net/test/spawned_test_server/base_test_server.cc - Issue 109563002: net: add test for TLS_FALLBACK_SCSV

Side by Side Diff: net/test/spawned_test_server/base_test_server.cc

Issue 109563002: net: add test for TLS_FALLBACK_SCSV (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Add comment. Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« net/test/spawned_test_server/base_test_server.h ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/tools/testserver/testserver.py » ('j') | net/tools/testserver/testserver.py » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/test/spawned_test_server/base_test_server.h"	5 #include "net/test/spawned_test_server/base_test_server.h"

6	6

7 #include <string>	7 #include <string>

8 #include <vector>	8 #include <vector>

9	9

10 #include "base/base64.h"	10 #include "base/base64.h"

(...skipping 42 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
53	53

54 } // namespace	54 } // namespace

55	55

56 BaseTestServer::SSLOptions::SSLOptions()	56 BaseTestServer::SSLOptions::SSLOptions()

57 : server_certificate(CERT_OK),	57 : server_certificate(CERT_OK),

58 ocsp_status(OCSP_OK),	58 ocsp_status(OCSP_OK),

59 cert_serial(0),	59 cert_serial(0),

60 request_client_certificate(false),	60 request_client_certificate(false),

61 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),	61 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),

62 record_resume(false),	62 record_resume(false),

63 tls_intolerant(TLS_INTOLERANT_NONE) {}	63 tls_intolerant(TLS_INTOLERANT_NONE),

	64 fallback_scsv_enabled(false) {}

64	65

65 BaseTestServer::SSLOptions::SSLOptions(	66 BaseTestServer::SSLOptions::SSLOptions(

66 BaseTestServer::SSLOptions::ServerCertificate cert)	67 BaseTestServer::SSLOptions::ServerCertificate cert)

67 : server_certificate(cert),	68 : server_certificate(cert),

68 ocsp_status(OCSP_OK),	69 ocsp_status(OCSP_OK),

69 cert_serial(0),	70 cert_serial(0),

70 request_client_certificate(false),	71 request_client_certificate(false),

71 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),	72 bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),

72 record_resume(false),	73 record_resume(false),

73 tls_intolerant(TLS_INTOLERANT_NONE) {}	74 tls_intolerant(TLS_INTOLERANT_NONE),

	75 fallback_scsv_enabled(false) {}

74	76

75 BaseTestServer::SSLOptions::~SSLOptions() {}	77 BaseTestServer::SSLOptions::~SSLOptions() {}

76	78

77 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {	79 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {

78 switch (server_certificate) {	80 switch (server_certificate) {

79 case CERT_OK:	81 case CERT_OK:

80 case CERT_MISMATCHED_NAME:	82 case CERT_MISMATCHED_NAME:

81 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));	83 return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));

82 case CERT_EXPIRED:	84 case CERT_EXPIRED:

83 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));	85 return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));

(...skipping 313 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
397 if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) {	399 if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) {

398 arguments->Set("tls-intolerant",	400 arguments->Set("tls-intolerant",

399 new base::FundamentalValue(ssl_options_.tls_intolerant));	401 new base::FundamentalValue(ssl_options_.tls_intolerant));

400 }	402 }

401 if (!ssl_options_.signed_cert_timestamps.empty()) {	403 if (!ssl_options_.signed_cert_timestamps.empty()) {

402 std::string b64_scts;	404 std::string b64_scts;

403 if (!base::Base64Encode(ssl_options_.signed_cert_timestamps, &b64_scts))	405 if (!base::Base64Encode(ssl_options_.signed_cert_timestamps, &b64_scts))

404 return false;	406 return false;

405 arguments->SetString("signed-cert-timestamps", b64_scts);	407 arguments->SetString("signed-cert-timestamps", b64_scts);

406 }	408 }

	409 if (ssl_options_.fallback_scsv_enabled)

	410 arguments->Set("fallback-scsv", base::Value::CreateNullValue());
	wtc 2013/12/10 16:28:27 It would be nice to move this up, to follow the tl It would be nice to move this up, to follow the tls_intolerant code. (See my comment in base_test_server.h about avoiding merge conflicts with Emilia's CL.) agl 2013/12/10 17:53:43 Done. Show quoted text On 2013/12/10 16:28:27, wtc wrote: > > It would be nice to move this up, to follow the tls_intolerant code. (See my > comment in base_test_server.h about avoiding merge conflicts with Emilia's CL.) Done.
407 }	411 }

408	412

409 return GenerateAdditionalArguments(arguments);	413 return GenerateAdditionalArguments(arguments);

410 }	414 }

411	415

412 bool BaseTestServer::GenerateAdditionalArguments(	416 bool BaseTestServer::GenerateAdditionalArguments(

413 base::DictionaryValue* arguments) const {	417 base::DictionaryValue* arguments) const {

414 return true;	418 return true;

415 }	419 }

416	420

417 } // namespace net	421 } // namespace net

OLD	NEW