Do not roll back to SSL 3.0 for Google properties.

chrome/browser/net/ssl_config_service_manager_pref_unittest.cc

Index: chrome/browser/net/ssl_config_service_manager_pref_unittest.cc
diff --git a/chrome/browser/net/ssl_config_service_manager_pref_unittest.cc b/chrome/browser/net/ssl_config_service_manager_pref_unittest.cc
index 42ee6935b50af91f4893df534a86400d1c21fec8..c35fa2f8c903ef326f5cf4edacda8bdbbe0aa99e 100644
--- a/chrome/browser/net/ssl_config_service_manager_pref_unittest.cc
+++ b/chrome/browser/net/ssl_config_service_manager_pref_unittest.cc
@@ -220,8 +220,11 @@ TEST_F(SSLConfigServiceManagerPrefTest, BadDisabledCipherSuites) {
   EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]);
 }
 
-// Test that without command-line settings for minimum and maximum SSL
-// versions, SSL 3.0 ~ default_version_max() are enabled.
+// Test that without command-line settings:
+// * for minimum and maximum SSL versions, SSL 3.0 ~ default_version_max() are
+//   enabled;
+// * |ssl_version_min_preloaded_disabled| is false;
+// * |ssl_version_min_learning_enabled| is false.

[agl, 2013/04/15 15:23:51]

This comment line looks to be a left-over.

[thaidn_google, 2013/04/16 00:38:16]

Done.

 TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) {
   scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore());
 
@@ -245,10 +248,13 @@ TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) {
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_min);
   EXPECT_EQ(net::SSLConfigService::default_version_max(),
             ssl_config.version_max);
+  EXPECT_FALSE(ssl_config.ssl_version_min_preloaded_disabled);
 
   // The settings should not be added to the local_state.
   EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMin));
   EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMax));
+  EXPECT_FALSE(local_state->HasPrefPath(
+      prefs::kDisableSSLVersionMinPreloaded));
 
   // Explicitly double-check the settings are not in the preference store.
   std::string version_min_str;
@@ -257,6 +263,10 @@ TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) {
                                             &version_min_str));
   EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMax,
                                             &version_max_str));
+  bool tmp;

[agl, 2013/04/15 15:23:51]

I'd use a real variable name rather than just |tmp| - we do above.

[thaidn_google, 2013/04/16 00:38:16]

Done.

+  EXPECT_FALSE(local_state_store->GetBoolean(
+      prefs::kDisableSSLVersionMinPreloaded,
+      &tmp));
 }
 
 // Test that command-line settings for minimum and maximum SSL versions are
@@ -267,6 +277,7 @@ TEST_F(SSLConfigServiceManagerPrefTest, CommandLinePrefs) {
   CommandLine command_line(CommandLine::NO_PROGRAM);
   command_line.AppendSwitchASCII(switches::kSSLVersionMin, "tls1");
   command_line.AppendSwitchASCII(switches::kSSLVersionMax, "ssl3");
+  command_line.AppendSwitch(switches::kDisableSSLVersionMinPreloaded);
 
   PrefServiceMockBuilder builder;
   builder.WithUserPrefs(local_state_store.get());
@@ -287,6 +298,7 @@ TEST_F(SSLConfigServiceManagerPrefTest, CommandLinePrefs) {
   // Command-line flags should be respected.
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min);
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max);
+  EXPECT_TRUE(ssl_config.ssl_version_min_preloaded_disabled);
 
   // Explicitly double-check the settings are not in the preference store.
   const PrefService::Preference* version_min_pref =
@@ -297,10 +309,18 @@ TEST_F(SSLConfigServiceManagerPrefTest, CommandLinePrefs) {
       local_state->FindPreference(prefs::kSSLVersionMax);
   EXPECT_FALSE(version_max_pref->IsUserModifiable());
 
+  const PrefService::Preference* preloaded_pref =
+      local_state->FindPreference(prefs::kDisableSSLVersionMinPreloaded);
+  EXPECT_FALSE(preloaded_pref->IsUserModifiable());
+
   std::string version_min_str;
   std::string version_max_str;
   EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMin,
                                             &version_min_str));
   EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMax,
                                             &version_max_str));
+  bool tmp;

[agl, 2013/04/15 15:23:51]

ditto.

[thaidn_google, 2013/04/16 00:38:16]

Done.

+  EXPECT_FALSE(local_state_store->GetBoolean(
+      prefs::kDisableSSLVersionMinPreloaded,
+      &tmp));
 }