src/net/test/spawned_test_server/base_test_server.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/test/spawned_test_server/base_test_server.h"
   6
   7 #include <string>
   8 #include <vector>
   9
  10 #include "base/base64.h"
  11 #include "base/file_util.h"
  12 #include "base/json/json_reader.h"
  13 #include "base/logging.h"
  14 #include "base/path_service.h"
  15 #include "base/values.h"
  16 #include "net/base/address_list.h"
  17 #include "net/base/host_port_pair.h"
  18 #include "net/base/net_errors.h"
  19 #include "net/base/net_log.h"
  20 #include "net/base/net_util.h"
  21 #include "net/base/test_completion_callback.h"
  22 #include "net/cert/test_root_certs.h"
  23 #include "net/dns/host_resolver.h"
  24 #include "url/gurl.h"
  25
  26 namespace net {
  27
  28 namespace {
  29
  30 std::string GetHostname(BaseTestServer::Type type,
  31                         const BaseTestServer::SSLOptions& options) {
  32   if (BaseTestServer::UsingSSL(type) &&
  33       options.server_certificate ==
  34           BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) {
  35     // Return a different hostname string that resolves to the same hostname.
  36     return "localhost";
  37   }
  38
  39   // Use the 127.0.0.1 as default.
  40   return BaseTestServer::kLocalhost;
  41 }
  42
  43 void GetKeyExchangesList(int key_exchange, base::ListValue* values) {
  44   if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_RSA)
  45     values->Append(new base::StringValue("rsa"));
  46   if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA)
  47     values->Append(new base::StringValue("dhe_rsa"));
  48 }
  49
  50 void GetCiphersList(int cipher, base::ListValue* values) {
  51   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_RC4)
  52     values->Append(new base::StringValue("rc4"));
  53   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES128)
  54     values->Append(new base::StringValue("aes128"));
  55   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES256)
  56     values->Append(new base::StringValue("aes256"));
  57   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_3DES)
  58     values->Append(new base::StringValue("3des"));
  59 }
  60
  61 }  // namespace
  62
  63 BaseTestServer::SSLOptions::SSLOptions()
  64     : server_certificate(CERT_OK),
  65       ocsp_status(OCSP_OK),
  66       cert_serial(0),
  67       request_client_certificate(false),
  68       key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
  69       bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
  70       record_resume(false),
  71       tls_intolerant(TLS_INTOLERANT_NONE),
  72       fallback_scsv_enabled(false),
  73       staple_ocsp_response(false),
  74       enable_npn(false) {}
  75
  76 BaseTestServer::SSLOptions::SSLOptions(
  77     BaseTestServer::SSLOptions::ServerCertificate cert)
  78     : server_certificate(cert),
  79       ocsp_status(OCSP_OK),
  80       cert_serial(0),
  81       request_client_certificate(false),
  82       key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
  83       bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
  84       record_resume(false),
  85       tls_intolerant(TLS_INTOLERANT_NONE),
  86       fallback_scsv_enabled(false),
  87       staple_ocsp_response(false),
  88       enable_npn(false) {}
  89
  90 BaseTestServer::SSLOptions::~SSLOptions() {}
  91
  92 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {
  93   switch (server_certificate) {
  94     case CERT_OK:
  95     case CERT_MISMATCHED_NAME:
  96       return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
  97     case CERT_EXPIRED:
  98       return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
  99     case CERT_CHAIN_WRONG_ROOT:
 100       // This chain uses its own dedicated test root certificate to avoid
 101       // side-effects that may affect testing.
 102       return base::FilePath(FILE_PATH_LITERAL("redundant-server-chain.pem"));
 103     case CERT_AUTO:
 104       return base::FilePath();
 105     default:
 106       NOTREACHED();
 107   }
 108   return base::FilePath();
 109 }
 110
 111 std::string BaseTestServer::SSLOptions::GetOCSPArgument() const {
 112   if (server_certificate != CERT_AUTO)
 113     return std::string();
 114
 115   switch (ocsp_status) {
 116     case OCSP_OK:
 117       return "ok";
 118     case OCSP_REVOKED:
 119       return "revoked";
 120     case OCSP_INVALID:
 121       return "invalid";
 122     case OCSP_UNAUTHORIZED:
 123       return "unauthorized";
 124     case OCSP_UNKNOWN:
 125       return "unknown";
 126     default:
 127       NOTREACHED();
 128       return std::string();
 129   }
 130 }
 131
 132 const char BaseTestServer::kLocalhost[] = "127.0.0.1";
 133
 134 BaseTestServer::BaseTestServer(Type type, const std::string& host)
 135     : type_(type),
 136       started_(false),
 137       log_to_console_(false) {
 138   Init(host);
 139 }
 140
 141 BaseTestServer::BaseTestServer(Type type, const SSLOptions& ssl_options)
 142     : ssl_options_(ssl_options),
 143       type_(type),
 144       started_(false),
 145       log_to_console_(false) {
 146   DCHECK(UsingSSL(type));
 147   Init(GetHostname(type, ssl_options));
 148 }
 149
 150 BaseTestServer::~BaseTestServer() {}
 151
 152 const HostPortPair& BaseTestServer::host_port_pair() const {
 153   DCHECK(started_);
 154   return host_port_pair_;
 155 }
 156
 157 const base::DictionaryValue& BaseTestServer::server_data() const {
 158   DCHECK(started_);
 159   DCHECK(server_data_.get());
 160   return *server_data_;
 161 }
 162
 163 std::string BaseTestServer::GetScheme() const {
 164   switch (type_) {
 165     case TYPE_FTP:
 166       return "ftp";
 167     case TYPE_HTTP:
 168       return "http";
 169     case TYPE_HTTPS:
 170       return "https";
 171     case TYPE_WS:
 172       return "ws";
 173     case TYPE_WSS:
 174       return "wss";
 175     case TYPE_TCP_ECHO:
 176     case TYPE_UDP_ECHO:
 177     default:
 178       NOTREACHED();
 179   }
 180   return std::string();
 181 }
 182
 183 bool BaseTestServer::GetAddressList(AddressList* address_list) const {
 184   DCHECK(address_list);
 185
 186   scoped_ptr<HostResolver> resolver(HostResolver::CreateDefaultResolver(NULL));
 187   HostResolver::RequestInfo info(host_port_pair_);
 188   TestCompletionCallback callback;
 189   int rv = resolver->Resolve(info,
 190                              DEFAULT_PRIORITY,
 191                              address_list,
 192                              callback.callback(),
 193                              NULL,
 194                              BoundNetLog());
 195   if (rv == ERR_IO_PENDING)
 196     rv = callback.WaitForResult();
 197   if (rv != net::OK) {
 198     LOG(ERROR) << "Failed to resolve hostname: " << host_port_pair_.host();
 199     return false;
 200   }
 201   return true;
 202 }
 203
 204 uint16 BaseTestServer::GetPort() {
 205   return host_port_pair_.port();
 206 }
 207
 208 void BaseTestServer::SetPort(uint16 port) {
 209   host_port_pair_.set_port(port);
 210 }
 211
 212 GURL BaseTestServer::GetURL(const std::string& path) const {
 213   return GURL(GetScheme() + "://" + host_port_pair_.ToString() + "/" + path);
 214 }
 215
 216 GURL BaseTestServer::GetURLWithUser(const std::string& path,
 217                                 const std::string& user) const {
 218   return GURL(GetScheme() + "://" + user + "@" + host_port_pair_.ToString() +
 219               "/" + path);
 220 }
 221
 222 GURL BaseTestServer::GetURLWithUserAndPassword(const std::string& path,
 223                                            const std::string& user,
 224                                            const std::string& password) const {
 225   return GURL(GetScheme() + "://" + user + ":" + password + "@" +
 226               host_port_pair_.ToString() + "/" + path);
 227 }
 228
 229 // static
 230 bool BaseTestServer::GetFilePathWithReplacements(
 231     const std::string& original_file_path,
 232     const std::vector<StringPair>& text_to_replace,
 233     std::string* replacement_path) {
 234   std::string new_file_path = original_file_path;
 235   bool first_query_parameter = true;
 236   const std::vector<StringPair>::const_iterator end = text_to_replace.end();
 237   for (std::vector<StringPair>::const_iterator it = text_to_replace.begin();
 238        it != end;
 239        ++it) {
 240     const std::string& old_text = it->first;
 241     const std::string& new_text = it->second;
 242     std::string base64_old;
 243     std::string base64_new;
 244     base::Base64Encode(old_text, &base64_old);
 245     base::Base64Encode(new_text, &base64_new);
 246     if (first_query_parameter) {
 247       new_file_path += "?";
 248       first_query_parameter = false;
 249     } else {
 250       new_file_path += "&";
 251     }
 252     new_file_path += "replace_text=";
 253     new_file_path += base64_old;
 254     new_file_path += ":";
 255     new_file_path += base64_new;
 256   }
 257
 258   *replacement_path = new_file_path;
 259   return true;
 260 }
 261
 262 void BaseTestServer::Init(const std::string& host) {
 263   host_port_pair_ = HostPortPair(host, 0);
 264
 265   // TODO(battre) Remove this after figuring out why the TestServer is flaky.
 266   // http://crbug.com/96594
 267   log_to_console_ = true;
 268 }
 269
 270 void BaseTestServer::SetResourcePath(const base::FilePath& document_root,
 271                                      const base::FilePath& certificates_dir) {
 272   // This method shouldn't get called twice.
 273   DCHECK(certificates_dir_.empty());
 274   document_root_ = document_root;
 275   certificates_dir_ = certificates_dir;
 276   DCHECK(!certificates_dir_.empty());
 277 }
 278
 279 bool BaseTestServer::ParseServerData(const std::string& server_data) {
 280   VLOG(1) << "Server data: " << server_data;
 281   base::JSONReader json_reader;
 282   scoped_ptr<base::Value> value(json_reader.ReadToValue(server_data));
 283   if (!value.get() || !value->IsType(base::Value::TYPE_DICTIONARY)) {
 284     LOG(ERROR) << "Could not parse server data: "
 285                << json_reader.GetErrorMessage();
 286     return false;
 287   }
 288
 289   server_data_.reset(static_cast<base::DictionaryValue*>(value.release()));
 290   int port = 0;
 291   if (!server_data_->GetInteger("port", &port)) {
 292     LOG(ERROR) << "Could not find port value";
 293     return false;
 294   }
 295   if ((port <= 0) || (port > kuint16max)) {
 296     LOG(ERROR) << "Invalid port value: " << port;
 297     return false;
 298   }
 299   host_port_pair_.set_port(port);
 300
 301   return true;
 302 }
 303
 304 bool BaseTestServer::LoadTestRootCert() const {
 305   TestRootCerts* root_certs = TestRootCerts::GetInstance();
 306   if (!root_certs)
 307     return false;
 308
 309   // Should always use absolute path to load the root certificate.
 310   base::FilePath root_certificate_path = certificates_dir_;
 311   if (!certificates_dir_.IsAbsolute()) {
 312     base::FilePath src_dir;
 313     if (!PathService::Get(base::DIR_SOURCE_ROOT, &src_dir))
 314       return false;
 315     root_certificate_path = src_dir.Append(certificates_dir_);
 316   }
 317
 318   return root_certs->AddFromFile(
 319       root_certificate_path.AppendASCII("root_ca_cert.pem"));
 320 }
 321
 322 bool BaseTestServer::SetupWhenServerStarted() {
 323   DCHECK(host_port_pair_.port());
 324
 325   if (UsingSSL(type_) && !LoadTestRootCert())
 326       return false;
 327
 328   started_ = true;
 329   allowed_port_.reset(new ScopedPortException(host_port_pair_.port()));
 330   return true;
 331 }
 332
 333 void BaseTestServer::CleanUpWhenStoppingServer() {
 334   TestRootCerts* root_certs = TestRootCerts::GetInstance();
 335   root_certs->Clear();
 336
 337   host_port_pair_.set_port(0);
 338   allowed_port_.reset();
 339   started_ = false;
 340 }
 341
 342 // Generates a dictionary of arguments to pass to the Python test server via
 343 // the test server spawner, in the form of
 344 // { argument-name: argument-value, ... }
 345 // Returns false if an invalid configuration is specified.
 346 bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const {
 347   DCHECK(arguments);
 348
 349   arguments->SetString("host", host_port_pair_.host());
 350   arguments->SetInteger("port", host_port_pair_.port());
 351   arguments->SetString("data-dir", document_root_.value());
 352
 353   if (VLOG_IS_ON(1) || log_to_console_)
 354     arguments->Set("log-to-console", base::Value::CreateNullValue());
 355
 356   if (UsingSSL(type_)) {
 357     // Check the certificate arguments of the HTTPS server.
 358     base::FilePath certificate_path(certificates_dir_);
 359     base::FilePath certificate_file(ssl_options_.GetCertificateFile());
 360     if (!certificate_file.value().empty()) {
 361       certificate_path = certificate_path.Append(certificate_file);
 362       if (certificate_path.IsAbsolute() &&
 363           !base::PathExists(certificate_path)) {
 364         LOG(ERROR) << "Certificate path " << certificate_path.value()
 365                    << " doesn't exist. Can't launch https server.";
 366         return false;
 367       }
 368       arguments->SetString("cert-and-key-file", certificate_path.value());
 369     }
 370
 371     // Check the client certificate related arguments.
 372     if (ssl_options_.request_client_certificate)
 373       arguments->Set("ssl-client-auth", base::Value::CreateNullValue());
 374     scoped_ptr<base::ListValue> ssl_client_certs(new base::ListValue());
 375
 376     std::vector<base::FilePath>::const_iterator it;
 377     for (it = ssl_options_.client_authorities.begin();
 378          it != ssl_options_.client_authorities.end(); ++it) {
 379       if (it->IsAbsolute() && !base::PathExists(*it)) {
 380         LOG(ERROR) << "Client authority path " << it->value()
 381                    << " doesn't exist. Can't launch https server.";
 382         return false;
 383       }
 384       ssl_client_certs->Append(new base::StringValue(it->value()));
 385     }
 386
 387     if (ssl_client_certs->GetSize())
 388       arguments->Set("ssl-client-ca", ssl_client_certs.release());
 389   }
 390
 391   if (type_ == TYPE_HTTPS) {
 392     arguments->Set("https", base::Value::CreateNullValue());
 393
 394     std::string ocsp_arg = ssl_options_.GetOCSPArgument();
 395     if (!ocsp_arg.empty())
 396       arguments->SetString("ocsp", ocsp_arg);
 397
 398     if (ssl_options_.cert_serial != 0) {
 399       arguments->Set("cert-serial",
 400                      base::Value::CreateIntegerValue(ssl_options_.cert_serial));
 401     }
 402
 403     // Check key exchange argument.
 404     scoped_ptr<base::ListValue> key_exchange_values(new base::ListValue());
 405     GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get());
 406     if (key_exchange_values->GetSize())
 407       arguments->Set("ssl-key-exchange", key_exchange_values.release());
 408     // Check bulk cipher argument.
 409     scoped_ptr<base::ListValue> bulk_cipher_values(new base::ListValue());
 410     GetCiphersList(ssl_options_.bulk_ciphers, bulk_cipher_values.get());
 411     if (bulk_cipher_values->GetSize())
 412       arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release());
 413     if (ssl_options_.record_resume)
 414       arguments->Set("https-record-resume", base::Value::CreateNullValue());
 415     if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) {
 416       arguments->Set("tls-intolerant",
 417                      new base::FundamentalValue(ssl_options_.tls_intolerant));
 418     }
 419     if (ssl_options_.fallback_scsv_enabled)
 420       arguments->Set("fallback-scsv", base::Value::CreateNullValue());
 421     if (!ssl_options_.signed_cert_timestamps_tls_ext.empty()) {
 422       std::string b64_scts_tls_ext;
 423       base::Base64Encode(ssl_options_.signed_cert_timestamps_tls_ext,
 424                          &b64_scts_tls_ext);
 425       arguments->SetString("signed-cert-timestamps-tls-ext", b64_scts_tls_ext);
 426     }
 427     if (ssl_options_.staple_ocsp_response)
 428       arguments->Set("staple-ocsp-response", base::Value::CreateNullValue());
 429     if (ssl_options_.enable_npn)
 430       arguments->Set("enable-npn", base::Value::CreateNullValue());
 431   }
 432
 433   return GenerateAdditionalArguments(arguments);
 434 }
 435
 436 bool BaseTestServer::GenerateAdditionalArguments(
 437     base::DictionaryValue* arguments) const {
 438   return true;
 439 }
 440
 441 }  // namespace net