| Index: net/socket/ssl_server_socket_unittest.cc
|
| diff --git a/net/socket/ssl_server_socket_unittest.cc b/net/socket/ssl_server_socket_unittest.cc
|
| index fab2cb136a1127db4e282aaff5c363a904fa072f..8cc4ef94c12800561e57bc7d32ddeb2914657d50 100644
|
| --- a/net/socket/ssl_server_socket_unittest.cc
|
| +++ b/net/socket/ssl_server_socket_unittest.cc
|
| @@ -326,30 +326,30 @@ class SSLServerSocketTest : public PlatformTest {
|
| scoped_ptr<crypto::RSAPrivateKey> private_key(
|
| crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector));
|
|
|
| - SSLConfig ssl_config;
|
| - ssl_config.false_start_enabled = false;
|
| - ssl_config.channel_id_enabled = false;
|
| + client_ssl_config_.false_start_enabled = false;
|
| + client_ssl_config_.channel_id_enabled = false;
|
|
|
| // Certificate provided by the host doesn't need authority.
|
| SSLConfig::CertAndStatus cert_and_status;
|
| cert_and_status.cert_status = CERT_STATUS_AUTHORITY_INVALID;
|
| cert_and_status.der_cert = cert_der;
|
| - ssl_config.allowed_bad_certs.push_back(cert_and_status);
|
| + client_ssl_config_.allowed_bad_certs.push_back(cert_and_status);
|
|
|
| HostPortPair host_and_pair("unittest", 0);
|
| SSLClientSocketContext context;
|
| context.cert_verifier = cert_verifier_.get();
|
| context.transport_security_state = transport_security_state_.get();
|
| - client_socket_ =
|
| - socket_factory_->CreateSSLClientSocket(
|
| - client_connection.Pass(), host_and_pair, ssl_config, context);
|
| - server_socket_ = CreateSSLServerSocket(
|
| - server_socket.Pass(),
|
| - cert.get(), private_key.get(), SSLConfig());
|
| + client_socket_ = socket_factory_->CreateSSLClientSocket(
|
| + client_connection.Pass(), host_and_pair, client_ssl_config_, context);
|
| + server_socket_ =
|
| + CreateSSLServerSocket(server_socket.Pass(), cert.get(),
|
| + private_key.get(), server_ssl_config_);
|
| }
|
|
|
| FakeDataChannel channel_1_;
|
| FakeDataChannel channel_2_;
|
| + SSLConfig client_ssl_config_;
|
| + SSLConfig server_ssl_config_;
|
| scoped_ptr<SSLClientSocket> client_socket_;
|
| scoped_ptr<SSLServerSocket> server_socket_;
|
| ClientSocketFactory* socket_factory_;
|
| @@ -591,4 +591,40 @@ TEST_F(SSLServerSocketTest, ExportKeyingMaterial) {
|
| EXPECT_NE(0, memcmp(server_out, client_bad, sizeof(server_out)));
|
| }
|
|
|
| +// Verifies that SSLConfig::require_ecdhe flags works properly.
|
| +TEST_F(SSLServerSocketTest, RequireEcdheFlag) {
|
| + // Disable all ECDHE suites on the client side.
|
| + uint16_t kEcdheCiphers[] = {
|
| + 0xc007, // ECDHE_ECDSA_WITH_RC4_128_SHA
|
| + 0xc009, // ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
| + 0xc00a, // ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
| + 0xc011, // ECDHE_RSA_WITH_RC4_128_SHA
|
| + 0xc013, // ECDHE_RSA_WITH_AES_128_CBC_SHA
|
| + 0xc014, // ECDHE_RSA_WITH_AES_256_CBC_SHA
|
| + 0xc02b, // ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
| + 0xc02f, // ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
| + 0xcc13, // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
| + 0xcc14, // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
| + };
|
| + client_ssl_config_.disabled_cipher_suites.assign(
|
| + kEcdheCiphers, kEcdheCiphers + arraysize(kEcdheCiphers));
|
| +
|
| + // Require ECDHE on the server.
|
| + server_ssl_config_.require_ecdhe = true;
|
| +
|
| + Initialize();
|
| +
|
| + TestCompletionCallback connect_callback;
|
| + TestCompletionCallback handshake_callback;
|
| +
|
| + int client_ret = client_socket_->Connect(connect_callback.callback());
|
| + int server_ret = server_socket_->Handshake(handshake_callback.callback());
|
| +
|
| + client_ret = connect_callback.GetResult(client_ret);
|
| + server_ret = handshake_callback.GetResult(client_ret);
|
| +
|
| + ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, client_ret);
|
| + ASSERT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, server_ret);
|
| +}
|
| +
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 1135373002:
Updated NetLog::ParametersCallback & all related calbacks returning value as scoped_ptr<base::Value…
Base URL: https://chromium.googlesource.com/chromium/src.git@master