OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/ssl_config/ssl_config_service_manager.h" | 5 #include "components/ssl_config/ssl_config_service_manager.h" |
6 | 6 |
| 7 #include <utility> |
| 8 |
| 9 #include "base/feature_list.h" |
7 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| 11 #include "base/memory/scoped_ptr.h" |
8 #include "base/message_loop/message_loop.h" | 12 #include "base/message_loop/message_loop.h" |
9 #include "base/thread_task_runner_handle.h" | 13 #include "base/thread_task_runner_handle.h" |
10 #include "base/values.h" | 14 #include "base/values.h" |
11 #include "components/prefs/testing_pref_service.h" | 15 #include "components/prefs/testing_pref_service.h" |
12 #include "components/ssl_config/ssl_config_prefs.h" | 16 #include "components/ssl_config/ssl_config_prefs.h" |
13 #include "components/ssl_config/ssl_config_switches.h" | 17 #include "components/ssl_config/ssl_config_switches.h" |
14 #include "net/ssl/ssl_config.h" | 18 #include "net/ssl/ssl_config.h" |
15 #include "net/ssl/ssl_config_service.h" | 19 #include "net/ssl/ssl_config_service.h" |
16 #include "testing/gtest/include/gtest/gtest.h" | 20 #include "testing/gtest/include/gtest/gtest.h" |
17 | 21 |
(...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
166 &local_state, base::ThreadTaskRunnerHandle::Get())); | 170 &local_state, base::ThreadTaskRunnerHandle::Get())); |
167 ASSERT_TRUE(config_manager.get()); | 171 ASSERT_TRUE(config_manager.get()); |
168 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 172 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
169 ASSERT_TRUE(config_service.get()); | 173 ASSERT_TRUE(config_service.get()); |
170 | 174 |
171 SSLConfig ssl_config; | 175 SSLConfig ssl_config; |
172 config_service->GetSSLConfig(&ssl_config); | 176 config_service->GetSSLConfig(&ssl_config); |
173 // The command-line option must not have been honored. | 177 // The command-line option must not have been honored. |
174 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); | 178 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); |
175 } | 179 } |
| 180 |
| 181 // Tests that fallback beyond TLS 1.0 cannot be re-enabled. |
| 182 TEST_F(SSLConfigServiceManagerPrefTest, NoTLS1Fallback) { |
| 183 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
| 184 |
| 185 TestingPrefServiceSimple local_state; |
| 186 local_state.SetUserPref(ssl_config::prefs::kSSLVersionFallbackMin, |
| 187 new base::StringValue("tls1")); |
| 188 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 189 |
| 190 scoped_ptr<SSLConfigServiceManager> config_manager( |
| 191 SSLConfigServiceManager::CreateDefaultManager( |
| 192 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 193 ASSERT_TRUE(config_manager.get()); |
| 194 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 195 ASSERT_TRUE(config_service.get()); |
| 196 |
| 197 SSLConfig ssl_config; |
| 198 config_service->GetSSLConfig(&ssl_config); |
| 199 // The command-line option must not have been honored. |
| 200 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_2, ssl_config.version_fallback_min); |
| 201 } |
| 202 |
| 203 // Tests that the TLS 1.1 fallback may be re-enabled via features. |
| 204 TEST_F(SSLConfigServiceManagerPrefTest, TLSFallbackFeature) { |
| 205 // Toggle the feature. |
| 206 base::FeatureList::ClearInstanceForTesting(); |
| 207 scoped_ptr<base::FeatureList> feature_list(new base::FeatureList); |
| 208 feature_list->InitializeFromCommandLine("SSLVersionFallbackTLSv1.1", |
| 209 std::string()); |
| 210 base::FeatureList::SetInstance(std::move(feature_list)); |
| 211 |
| 212 TestingPrefServiceSimple local_state; |
| 213 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 214 |
| 215 scoped_ptr<SSLConfigServiceManager> config_manager( |
| 216 SSLConfigServiceManager::CreateDefaultManager( |
| 217 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 218 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 219 ASSERT_TRUE(config_service.get()); |
| 220 |
| 221 // The feature should have switched the default version_fallback_min value. |
| 222 SSLConfig ssl_config; |
| 223 config_service->GetSSLConfig(&ssl_config); |
| 224 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_1, ssl_config.version_fallback_min); |
| 225 } |
OLD | NEW |