Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(93)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_config_service_unittest.cc

Issue 14125003: Do not roll back to SSL 3.0 for Google properties. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix a bug that prevents TLS 1.1 -> TLS 1.0 fallback. Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/ssl/ssl_config_service.cc ('K') | « net/ssl/ssl_config_service.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/ssl_config_service.h" 5 #include "net/ssl/ssl_config_service.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "testing/gmock/include/gmock/gmock.h" 10 #include "testing/gmock/include/gmock/gmock.h"
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 64
65 mock_service->RemoveObserver(&observer); 65 mock_service->RemoveObserver(&observer);
66 } 66 }
67 67
68 TEST(SSLConfigServiceTest, ConfigUpdatesNotifyObservers) { 68 TEST(SSLConfigServiceTest, ConfigUpdatesNotifyObservers) {
69 SSLConfig initial_config; 69 SSLConfig initial_config;
70 initial_config.rev_checking_enabled = true; 70 initial_config.rev_checking_enabled = true;
71 initial_config.false_start_enabled = false; 71 initial_config.false_start_enabled = false;
72 initial_config.version_min = SSL_PROTOCOL_VERSION_SSL3; 72 initial_config.version_min = SSL_PROTOCOL_VERSION_SSL3;
73 initial_config.version_max = SSL_PROTOCOL_VERSION_TLS1_1; 73 initial_config.version_max = SSL_PROTOCOL_VERSION_TLS1_1;
74 initial_config.ssl3_fallback_enabled = false;
wtc 2013/04/18 18:15:34 Set this after line 71 (initial_config.false_start
74 75
75 scoped_refptr<MockSSLConfigService> mock_service( 76 scoped_refptr<MockSSLConfigService> mock_service(
76 new MockSSLConfigService(initial_config)); 77 new MockSSLConfigService(initial_config));
77 MockSSLConfigServiceObserver observer; 78 MockSSLConfigServiceObserver observer;
78 mock_service->AddObserver(&observer); 79 mock_service->AddObserver(&observer);
79 80
80 // Test that the basic boolean preferences trigger updates. 81 // Test that the basic boolean preferences trigger updates.
81 initial_config.rev_checking_enabled = false; 82 initial_config.rev_checking_enabled = false;
82 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 83 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
83 mock_service->SetSSLConfig(initial_config); 84 mock_service->SetSSLConfig(initial_config);
84 85
85 initial_config.false_start_enabled = true; 86 initial_config.false_start_enabled = true;
86 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 87 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
87 mock_service->SetSSLConfig(initial_config); 88 mock_service->SetSSLConfig(initial_config);
88 89
89 // Test that changing the SSL version range triggers updates. 90 // Test that changing the SSL version range triggers updates.
90 initial_config.version_min = SSL_PROTOCOL_VERSION_TLS1; 91 initial_config.version_min = SSL_PROTOCOL_VERSION_TLS1;
91 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 92 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
92 mock_service->SetSSLConfig(initial_config); 93 mock_service->SetSSLConfig(initial_config);
93 94
94 initial_config.version_max = SSL_PROTOCOL_VERSION_SSL3; 95 initial_config.version_max = SSL_PROTOCOL_VERSION_SSL3;
95 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 96 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
96 mock_service->SetSSLConfig(initial_config); 97 mock_service->SetSSLConfig(initial_config);
97 98
99 initial_config.ssl3_fallback_enabled = true;
100 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
101 mock_service->SetSSLConfig(initial_config);
wtc 2013/04/18 18:15:34 Do this after lines 86-88 (which deals with false_
102
98 // Test that disabling certain cipher suites triggers an update. 103 // Test that disabling certain cipher suites triggers an update.
99 std::vector<uint16> disabled_ciphers; 104 std::vector<uint16> disabled_ciphers;
100 disabled_ciphers.push_back(0x0004u); 105 disabled_ciphers.push_back(0x0004u);
101 disabled_ciphers.push_back(0xBEEFu); 106 disabled_ciphers.push_back(0xBEEFu);
102 disabled_ciphers.push_back(0xDEADu); 107 disabled_ciphers.push_back(0xDEADu);
103 initial_config.disabled_cipher_suites = disabled_ciphers; 108 initial_config.disabled_cipher_suites = disabled_ciphers;
104 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 109 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
105 mock_service->SetSSLConfig(initial_config); 110 mock_service->SetSSLConfig(initial_config);
106 111
107 // Ensure that changing a disabled cipher suite, while still maintaining 112 // Ensure that changing a disabled cipher suite, while still maintaining
108 // sorted order, triggers an update. 113 // sorted order, triggers an update.
109 disabled_ciphers[1] = 0xCAFEu; 114 disabled_ciphers[1] = 0xCAFEu;
110 initial_config.disabled_cipher_suites = disabled_ciphers; 115 initial_config.disabled_cipher_suites = disabled_ciphers;
111 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 116 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
112 mock_service->SetSSLConfig(initial_config); 117 mock_service->SetSSLConfig(initial_config);
113 118
114 // Ensure that removing a disabled cipher suite, while still keeping some 119 // Ensure that removing a disabled cipher suite, while still keeping some
115 // cipher suites disabled, triggers an update. 120 // cipher suites disabled, triggers an update.
116 disabled_ciphers.pop_back(); 121 disabled_ciphers.pop_back();
117 initial_config.disabled_cipher_suites = disabled_ciphers; 122 initial_config.disabled_cipher_suites = disabled_ciphers;
118 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1); 123 EXPECT_CALL(observer, OnSSLConfigChanged()).Times(1);
119 mock_service->SetSSLConfig(initial_config); 124 mock_service->SetSSLConfig(initial_config);
120 125
121 mock_service->RemoveObserver(&observer); 126 mock_service->RemoveObserver(&observer);
122 } 127 }
123 128
124 } // namespace net 129 } // namespace net
OLDNEW
« net/ssl/ssl_config_service.cc ('K') | « net/ssl/ssl_config_service.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698