| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/ssl_config/ssl_config_service_manager.h" | 5 #include <memory> |
| 6 | |
| 7 #include <utility> | 6 #include <utility> |
| 8 | 7 |
| 9 #include "base/feature_list.h" | 8 #include "base/feature_list.h" |
| 10 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
| 11 #include "base/memory/scoped_ptr.h" | |
| 12 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| 13 #include "base/thread_task_runner_handle.h" | 11 #include "base/thread_task_runner_handle.h" |
| 14 #include "base/values.h" | 12 #include "base/values.h" |
| 15 #include "components/prefs/testing_pref_service.h" | 13 #include "components/prefs/testing_pref_service.h" |
| 16 #include "components/ssl_config/ssl_config_prefs.h" | 14 #include "components/ssl_config/ssl_config_prefs.h" |
| 15 #include "components/ssl_config/ssl_config_service_manager.h" |
| 17 #include "components/ssl_config/ssl_config_switches.h" | 16 #include "components/ssl_config/ssl_config_switches.h" |
| 18 #include "net/ssl/ssl_config.h" | 17 #include "net/ssl/ssl_config.h" |
| 19 #include "net/ssl/ssl_config_service.h" | 18 #include "net/ssl/ssl_config_service.h" |
| 20 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
| 21 | 20 |
| 22 using base::ListValue; | 21 using base::ListValue; |
| 23 using net::SSLConfig; | 22 using net::SSLConfig; |
| 24 using net::SSLConfigService; | 23 using net::SSLConfigService; |
| 25 using ssl_config::SSLConfigServiceManager; | 24 using ssl_config::SSLConfigServiceManager; |
| 26 | 25 |
| 27 class SSLConfigServiceManagerPrefTest : public testing::Test { | 26 class SSLConfigServiceManagerPrefTest : public testing::Test { |
| 28 public: | 27 public: |
| 29 SSLConfigServiceManagerPrefTest() {} | 28 SSLConfigServiceManagerPrefTest() {} |
| 30 | 29 |
| 31 protected: | 30 protected: |
| 32 base::MessageLoop message_loop_; | 31 base::MessageLoop message_loop_; |
| 33 }; | 32 }; |
| 34 | 33 |
| 35 // Test channel id with no user prefs. | 34 // Test channel id with no user prefs. |
| 36 TEST_F(SSLConfigServiceManagerPrefTest, ChannelIDWithoutUserPrefs) { | 35 TEST_F(SSLConfigServiceManagerPrefTest, ChannelIDWithoutUserPrefs) { |
| 37 TestingPrefServiceSimple local_state; | 36 TestingPrefServiceSimple local_state; |
| 38 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 37 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 39 | 38 |
| 40 scoped_ptr<SSLConfigServiceManager> config_manager( | 39 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 41 SSLConfigServiceManager::CreateDefaultManager( | 40 SSLConfigServiceManager::CreateDefaultManager( |
| 42 &local_state, base::ThreadTaskRunnerHandle::Get())); | 41 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 43 ASSERT_TRUE(config_manager.get()); | 42 ASSERT_TRUE(config_manager.get()); |
| 44 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 43 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 45 ASSERT_TRUE(config_service.get()); | 44 ASSERT_TRUE(config_service.get()); |
| 46 | 45 |
| 47 SSLConfig config; | 46 SSLConfig config; |
| 48 config_service->GetSSLConfig(&config); | 47 config_service->GetSSLConfig(&config); |
| 49 EXPECT_TRUE(config.channel_id_enabled); | 48 EXPECT_TRUE(config.channel_id_enabled); |
| 50 } | 49 } |
| 51 | 50 |
| 52 // Test that cipher suites can be disabled. "Good" refers to the fact that | 51 // Test that cipher suites can be disabled. "Good" refers to the fact that |
| 53 // every value is expected to be successfully parsed into a cipher suite. | 52 // every value is expected to be successfully parsed into a cipher suite. |
| 54 TEST_F(SSLConfigServiceManagerPrefTest, GoodDisabledCipherSuites) { | 53 TEST_F(SSLConfigServiceManagerPrefTest, GoodDisabledCipherSuites) { |
| 55 TestingPrefServiceSimple local_state; | 54 TestingPrefServiceSimple local_state; |
| 56 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 55 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 57 | 56 |
| 58 scoped_ptr<SSLConfigServiceManager> config_manager( | 57 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 59 SSLConfigServiceManager::CreateDefaultManager( | 58 SSLConfigServiceManager::CreateDefaultManager( |
| 60 &local_state, base::ThreadTaskRunnerHandle::Get())); | 59 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 61 ASSERT_TRUE(config_manager.get()); | 60 ASSERT_TRUE(config_manager.get()); |
| 62 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 61 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 63 ASSERT_TRUE(config_service.get()); | 62 ASSERT_TRUE(config_service.get()); |
| 64 | 63 |
| 65 SSLConfig old_config; | 64 SSLConfig old_config; |
| 66 config_service->GetSSLConfig(&old_config); | 65 config_service->GetSSLConfig(&old_config); |
| 67 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); | 66 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); |
| 68 | 67 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 84 EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); | 83 EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); |
| 85 } | 84 } |
| 86 | 85 |
| 87 // Test that cipher suites can be disabled. "Bad" refers to the fact that | 86 // Test that cipher suites can be disabled. "Bad" refers to the fact that |
| 88 // there are one or more non-cipher suite strings in the preference. They | 87 // there are one or more non-cipher suite strings in the preference. They |
| 89 // should be ignored. | 88 // should be ignored. |
| 90 TEST_F(SSLConfigServiceManagerPrefTest, BadDisabledCipherSuites) { | 89 TEST_F(SSLConfigServiceManagerPrefTest, BadDisabledCipherSuites) { |
| 91 TestingPrefServiceSimple local_state; | 90 TestingPrefServiceSimple local_state; |
| 92 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 91 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 93 | 92 |
| 94 scoped_ptr<SSLConfigServiceManager> config_manager( | 93 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 95 SSLConfigServiceManager::CreateDefaultManager( | 94 SSLConfigServiceManager::CreateDefaultManager( |
| 96 &local_state, base::ThreadTaskRunnerHandle::Get())); | 95 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 97 ASSERT_TRUE(config_manager.get()); | 96 ASSERT_TRUE(config_manager.get()); |
| 98 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 97 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 99 ASSERT_TRUE(config_service.get()); | 98 ASSERT_TRUE(config_service.get()); |
| 100 | 99 |
| 101 SSLConfig old_config; | 100 SSLConfig old_config; |
| 102 config_service->GetSSLConfig(&old_config); | 101 config_service->GetSSLConfig(&old_config); |
| 103 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); | 102 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); |
| 104 | 103 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 122 EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); | 121 EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); |
| 123 } | 122 } |
| 124 | 123 |
| 125 // Test that without command-line settings for minimum and maximum SSL versions, | 124 // Test that without command-line settings for minimum and maximum SSL versions, |
| 126 // TLS versions from 1.0 up to 1.1 or 1.2 are enabled. | 125 // TLS versions from 1.0 up to 1.1 or 1.2 are enabled. |
| 127 TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) { | 126 TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) { |
| 128 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 127 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
| 129 TestingPrefServiceSimple local_state; | 128 TestingPrefServiceSimple local_state; |
| 130 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 129 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 131 | 130 |
| 132 scoped_ptr<SSLConfigServiceManager> config_manager( | 131 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 133 SSLConfigServiceManager::CreateDefaultManager( | 132 SSLConfigServiceManager::CreateDefaultManager( |
| 134 &local_state, base::ThreadTaskRunnerHandle::Get())); | 133 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 135 ASSERT_TRUE(config_manager.get()); | 134 ASSERT_TRUE(config_manager.get()); |
| 136 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 135 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 137 ASSERT_TRUE(config_service.get()); | 136 ASSERT_TRUE(config_service.get()); |
| 138 | 137 |
| 139 SSLConfig ssl_config; | 138 SSLConfig ssl_config; |
| 140 config_service->GetSSLConfig(&ssl_config); | 139 config_service->GetSSLConfig(&ssl_config); |
| 141 // In the absence of command-line options, the default TLS version range is | 140 // In the absence of command-line options, the default TLS version range is |
| 142 // enabled. | 141 // enabled. |
| (...skipping 15 matching lines...) Expand all Loading... |
| 158 | 157 |
| 159 // Tests that "ssl3" is not treated as a valid minimum version. | 158 // Tests that "ssl3" is not treated as a valid minimum version. |
| 160 TEST_F(SSLConfigServiceManagerPrefTest, NoSSL3) { | 159 TEST_F(SSLConfigServiceManagerPrefTest, NoSSL3) { |
| 161 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 160 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
| 162 | 161 |
| 163 TestingPrefServiceSimple local_state; | 162 TestingPrefServiceSimple local_state; |
| 164 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMin, | 163 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMin, |
| 165 new base::StringValue("ssl3")); | 164 new base::StringValue("ssl3")); |
| 166 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 165 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 167 | 166 |
| 168 scoped_ptr<SSLConfigServiceManager> config_manager( | 167 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 169 SSLConfigServiceManager::CreateDefaultManager( | 168 SSLConfigServiceManager::CreateDefaultManager( |
| 170 &local_state, base::ThreadTaskRunnerHandle::Get())); | 169 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 171 ASSERT_TRUE(config_manager.get()); | 170 ASSERT_TRUE(config_manager.get()); |
| 172 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 171 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 173 ASSERT_TRUE(config_service.get()); | 172 ASSERT_TRUE(config_service.get()); |
| 174 | 173 |
| 175 SSLConfig ssl_config; | 174 SSLConfig ssl_config; |
| 176 config_service->GetSSLConfig(&ssl_config); | 175 config_service->GetSSLConfig(&ssl_config); |
| 177 // The command-line option must not have been honored. | 176 // The command-line option must not have been honored. |
| 178 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); | 177 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); |
| 179 } | 178 } |
| 180 | 179 |
| 181 // Tests that fallback beyond TLS 1.0 cannot be re-enabled. | 180 // Tests that fallback beyond TLS 1.0 cannot be re-enabled. |
| 182 TEST_F(SSLConfigServiceManagerPrefTest, NoTLS1Fallback) { | 181 TEST_F(SSLConfigServiceManagerPrefTest, NoTLS1Fallback) { |
| 183 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 182 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
| 184 | 183 |
| 185 TestingPrefServiceSimple local_state; | 184 TestingPrefServiceSimple local_state; |
| 186 local_state.SetUserPref(ssl_config::prefs::kSSLVersionFallbackMin, | 185 local_state.SetUserPref(ssl_config::prefs::kSSLVersionFallbackMin, |
| 187 new base::StringValue("tls1")); | 186 new base::StringValue("tls1")); |
| 188 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 187 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 189 | 188 |
| 190 scoped_ptr<SSLConfigServiceManager> config_manager( | 189 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 191 SSLConfigServiceManager::CreateDefaultManager( | 190 SSLConfigServiceManager::CreateDefaultManager( |
| 192 &local_state, base::ThreadTaskRunnerHandle::Get())); | 191 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 193 ASSERT_TRUE(config_manager.get()); | 192 ASSERT_TRUE(config_manager.get()); |
| 194 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 193 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 195 ASSERT_TRUE(config_service.get()); | 194 ASSERT_TRUE(config_service.get()); |
| 196 | 195 |
| 197 SSLConfig ssl_config; | 196 SSLConfig ssl_config; |
| 198 config_service->GetSSLConfig(&ssl_config); | 197 config_service->GetSSLConfig(&ssl_config); |
| 199 // The command-line option must not have been honored. | 198 // The command-line option must not have been honored. |
| 200 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_2, ssl_config.version_fallback_min); | 199 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_2, ssl_config.version_fallback_min); |
| 201 } | 200 } |
| 202 | 201 |
| 203 // Tests that the TLS 1.1 fallback may be re-enabled via features. | 202 // Tests that the TLS 1.1 fallback may be re-enabled via features. |
| 204 TEST_F(SSLConfigServiceManagerPrefTest, TLSFallbackFeature) { | 203 TEST_F(SSLConfigServiceManagerPrefTest, TLSFallbackFeature) { |
| 205 // Toggle the feature. | 204 // Toggle the feature. |
| 206 base::FeatureList::ClearInstanceForTesting(); | 205 base::FeatureList::ClearInstanceForTesting(); |
| 207 scoped_ptr<base::FeatureList> feature_list(new base::FeatureList); | 206 std::unique_ptr<base::FeatureList> feature_list(new base::FeatureList); |
| 208 feature_list->InitializeFromCommandLine("SSLVersionFallbackTLSv1.1", | 207 feature_list->InitializeFromCommandLine("SSLVersionFallbackTLSv1.1", |
| 209 std::string()); | 208 std::string()); |
| 210 base::FeatureList::SetInstance(std::move(feature_list)); | 209 base::FeatureList::SetInstance(std::move(feature_list)); |
| 211 | 210 |
| 212 TestingPrefServiceSimple local_state; | 211 TestingPrefServiceSimple local_state; |
| 213 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 212 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
| 214 | 213 |
| 215 scoped_ptr<SSLConfigServiceManager> config_manager( | 214 std::unique_ptr<SSLConfigServiceManager> config_manager( |
| 216 SSLConfigServiceManager::CreateDefaultManager( | 215 SSLConfigServiceManager::CreateDefaultManager( |
| 217 &local_state, base::ThreadTaskRunnerHandle::Get())); | 216 &local_state, base::ThreadTaskRunnerHandle::Get())); |
| 218 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 217 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
| 219 ASSERT_TRUE(config_service.get()); | 218 ASSERT_TRUE(config_service.get()); |
| 220 | 219 |
| 221 // The feature should have switched the default version_fallback_min value. | 220 // The feature should have switched the default version_fallback_min value. |
| 222 SSLConfig ssl_config; | 221 SSLConfig ssl_config; |
| 223 config_service->GetSSLConfig(&ssl_config); | 222 config_service->GetSSLConfig(&ssl_config); |
| 224 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_1, ssl_config.version_fallback_min); | 223 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_1, ssl_config.version_fallback_min); |
| 225 } | 224 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1921923002:
Convert //components/[o-t]* from scoped_ptr to std::unique_ptr (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master