Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(9)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_server_socket_unittest.cc

Issue 1135373002: Updated NetLog::ParametersCallback & all related calbacks returning value as scoped_ptr<base::Value… Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_server_socket_openssl.cc ('k') | net/spdy/spdy_header_block.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This test suite uses SSLClientSocket to test the implementation of 5 // This test suite uses SSLClientSocket to test the implementation of
6 // SSLServerSocket. In order to establish connections between the sockets 6 // SSLServerSocket. In order to establish connections between the sockets
7 // we need two additional classes: 7 // we need two additional classes:
8 // 1. FakeSocket 8 // 1. FakeSocket
9 // Connects SSL socket to FakeDataChannel. This class is just a stub. 9 // Connects SSL socket to FakeDataChannel. This class is just a stub.
10 // 10 //
(...skipping 308 matching lines...) Expand 10 before | Expand all | Expand 10 after
319 std::string key_string; 319 std::string key_string;
320 ASSERT_TRUE(base::ReadFileToString(key_path, &key_string)); 320 ASSERT_TRUE(base::ReadFileToString(key_path, &key_string));
321 std::vector<uint8> key_vector( 321 std::vector<uint8> key_vector(
322 reinterpret_cast<const uint8*>(key_string.data()), 322 reinterpret_cast<const uint8*>(key_string.data()),
323 reinterpret_cast<const uint8*>(key_string.data() + 323 reinterpret_cast<const uint8*>(key_string.data() +
324 key_string.length())); 324 key_string.length()));
325 325
326 scoped_ptr<crypto::RSAPrivateKey> private_key( 326 scoped_ptr<crypto::RSAPrivateKey> private_key(
327 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); 327 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector));
328 328
329 SSLConfig ssl_config; 329 client_ssl_config_.false_start_enabled = false;
330 ssl_config.false_start_enabled = false; 330 client_ssl_config_.channel_id_enabled = false;
331 ssl_config.channel_id_enabled = false;
332 331
333 // Certificate provided by the host doesn't need authority. 332 // Certificate provided by the host doesn't need authority.
334 SSLConfig::CertAndStatus cert_and_status; 333 SSLConfig::CertAndStatus cert_and_status;
335 cert_and_status.cert_status = CERT_STATUS_AUTHORITY_INVALID; 334 cert_and_status.cert_status = CERT_STATUS_AUTHORITY_INVALID;
336 cert_and_status.der_cert = cert_der; 335 cert_and_status.der_cert = cert_der;
337 ssl_config.allowed_bad_certs.push_back(cert_and_status); 336 client_ssl_config_.allowed_bad_certs.push_back(cert_and_status);
338 337
339 HostPortPair host_and_pair("unittest", 0); 338 HostPortPair host_and_pair("unittest", 0);
340 SSLClientSocketContext context; 339 SSLClientSocketContext context;
341 context.cert_verifier = cert_verifier_.get(); 340 context.cert_verifier = cert_verifier_.get();
342 context.transport_security_state = transport_security_state_.get(); 341 context.transport_security_state = transport_security_state_.get();
343 client_socket_ = 342 client_socket_ = socket_factory_->CreateSSLClientSocket(
344 socket_factory_->CreateSSLClientSocket( 343 client_connection.Pass(), host_and_pair, client_ssl_config_, context);
345 client_connection.Pass(), host_and_pair, ssl_config, context); 344 server_socket_ =
346 server_socket_ = CreateSSLServerSocket( 345 CreateSSLServerSocket(server_socket.Pass(), cert.get(),
347 server_socket.Pass(), 346 private_key.get(), server_ssl_config_);
348 cert.get(), private_key.get(), SSLConfig());
349 } 347 }
350 348
351 FakeDataChannel channel_1_; 349 FakeDataChannel channel_1_;
352 FakeDataChannel channel_2_; 350 FakeDataChannel channel_2_;
351 SSLConfig client_ssl_config_;
352 SSLConfig server_ssl_config_;
353 scoped_ptr<SSLClientSocket> client_socket_; 353 scoped_ptr<SSLClientSocket> client_socket_;
354 scoped_ptr<SSLServerSocket> server_socket_; 354 scoped_ptr<SSLServerSocket> server_socket_;
355 ClientSocketFactory* socket_factory_; 355 ClientSocketFactory* socket_factory_;
356 scoped_ptr<MockCertVerifier> cert_verifier_; 356 scoped_ptr<MockCertVerifier> cert_verifier_;
357 scoped_ptr<TransportSecurityState> transport_security_state_; 357 scoped_ptr<TransportSecurityState> transport_security_state_;
358 }; 358 };
359 359
360 // This test only executes creation of client and server sockets. This is to 360 // This test only executes creation of client and server sockets. This is to
361 // test that creation of sockets doesn't crash and have minimal code to run 361 // test that creation of sockets doesn't crash and have minimal code to run
362 // under valgrind in order to help debugging memory problems. 362 // under valgrind in order to help debugging memory problems.
(...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after
584 584
585 const char kKeyingLabelBad[] = "EXPERIMENTAL-server-socket-test-bad"; 585 const char kKeyingLabelBad[] = "EXPERIMENTAL-server-socket-test-bad";
586 unsigned char client_bad[kKeyingMaterialSize]; 586 unsigned char client_bad[kKeyingMaterialSize];
587 rv = client_socket_->ExportKeyingMaterial(kKeyingLabelBad, 587 rv = client_socket_->ExportKeyingMaterial(kKeyingLabelBad,
588 false, kKeyingContext, 588 false, kKeyingContext,
589 client_bad, sizeof(client_bad)); 589 client_bad, sizeof(client_bad));
590 ASSERT_EQ(rv, OK); 590 ASSERT_EQ(rv, OK);
591 EXPECT_NE(0, memcmp(server_out, client_bad, sizeof(server_out))); 591 EXPECT_NE(0, memcmp(server_out, client_bad, sizeof(server_out)));
592 } 592 }
593 593
594 // Verifies that SSLConfig::require_ecdhe flags works properly.
595 TEST_F(SSLServerSocketTest, RequireEcdheFlag) {
596 // Disable all ECDHE suites on the client side.
597 uint16_t kEcdheCiphers[] = {
598 0xc007, // ECDHE_ECDSA_WITH_RC4_128_SHA
599 0xc009, // ECDHE_ECDSA_WITH_AES_128_CBC_SHA
600 0xc00a, // ECDHE_ECDSA_WITH_AES_256_CBC_SHA
601 0xc011, // ECDHE_RSA_WITH_RC4_128_SHA
602 0xc013, // ECDHE_RSA_WITH_AES_128_CBC_SHA
603 0xc014, // ECDHE_RSA_WITH_AES_256_CBC_SHA
604 0xc02b, // ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
605 0xc02f, // ECDHE_RSA_WITH_AES_128_GCM_SHA256
606 0xcc13, // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
607 0xcc14, // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
608 };
609 client_ssl_config_.disabled_cipher_suites.assign(
610 kEcdheCiphers, kEcdheCiphers + arraysize(kEcdheCiphers));
611
612 // Require ECDHE on the server.
613 server_ssl_config_.require_ecdhe = true;
614
615 Initialize();
616
617 TestCompletionCallback connect_callback;
618 TestCompletionCallback handshake_callback;
619
620 int client_ret = client_socket_->Connect(connect_callback.callback());
621 int server_ret = server_socket_->Handshake(handshake_callback.callback());
622
623 client_ret = connect_callback.GetResult(client_ret);
624 server_ret = handshake_callback.GetResult(client_ret);
625
626 ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, client_ret);
627 ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, server_ret);
628 }
629
594 } // namespace net 630 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_server_socket_openssl.cc ('k') | net/spdy/spdy_header_block.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698