Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(411)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/url_request/url_request_unittest.cc

Issue 1052743003: Move RC4 behind a fallback. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Make test not a no-op Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/socket/ssl_client_socket_unittest.cc ('K') | « net/ssl/ssl_config.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/url_request/url_request_unittest.cc
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index ebf033d41eb614b317db71179316a753fad37b54..9ccf0ef97fe025a428e8fac65ff8652adeecffcb 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -7133,6 +7133,54 @@ TEST_F(HTTPSRequestTest, HTTPSExpiredTest) {
}
}
+// Tests that servers which require a deprecated cipher suite still work.
+TEST_F(HTTPSRequestTest, CipherFallbackTest) {
+ CapturingNetLog net_log;
+ default_context_.set_net_log(&net_log);
+
+ SpawnedTestServer::SSLOptions ssl_options;
+ ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_RC4;
+ SpawnedTestServer test_server(
+ SpawnedTestServer::TYPE_HTTPS, ssl_options,
+ base::FilePath(FILE_PATH_LITERAL("net/data/ssl")));
+ ASSERT_TRUE(test_server.Start());
+
+ TestDelegate d;
+ {
Ryan Sleevi 2015/04/02 06:32:06 Is this scope necessary? Seems like a normal scopi
davidben 2015/04/03 19:58:26 Done. (Copy-paste from elsewhere.)
+ scoped_ptr<URLRequest> r(default_context_.CreateRequest(
+ test_server.GetURL(std::string()), DEFAULT_PRIORITY, &d));
+ r->Start();
+ EXPECT_TRUE(r->is_pending());
+
+ base::RunLoop().Run();
+
+ EXPECT_EQ(1, d.response_started_count());
+ EXPECT_FALSE(d.received_data_before_response());
+ EXPECT_NE(0, d.bytes_received());
+ CheckSSLInfo(r->ssl_info());
+ EXPECT_EQ(test_server.host_port_pair().host(),
+ r->GetSocketAddress().host());
+ EXPECT_EQ(test_server.host_port_pair().port(),
+ r->GetSocketAddress().port());
+
+ // No version downgrade should have been necessary.
+ EXPECT_FALSE(r->ssl_info().connection_status &
+ SSL_CONNECTION_VERSION_FALLBACK);
+ int expected_version = SSL_CONNECTION_VERSION_TLS1_2;
+ if (SSLClientSocket::GetMaxSupportedSSLVersion() <
+ SSL_PROTOCOL_VERSION_TLS1_2) {
+ expected_version = SSL_CONNECTION_VERSION_TLS1_1;
+ }
+ EXPECT_EQ(expected_version,
+ SSLConnectionStatusToVersion(r->ssl_info().connection_status));
+
+ CapturingNetLog::CapturedEntryList entries;
+ net_log.GetEntries(&entries);
+ ExpectLogContainsSomewhere(entries, 0, NetLog::TYPE_SSL_CIPHER_FALLBACK,
+ NetLog::PHASE_NONE);
+ }
+}
+
// This tests that a load of www.google.com with a certificate error sets
// the |certificate_errors_are_fatal| flag correctly. This flag will cause
// the interstitial to be fatal.
« net/socket/ssl_client_socket_unittest.cc ('K') | « net/ssl/ssl_config.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698