1 // Copyright 2024 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/quic_session_key.h"
6
7 #include "net/base/network_anonymization_key.h"
8 #include "net/base/proxy_chain.h"
9 #include "net/base/proxy_server.h"
10 #include "net/base/schemeful_site.h"
11 #include "net/base/session_usage.h"
12 #include "net/dns/public/secure_dns_policy.h"
13 #include "net/socket/socket_tag.h"
14 #include "net/third_party/quiche/src/quiche/quic/core/quic_server_id.h"
15 #include "url/gurl.h"
16
17 #include "testing/gtest/include/gtest/gtest.h"
18
19 namespace net {
20
21 namespace {
22
23 // Check for equality of session keys, and inequality when various pieces of the
24 // key differ. The SocketTag is only used on Android, and the NAK is only used
25 // when network partitioning is enabled.
TEST(QuicSessionKeyTest,Equality)26 TEST(QuicSessionKeyTest, Equality) {
27 QuicSessionKey key(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
28 ProxyChain::Direct(), SessionUsage::kDestination,
29 SocketTag(), NetworkAnonymizationKey(),
30 SecureDnsPolicy::kAllow,
31 /*require_dns_https_alpn=*/false);
32 EXPECT_EQ(key,
33 QuicSessionKey("www.example.org", 80, PRIVACY_MODE_DISABLED,
34 ProxyChain::Direct(), SessionUsage::kDestination,
35 SocketTag(), NetworkAnonymizationKey(),
36 SecureDnsPolicy::kAllow,
37 /*require_dns_https_alpn=*/false));
38 EXPECT_EQ(
39 key, QuicSessionKey(
40 quic::QuicServerId("www.example.org", 80, PRIVACY_MODE_DISABLED),
41 ProxyChain::Direct(), SessionUsage::kDestination, SocketTag(),
42 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
43 /*require_dns_https_alpn=*/false));
44 EXPECT_NE(
45 key, QuicSessionKey(HostPortPair("otherproxy", 80), PRIVACY_MODE_DISABLED,
46 ProxyChain::Direct(), SessionUsage::kDestination,
47 SocketTag(), NetworkAnonymizationKey(),
48 SecureDnsPolicy::kAllow,
49 /*require_dns_https_alpn=*/false));
50 EXPECT_NE(key,
51 QuicSessionKey(HostPortPair("www.example.org", 80),
52 PRIVACY_MODE_ENABLED, ProxyChain::Direct(),
53 SessionUsage::kDestination, SocketTag(),
54 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
55 /*require_dns_https_alpn=*/false));
56 EXPECT_NE(key, QuicSessionKey(
57 HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
58 ProxyChain::FromSchemeHostAndPort(
59 ProxyServer::Scheme::SCHEME_HTTPS, "otherproxy", 443),
60 SessionUsage::kDestination, SocketTag(),
61 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
62 /*require_dns_https_alpn=*/false));
63 EXPECT_NE(key, QuicSessionKey(
64 HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
65 ProxyChain::Direct(), SessionUsage::kProxy, SocketTag(),
66 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
67 /*require_dns_https_alpn=*/false));
68 #if BUILDFLAG(IS_ANDROID)
69 EXPECT_NE(key,
70 QuicSessionKey(HostPortPair("www.example.org", 80),
71 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
72 SessionUsage::kDestination, SocketTag(999, 999),
73 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
74 /*require_dns_https_alpn=*/false));
75 #endif // BUILDFLAG(IS_ANDROID)
76 if (NetworkAnonymizationKey::IsPartitioningEnabled()) {
77 EXPECT_NE(key, QuicSessionKey(HostPortPair("www.example.org", 80),
78 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
79 SessionUsage::kDestination, SocketTag(),
80 NetworkAnonymizationKey::CreateSameSite(
81 SchemefulSite(GURL("http://a.test/"))),
82 SecureDnsPolicy::kAllow,
83 /*require_dns_https_alpn=*/false));
84 }
85 EXPECT_NE(key,
86 QuicSessionKey(HostPortPair("www.example.org", 80),
87 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
88 SessionUsage::kDestination, SocketTag(),
89 NetworkAnonymizationKey(), SecureDnsPolicy::kDisable,
90 /*require_dns_https_alpn=*/false));
91 EXPECT_NE(key,
92 QuicSessionKey("www.example.org", 80, PRIVACY_MODE_DISABLED,
93 ProxyChain::Direct(), SessionUsage::kDestination,
94 SocketTag(), NetworkAnonymizationKey(),
95 SecureDnsPolicy::kAllow,
96 /*require_dns_https_alpn=*/true));
97 }
98
99 // The operator< implementation is suitable for storing distinct keys in a set.
TEST(QuicSessionKeyTest,Set)100 TEST(QuicSessionKeyTest, Set) {
101 std::vector<QuicSessionKey> session_keys = {
102 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
103 ProxyChain::Direct(), SessionUsage::kDestination,
104 SocketTag(), NetworkAnonymizationKey(),
105 SecureDnsPolicy::kAllow,
106 /*require_dns_https_alpn=*/false),
107 QuicSessionKey(HostPortPair("otherproxy", 80), PRIVACY_MODE_DISABLED,
108 ProxyChain::Direct(), SessionUsage::kDestination,
109 SocketTag(), NetworkAnonymizationKey(),
110 SecureDnsPolicy::kAllow,
111 /*require_dns_https_alpn=*/false),
112 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_ENABLED,
113 ProxyChain::Direct(), SessionUsage::kDestination,
114 SocketTag(), NetworkAnonymizationKey(),
115 SecureDnsPolicy::kAllow,
116 /*require_dns_https_alpn=*/false),
117 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
118 ProxyChain::FromSchemeHostAndPort(
119 ProxyServer::Scheme::SCHEME_HTTPS, "otherproxy", 443),
120 SessionUsage::kDestination, SocketTag(),
121 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
122 /*require_dns_https_alpn=*/false),
123 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
124 ProxyChain({
125 ProxyServer::FromSchemeHostAndPort(
126 ProxyServer::Scheme::SCHEME_HTTPS, "proxy1", 443),
127 ProxyServer::FromSchemeHostAndPort(
128 ProxyServer::Scheme::SCHEME_HTTPS, "proxy2", 443),
129 }),
130 SessionUsage::kDestination, SocketTag(),
131 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
132 /*require_dns_https_alpn=*/false),
133 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
134 ProxyChain::Direct(), SessionUsage::kProxy, SocketTag(),
135 NetworkAnonymizationKey(), SecureDnsPolicy::kAllow,
136 /*require_dns_https_alpn=*/false),
137 #if BUILDFLAG(IS_ANDROID)
138 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
139 ProxyChain::Direct(), SessionUsage::kDestination,
140 SocketTag(999, 999), NetworkAnonymizationKey(),
141 SecureDnsPolicy::kAllow,
142 /*require_dns_https_alpn=*/false),
143 #endif // BUILDFLAG(IS_ANDROID)
144 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
145 ProxyChain::Direct(), SessionUsage::kDestination,
146 SocketTag(), NetworkAnonymizationKey(),
147 SecureDnsPolicy::kDisable,
148 /*require_dns_https_alpn=*/false),
149 QuicSessionKey(HostPortPair("www.example.org", 80), PRIVACY_MODE_DISABLED,
150 ProxyChain::Direct(), SessionUsage::kDestination,
151 SocketTag(), NetworkAnonymizationKey(),
152 SecureDnsPolicy::kAllow,
153 /*require_dns_https_alpn=*/true),
154 };
155 if (NetworkAnonymizationKey::IsPartitioningEnabled()) {
156 session_keys.emplace_back(HostPortPair("www.example.org", 80),
157 PRIVACY_MODE_DISABLED, ProxyChain::Direct(),
158 SessionUsage::kDestination, SocketTag(),
159 NetworkAnonymizationKey::CreateSameSite(
160 SchemefulSite(GURL("http://a.test/"))),
161 SecureDnsPolicy::kAllow,
162 /*require_dns_https_alpn=*/false);
163 }
164 std::set<QuicSessionKey> key_set(session_keys.begin(), session_keys.end());
165 ASSERT_EQ(session_keys.size(), key_set.size());
166 }
167
168 } // namespace
169
170 } // namespace net
171