1 // Copyright 2023 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/spdy/spdy_session_key.h"
6
7 #include "net/base/network_anonymization_key.h"
8 #include "net/base/proxy_chain.h"
9 #include "net/base/proxy_server.h"
10 #include "net/base/schemeful_site.h"
11 #include "net/base/session_usage.h"
12 #include "net/dns/public/secure_dns_policy.h"
13 #include "net/socket/socket_tag.h"
14 #include "url/gurl.h"
15
16 #include "testing/gtest/include/gtest/gtest.h"
17
18 namespace net {
19
20 namespace {
21
22 // Check for equality of session keys, and inequality when various pieces of the
23 // key differ. The SocketTag is only used on Android, and the NAK is only used
24 // when network partitioning is enabled.
TEST(SpdySessionKeyTest,Equality)25 TEST(SpdySessionKeyTest, Equality) {
26 SpdySessionKey key(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
27 ProxyChain::Direct(), SessionUsage::kDestination,
28 SocketTag(), NetworkAnonymizationKey(),
29 SecureDnsPolicy::kAllow,
30 /*disable_cert_verification_network_fetches=*/true);
31 EXPECT_EQ(key,
32 SpdySessionKey(HostPortPair("www.example.org", 80),
33 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
34 SessionUsage::kDestination, SocketTag(),
35 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
36 /*disable_cert_verification_network_fetches=*/true));
37 EXPECT_NE(
38 key, SpdySessionKey(HostPortPair("otherproxy", 80), PRIVACY_MODE_DISABLED,
39 ProxyChain::Direct(), SessionUsage::kDestination,
40 SocketTag(), NetworkAnonymizationKey(),
41 SecureDnsPolicy::kAllow,
42 /*disable_cert_verification_network_fetches=*/true));
43 EXPECT_NE(key,
44 SpdySessionKey(HostPortPair("www.example.org", 80),
45 PRIVACY_MODE_ENABLED, ProxyChain::Direct(),
46 SessionUsage::kDestination, SocketTag(),
47 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
48 /*disable_cert_verification_network_fetches=*/true));
49 EXPECT_NE(key, SpdySessionKey(
50 HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
51 ProxyChain::FromSchemeHostAndPort(
52 ProxyServer::Scheme::SCHEME_HTTPS, "otherproxy", 443),
53 SessionUsage::kDestination, SocketTag(),
54 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
55 /*disable_cert_verification_network_fetches=*/true));
56 EXPECT_NE(key, SpdySessionKey(
57 HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
58 ProxyChain::Direct(), SessionUsage::kProxy, SocketTag(),
59 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
60 /*disable_cert_verification_network_fetches=*/true));
61 #if BUILDFLAG(IS_ANDROID)
62 EXPECT_NE(key,
63 SpdySessionKey(HostPortPair("www.example.org", 80),
64 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
65 SessionUsage::kDestination, SocketTag(999, 999),
66 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
67 /*disable_cert_verification_network_fetches=*/true));
68 #endif // BUILDFLAG(IS_ANDROID)
69 if (NetworkAnonymizationKey::IsPartitioningEnabled()) {
70 EXPECT_NE(key,
71 SpdySessionKey(
72 HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
73 ProxyChain::Direct(), SessionUsage::kDestination, SocketTag(),
74 NetworkAnonymizationKey::CreateSameSite(
75 SchemefulSite(GURL("http://a.test/"))),
76 SecureDnsPolicy::kAllow,
77 /*disable_cert_verification_network_fetches=*/true));
78 }
79 EXPECT_NE(key,
80 SpdySessionKey(HostPortPair("www.example.org", 80),
81 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
82 SessionUsage::kDestination, SocketTag(),
83 NetworkAnonymizationKey(), SecureDnsPolicy::kDisable,
84 /*disable_cert_verification_network_fetches=*/true));
85 EXPECT_NE(
86 key, SpdySessionKey(HostPortPair("www.example.org", 80),
87 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
88 SessionUsage::kDestination, SocketTag(),
89 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
90 /*disable_cert_verification_network_fetches=*/false));
91 }
92
93 // The operator< implementation is suitable for storing distinct keys in a set.
TEST(SpdySessionKeyTest,Set)94 TEST(SpdySessionKeyTest, Set) {
95 std::vector<SpdySessionKey> session_keys = {
96 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
97 ProxyChain::Direct(), SessionUsage::kDestination,
98 SocketTag(), NetworkAnonymizationKey(),
99 SecureDnsPolicy::kAllow,
100 /*disable_cert_verification_network_fetches=*/true),
101 SpdySessionKey(HostPortPair("otherproxy", 80), PRIVACY_MODE_DISABLED,
102 ProxyChain::Direct(), SessionUsage::kDestination,
103 SocketTag(), NetworkAnonymizationKey(),
104 SecureDnsPolicy::kAllow,
105 /*disable_cert_verification_network_fetches=*/true),
106 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_ENABLED,
107 ProxyChain::Direct(), SessionUsage::kDestination,
108 SocketTag(), NetworkAnonymizationKey(),
109 SecureDnsPolicy::kAllow,
110 /*disable_cert_verification_network_fetches=*/true),
111 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
112 ProxyChain::FromSchemeHostAndPort(
113 ProxyServer::Scheme::SCHEME_HTTPS, "otherproxy", 443),
114 SessionUsage::kDestination, SocketTag(),
115 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
116 /*disable_cert_verification_network_fetches=*/true),
117 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
118 ProxyChain({
119 ProxyServer::FromSchemeHostAndPort(
120 ProxyServer::Scheme::SCHEME_HTTPS, "proxy1", 443),
121 ProxyServer::FromSchemeHostAndPort(
122 ProxyServer::Scheme::SCHEME_HTTPS, "proxy2", 443),
123 }),
124 SessionUsage::kDestination, SocketTag(),
125 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
126 /*disable_cert_verification_network_fetches=*/true),
127 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
128 ProxyChain::Direct(), SessionUsage::kProxy, SocketTag(),
129 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
130 /*disable_cert_verification_network_fetches=*/true),
131 #if BUILDFLAG(IS_ANDROID)
132 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
133 ProxyChain::Direct(), SessionUsage::kDestination,
134 SocketTag(999, 999), NetworkAnonymizationKey(),
135 SecureDnsPolicy::kAllow,
136 /*disable_cert_verification_network_fetches=*/true),
137 #endif // BUILDFLAG(IS_ANDROID)
138 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
139 ProxyChain::Direct(), SessionUsage::kDestination,
140 SocketTag(), NetworkAnonymizationKey(),
141 SecureDnsPolicy::kDisable,
142 /*disable_cert_verification_network_fetches=*/true),
143 SpdySessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
144 ProxyChain::Direct(), SessionUsage::kDestination,
145 SocketTag(), NetworkAnonymizationKey(),
146 SecureDnsPolicy::kAllow,
147 /*disable_cert_verification_network_fetches=*/false),
148 };
149 if (NetworkAnonymizationKey::IsPartitioningEnabled()) {
150 session_keys.emplace_back(
151 HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
152 ProxyChain::Direct(), SessionUsage::kDestination, SocketTag(),
153 NetworkAnonymizationKey::CreateSameSite(
154 SchemefulSite(GURL("http://a.test/"))),
155 SecureDnsPolicy::kAllow,
156 /*disable_cert_verification_network_fetches=*/true);
157 }
158 std::set<SpdySessionKey> key_set(session_keys.begin(), session_keys.end());
159 ASSERT_EQ(session_keys.size(), key_set.size());
160 }
161
162 } // namespace
163
164 } // namespace net
165