OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
8 #include "base/location.h" | 8 #include "base/location.h" |
9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
(...skipping 2484 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2495 // offer the > TLS 1.0 session, so this must have been the session from the | 2495 // offer the > TLS 1.0 session, so this must have been the session from the |
2496 // first fallback connection. | 2496 // first fallback connection. |
2497 ASSERT_TRUE(CreateAndConnectSSLClientSocket(fallback_ssl_config, &rv)); | 2497 ASSERT_TRUE(CreateAndConnectSSLClientSocket(fallback_ssl_config, &rv)); |
2498 EXPECT_EQ(OK, rv); | 2498 EXPECT_EQ(OK, rv); |
2499 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); | 2499 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); |
2500 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type); | 2500 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type); |
2501 EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1, | 2501 EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1, |
2502 SSLConnectionStatusToVersion(ssl_info.connection_status)); | 2502 SSLConnectionStatusToVersion(ssl_info.connection_status)); |
2503 } | 2503 } |
2504 | 2504 |
2505 // Test that RC4 is only enabled if enable_deprecated_cipher_suites is set. | 2505 // Test that RC4 is only enabled if rc4_enabled is set. |
2506 TEST_F(SSLClientSocketTest, DeprecatedRC4) { | 2506 TEST_F(SSLClientSocketTest, RC4Enabled) { |
2507 SpawnedTestServer::SSLOptions ssl_options; | 2507 SpawnedTestServer::SSLOptions ssl_options; |
2508 ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_RC4; | 2508 ssl_options.bulk_ciphers = SpawnedTestServer::SSLOptions::BULK_CIPHER_RC4; |
2509 ASSERT_TRUE(StartTestServer(ssl_options)); | 2509 ASSERT_TRUE(StartTestServer(ssl_options)); |
2510 | 2510 |
2511 // Normal handshakes with RC4 do not work. | 2511 // Normal handshakes with RC4 do not work. |
2512 SSLConfig ssl_config; | 2512 SSLConfig ssl_config; |
2513 int rv; | 2513 int rv; |
2514 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2514 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2515 EXPECT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, rv); | 2515 EXPECT_EQ(ERR_SSL_VERSION_OR_CIPHER_MISMATCH, rv); |
2516 | 2516 |
2517 // Enabling deprecated ciphers works fine. | 2517 // Enabling RC4 works fine. |
2518 ssl_config.enable_deprecated_cipher_suites = true; | 2518 ssl_config.rc4_enabled = true; |
2519 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2519 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2520 EXPECT_EQ(OK, rv); | 2520 EXPECT_EQ(OK, rv); |
2521 } | 2521 } |
2522 | 2522 |
2523 // Tests that enabling deprecated ciphers shards the session cache. | 2523 // Tests that enabling deprecated ciphers shards the session cache. |
2524 TEST_F(SSLClientSocketTest, DeprecatedShardSessionCache) { | 2524 TEST_F(SSLClientSocketTest, DeprecatedShardSessionCache) { |
2525 ASSERT_TRUE(StartTestServer(SpawnedTestServer::SSLOptions())); | 2525 ASSERT_TRUE(StartTestServer(SpawnedTestServer::SSLOptions())); |
2526 | 2526 |
2527 // Prepare a normal and deprecated SSL config. | 2527 // Prepare a normal and deprecated SSL config. |
2528 SSLConfig ssl_config; | 2528 SSLConfig ssl_config; |
2529 SSLConfig deprecated_ssl_config; | 2529 SSLConfig deprecated_ssl_config; |
2530 deprecated_ssl_config.enable_deprecated_cipher_suites = true; | 2530 deprecated_ssl_config.deprecated_cipher_suites_enabled = true; |
2531 | 2531 |
2532 // Connect with deprecated ciphers enabled to warm the session cache cache. | 2532 // Connect with deprecated ciphers enabled to warm the session cache cache. |
2533 int rv; | 2533 int rv; |
2534 ASSERT_TRUE(CreateAndConnectSSLClientSocket(deprecated_ssl_config, &rv)); | 2534 ASSERT_TRUE(CreateAndConnectSSLClientSocket(deprecated_ssl_config, &rv)); |
2535 EXPECT_EQ(OK, rv); | 2535 EXPECT_EQ(OK, rv); |
2536 SSLInfo ssl_info; | 2536 SSLInfo ssl_info; |
2537 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); | 2537 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); |
2538 EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type); | 2538 EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type); |
2539 | 2539 |
2540 // Test that re-connecting with deprecated ciphers enabled still resumes. | 2540 // Test that re-connecting with deprecated ciphers enabled still resumes. |
(...skipping 474 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3015 int rv; | 3015 int rv; |
3016 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); | 3016 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); |
3017 EXPECT_EQ(OK, rv); | 3017 EXPECT_EQ(OK, rv); |
3018 | 3018 |
3019 std::string proto; | 3019 std::string proto; |
3020 EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported, | 3020 EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported, |
3021 sock_->GetNextProto(&proto)); | 3021 sock_->GetNextProto(&proto)); |
3022 } | 3022 } |
3023 | 3023 |
3024 } // namespace net | 3024 } // namespace net |
OLD | NEW |