions::~SSLOptions() {}
92 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {
93 switch (server_certificate) {
95 case CERT_MISMATCHED_NAME:
96 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
98 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
99 case CERT_CHAIN_WRONG_ROOT:
100 // This chain uses its own dedicated test root certificate to avoid
101 // side-effects that may affect testing.
102 return base::FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem"));
104 return base::FilePath();
108 return base::FilePath();
111 std::string BaseTestServer::SSLOptions::GetOCSPArgument() const {
112 if (server_certificate != CERT_AUTO)
113 return std::string();
115 switch (ocsp_status) {
122 case OCSP_UNAUTHORIZED:
123 return "unauthorized";
128 return std::string();
132 const char BaseTestServer::kLocalhost[] = "127.0.0.1";
134 BaseTestServer::BaseTestServer(Type type, const std::string& host)
137 log_to_console_(false) {
141 BaseTestServer::BaseTestServer(Type type, const SSLOptions& ssl_options)
142 : ssl_options_(ssl_options),
145 log_to_console_(false) {
146 DCHECK(UsingSSL(type));
147 Init(GetHostname(type, ssl_options));
150 BaseTestServer::~BaseTestServer() {}
152 const HostPortPair& BaseTestServer::host_port_pair() const {
154 return host_port_pair_;
157 const base::DictionaryValue& BaseTestServer::server_data() const {
159 DCHECK(server_data_.get());
160 return *server_data_;
163 std::string BaseTestServer::GetScheme() const {
180 return std::string();
183 bool BaseTestServer::GetAddressList(AddressList* address_list) const {
184 DCHECK(address_list);
186 scoped_ptr<HostResolver> resolver(HostResolver::CreateDefaultResolver(NULL));
187 HostResolver::RequestInfo info(host_port_pair_);
188 TestCompletionCallback callback;
189 int rv = resolver->Resolve(info,
195 if (rv == ERR_IO_PENDING)
196 rv = callback.WaitForResult();
198 LOG(ERROR) << "Failed to resolve hostname: " << host_port_pair_.host();
204 uint16 BaseTestServer::GetPort() {
205 return host_port_pair_.port();
208 void BaseTestServer::SetPort(uint16 port) {
209 host_port_pair_.set_port(port);
212 GURL BaseTestServer::GetURL(const std::string& path) const {
213 return GURL(GetScheme() + "://" + host_port_pair_.ToString() + "/" + path);
216 GURL BaseTestServer::GetURLWithUser(const std::string& path,
217 const std::string& user) const {
218 return GURL(GetScheme() + "://" + user + "@" + host_port_pair_.ToString() +
222 GURL BaseTestServer::GetURLWithUserAndPassword(const std::string& path,
223 const std::string& user,
224 const std::string& password) const {
225 return GURL(GetScheme() + "://" + user + ":" + password + "@" +
226 host_port_pair_.ToString() + "/" + path);
230 bool BaseTestServer::GetFilePathWithReplacements(
231 const std::string& original_file_path,
232 const std::vector<StringPair>& text_to_replace,
233 std::string* replacement_path) {
234 std::string new_file_path = original_file_path;
235 bool first_query_parameter = true;
236 const std::vector<StringPair>::const_iterator end = text_to_replace.end();
237 for (std::vector<StringPair>::const_iterator it = text_to_replace.begin();
240 const std::string& old_text = it->first;
241 const std::string& new_text = it->second;
242 std::string base64_old;
243 std::string base64_new;
244 base::Base64Encode(old_text, &base64_old);
245 base::Base64Encode(new_text, &base64_new);
246 if (first_query_parameter) {
247 new_file_path += "?";
248 first_query_parameter = false;
250 new_file_path += "&";
252 new_file_path += "replace_text=";
253 new_file_path += base64_old;
254 new_file_path += ":";
255 new_file_path += base64_new;
258 *replacement_path = new_file_path;
262 void BaseTestServer::Init(const std::string& host) {
263 host_port_pair_ = HostPortPair(host, 0);
265 // TODO(battre) Remove this after figuring out why the TestServer is flaky.
266 // http://crbug.com/96594
267 log_to_console_ = true;
270 void BaseTestServer::SetResourcePath(const base::FilePath& document_root,
271 const base::FilePath& certificates_dir) {
272 // This method shouldn't get called twice.
273 DCHECK(certificates_dir_.empty());
274 document_root_ = document_root;
275 certificates_dir_ = certificates_dir;
276 DCHECK(!certificates_dir_.empty());
279 bool BaseTestServer::ParseServerData(const std::string& server_data) {
280 VLOG(1) << "Server data: " << server_data;
281 base::JSONReader json_reader;
282 scoped_ptr<base::Value> value(json_reader.ReadToValue(server_data));
283 if (!value.get() || !value->IsType(base::Value::TYPE_DICTIONARY)) {
284 LOG(ERROR) << "Could not parse server data: "
285 << json_reader.GetErrorMessage();
289 server_data_.reset(static_cast<base::DictionaryValue*>(value.release()));
291 if (!server_data_->GetInteger("port", &port)) {
292 LOG(ERROR) << "Could not find port value";
295 if ((port <= 0) || (port > kuint16max)) {
296 LOG(ERROR) << "Invalid port value: " << port;
299 host_port_pair_.set_port(port);
304 bool BaseTestServer::LoadTestRootCert() const {
305 TestRootCerts* root_certs = TestRootCerts::GetInstance();
309 // Should always use absolute path to load the root certificate.
310 base::FilePath root_certificate_path = certificates_dir_;
311 if (!certificates_dir_.IsAbsolute()) {
312 base::FilePath src_dir;
313 if (!PathService::Get(base::DIR_SOURCE_ROOT, &src_dir))
315 root_certificate_path = src_dir.Append(certificates_dir_);
318 return root_certs->AddFromFile(
319 root_certificate_path.AppendASCII("root_ca_cert.pem"));
322 bool BaseTestServer::SetupWhenServerStarted() {
323 DCHECK(host_port_pair_.port());
325 if (UsingSSL(type_) && !LoadTestRootCert())
329 allowed_port_.reset(new ScopedPortException(host_port_pair_.port()));
333 void BaseTestServer::CleanUpWhenStoppingServer() {
334 TestRootCerts* root_certs = TestRootCerts::GetInstance();
337 host_port_pair_.set_port(0);
338 allowed_port_.reset();
342 // Generates a dictionary of arguments to pass to the Python test server via
343 // the test server spawner, in the form of
344 // { argument-name: argument-value, ... }
345 // Returns false if an invalid configuration is specified.
346 bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const {
349 arguments->SetString("host", host_port_pair_.host());
350 arguments->SetInteger("port", host_port_pair_.port());
351 arguments->SetString("data-dir", document_root_.value());
353 if (VLOG_IS_ON(1) || log_to_console_)
354 arguments->Set("log-to-console", base::Value::CreateNullValue());
356 if (UsingSSL(type_)) {
357 // Check the certificate arguments of the HTTPS server.
358 base::FilePath certificate_path(certificates_dir_);
359 base::FilePath certificate_file(ssl_options_.GetCertificateFile());
360 if (!certificate_file.value().empty()) {
361 certificate_path = certificate_path.Append(certificate_file);
362 if (certificate_path.IsAbsolute() &&
363 !base::PathExists(certificate_path)) {
364 LOG(ERROR) << "Certificate path " << certificate_path.value()
365 << " doesn't exist. Can't launch https server.";
368 arguments->SetString("cert-and-key-file", certificate_path.value());
371 // Check the client certificate related arguments.
372 if (ssl_options_.request_client_certificate)
373 arguments->Set("ssl-client-auth", base::Value::CreateNullValue());
374 scoped_ptr<base::ListValue> ssl_client_certs(new base::ListValue());
376 std::vector<base::FilePath>::const_iterator it;
377 for (it = ssl_options_.client_authorities.begin();
378 it != ssl_options_.client_authorities.end(); ++it) {
379 if (it->IsAbsolute() && !base::PathExists(*it)) {
380 LOG(ERROR) << "Client authority path " << it->value()
381 << " doesn't exist. Can't launch https server.";
384 ssl_client_certs->Append(new base::StringValue(it->value()));
387 if (ssl_client_certs->GetSize())
388 arguments->Set("ssl-client-ca", ssl_client_certs.release());
391 if (type_ == TYPE_HTTPS) {
392 arguments->Set("https", base::Value::CreateNullValue());
394 std::string ocsp_arg = ssl_options_.GetOCSPArgument();
395 if (!ocsp_arg.empty())
396 arguments->SetString("ocsp", ocsp_arg);
398 if (ssl_options_.cert_serial != 0) {
399 arguments->Set("cert-serial",
400 base::Value::CreateIntegerValue(ssl_options_.cert_serial));
403 // Check key exchange argument.
404 scoped_ptr<base::ListValue> key_exchange_values(new base::ListValue());
405 GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get());
406 if (key_exchange_values->GetSize())
407 arguments->Set("ssl-key-exchange", key_exchange_values.release());
408 // Check bulk cipher argument.
409 scoped_ptr<base::ListValue> bulk_cipher_values(new base::ListValue());
410 GetCiphersList(ssl_options_.bulk_ciphers, bulk_cipher_values.get());
411 if (bulk_cipher_values->GetSize())
412 arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release());
413 if (ssl_options_.record_resume)
414 arguments->Set("https-record-resume", base::Value::CreateNullValue());
415 if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) {
416 arguments->Set("tls-intolerant",
417 new base::FundamentalValue(ssl_options_.tls_intolerant));
419 if (ssl_options_.fallback_scsv_enabled)
420 arguments->Set("fallback-scsv", base::Value::CreateNullValue());
421 if (!ssl_options_.signed_cert_timestamps_tls_ext.empty()) {
422 std::string b64_scts_tls_ext;
423 base::Base64Encode(ssl_options_.signed_cert_timestamps_tls_ext,
425 arguments->SetString("signed-cert-timestamps-tls-ext", b64_scts_tls_ext);
427 if (ssl_options_.staple_ocsp_response)
428 arguments->Set("staple-ocsp-response", base::Value::CreateNullValue());
429 if (ssl_options_.enable_npn)
430 arguments->Set("enable-npn", base::Value::CreateNullValue());
433 return GenerateAdditionalArguments(arguments);
436 bool BaseTestServer::GenerateAdditionalArguments(
437 base::DictionaryValue* arguments) const {