Move RC4 behind a fallback.

net/socket/ssl_client_socket_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket.h"
 
 #include "base/callback_helpers.h"
 #include "base/memory/ref_counted.h"
 #include "base/run_loop.h"
 #include "base/time/time.h"
@@ skipping 2181 matching lines @@
   scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket(
       transport.Pass(), test_server.host_port_pair(), SSLConfig()));
 
   rv = sock->Connect(callback.callback());
   if (rv == ERR_IO_PENDING)
     rv = callback.WaitForResult();
   EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv);
 }
 
 TEST_F(SSLClientSocketTest, CipherSuiteDisables) {
-  // Rather than exhaustively disabling every RC4 ciphersuite defined at
-  // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml,
-  // only disabling those cipher suites that the test server actually
-  // implements.
-  const uint16 kCiphersToDisable[] = {0x0005,  // TLS_RSA_WITH_RC4_128_SHA
+  // Rather than exhaustively disabling every AES_128_CBC ciphersuite defined at
+  // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml, only
+  // disabling those cipher suites that the test server actually implements.
+  const uint16 kCiphersToDisable[] = {
+      0x002f,  // TLS_RSA_WITH_AES_128_CBC_SHA
+      0x0033,  // TLS_DHE_RSA_WITH_AES_128_CBC_SHA
   };
 
   SpawnedTestServer::SSLOptions ssl_options;
   // Enable only RC4 on the test server.
-  ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_RC4;
+  ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128;
   SpawnedTestServer test_server(
       SpawnedTestServer::TYPE_HTTPS, ssl_options, base::FilePath());
   ASSERT_TRUE(test_server.Start());
 
   AddressList addr;
   ASSERT_TRUE(test_server.GetAddressList(&addr));
 
   TestCompletionCallback callback;
   CapturingNetLog log;
   scoped_ptr<StreamSocket> transport(
@@ skipping 646 matching lines @@
   EXPECT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
   sock = CreateSSLClientSocket(
       transport.Pass(), test_server()->host_port_pair(), fallback_ssl_config);
   EXPECT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
   EXPECT_TRUE(sock->GetSSLInfo(&ssl_info));
   EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type);
   EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1,
             SSLConnectionStatusToVersion(ssl_info.connection_status));
 }
 
+// Test that RC4 is only enabled if enable_deprecated_cipher_suites is set.
+TEST_F(SSLClientSocketTest, DeprecatedRC4) {
+  SpawnedTestServer::SSLOptions ssl_options;
+  ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_RC4;
+  ASSERT_TRUE(StartTestServer(ssl_options));
+
+  // Normal handshakes with RC4 do not work.
+  SSLConfig ssl_config;
+  TestCompletionCallback callback;
+  scoped_ptr<StreamSocket> transport(
+      new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  scoped_ptr<SSLClientSocket> sock(CreateSSLClientSocket(
+      transport.Pass(), test_server()->host_port_pair(), ssl_config));
+  ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH,
+            callback.GetResult(sock->Connect(callback.callback())));
+
+  // Enabling deprecated ciphers works fine.
+  ssl_config.enable_deprecated_cipher_suites = true;
+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  ASSERT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(transport.Pass(),
+                               test_server()->host_port_pair(), ssl_config);
+  ASSERT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+}
+
+// Tests that enabling deprecated ciphers shards the session cache.
+TEST_F(SSLClientSocketTest, DeprecatedShardSessionCache) {
+  SpawnedTestServer::SSLOptions ssl_options;
+  ASSERT_TRUE(StartTestServer(ssl_options));
+
+  // Prepare a normal and deprecated SSL config.
+  SSLConfig ssl_config;
+  SSLConfig deprecated_ssl_config;
+  deprecated_ssl_config.enable_deprecated_cipher_suites = true;
+
+  // Connect with deprecated ciphers enabled to warm the session cache cache.
+  TestCompletionCallback callback;
+  scoped_ptr<StreamSocket> transport(
+      new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  EXPECT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  scoped_ptr<SSLClientSocket> sock(
+      CreateSSLClientSocket(transport.Pass(), test_server()->host_port_pair(),
+                            deprecated_ssl_config));
+  EXPECT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  SSLInfo ssl_info;
+  EXPECT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+
+  // Test that re-connecting with deprecated ciphers enabled still resumes.
+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  EXPECT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(
+      transport.Pass(), test_server()->host_port_pair(), deprecated_ssl_config);
+  EXPECT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  EXPECT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type);
+
+  // However, a normal connection needs a full handshake.

[Ryan Sleevi, 2015/04/02 06:32:06]

But does a normal connection prime a deprecated cache? 

[I know the answer is no, but the test doesn't confirm that side; for example,
this could have broken resumption for all normal handshakes]

[davidben, 2015/04/03 19:58:26]

Done. (Though I can't imagine an implementation that could possibly have that
bug. :-) Not sure I see how it could have broken resumption for all normal
handshakes. It could have... broken a spurious fallback connection... when
connecting to servers that didn't need the fallback? If anything, we actually
want the mixing in that direction.)

+  transport.reset(new TCPClientSocket(addr(), &log_, NetLog::Source()));
+  EXPECT_EQ(OK, callback.GetResult(transport->Connect(callback.callback())));
+  sock = CreateSSLClientSocket(transport.Pass(),
+                               test_server()->host_port_pair(), ssl_config);
+  EXPECT_EQ(OK, callback.GetResult(sock->Connect(callback.callback())));
+  EXPECT_TRUE(sock->GetSSLInfo(&ssl_info));
+  EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
+}
+
 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) {
   if (!SupportsAESGCM()) {
     LOG(WARNING) << "Skipping test because AES-GCM is not supported.";
     return;
   }
 
   // False Start requires NPN/ALPN, perfect forward secrecy, and an AEAD.
   SpawnedTestServer::SSLOptions server_options;
   server_options.key_exchanges =
       SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA;
@@ skipping 211 matching lines @@
   ssl_config.channel_id_enabled = true;
 
   int rv;
   ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
 
   EXPECT_EQ(ERR_UNEXPECTED, rv);
   EXPECT_FALSE(sock_->IsConnected());
 }
 
 }  // namespace net