OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <memory> | 5 #include <memory> |
6 #include <utility> | 6 #include <utility> |
7 | 7 |
8 #include "base/feature_list.h" | 8 #include "base/feature_list.h" |
9 #include "base/memory/ref_counted.h" | 9 #include "base/memory/ref_counted.h" |
10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
171 ASSERT_TRUE(config_manager.get()); | 171 ASSERT_TRUE(config_manager.get()); |
172 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 172 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
173 ASSERT_TRUE(config_service.get()); | 173 ASSERT_TRUE(config_service.get()); |
174 | 174 |
175 SSLConfig ssl_config; | 175 SSLConfig ssl_config; |
176 config_service->GetSSLConfig(&ssl_config); | 176 config_service->GetSSLConfig(&ssl_config); |
177 // The command-line option must not have been honored. | 177 // The command-line option must not have been honored. |
178 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); | 178 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); |
179 } | 179 } |
180 | 180 |
181 // Tests that fallback beyond TLS 1.0 cannot be re-enabled. | |
182 TEST_F(SSLConfigServiceManagerPrefTest, NoTLS1Fallback) { | |
183 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | |
184 | |
185 TestingPrefServiceSimple local_state; | |
186 local_state.SetUserPref(ssl_config::prefs::kSSLVersionFallbackMin, | |
187 new base::StringValue("tls1")); | |
188 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | |
189 | |
190 std::unique_ptr<SSLConfigServiceManager> config_manager( | |
191 SSLConfigServiceManager::CreateDefaultManager( | |
192 &local_state, base::ThreadTaskRunnerHandle::Get())); | |
193 ASSERT_TRUE(config_manager.get()); | |
194 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | |
195 ASSERT_TRUE(config_service.get()); | |
196 | |
197 SSLConfig ssl_config; | |
198 config_service->GetSSLConfig(&ssl_config); | |
199 // The command-line option must not have been honored. | |
200 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_2, ssl_config.version_fallback_min); | |
201 } | |
202 | |
203 // Tests that DHE may be re-enabled via features. | 181 // Tests that DHE may be re-enabled via features. |
204 TEST_F(SSLConfigServiceManagerPrefTest, DHEFeature) { | 182 TEST_F(SSLConfigServiceManagerPrefTest, DHEFeature) { |
205 // Toggle the feature. | 183 // Toggle the feature. |
206 base::FeatureList::ClearInstanceForTesting(); | 184 base::FeatureList::ClearInstanceForTesting(); |
207 std::unique_ptr<base::FeatureList> feature_list(new base::FeatureList); | 185 std::unique_ptr<base::FeatureList> feature_list(new base::FeatureList); |
208 feature_list->InitializeFromCommandLine("DHECiphers", std::string()); | 186 feature_list->InitializeFromCommandLine("DHECiphers", std::string()); |
209 base::FeatureList::SetInstance(std::move(feature_list)); | 187 base::FeatureList::SetInstance(std::move(feature_list)); |
210 | 188 |
211 TestingPrefServiceSimple local_state; | 189 TestingPrefServiceSimple local_state; |
212 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 190 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
213 | 191 |
214 std::unique_ptr<SSLConfigServiceManager> config_manager( | 192 std::unique_ptr<SSLConfigServiceManager> config_manager( |
215 SSLConfigServiceManager::CreateDefaultManager( | 193 SSLConfigServiceManager::CreateDefaultManager( |
216 &local_state, base::ThreadTaskRunnerHandle::Get())); | 194 &local_state, base::ThreadTaskRunnerHandle::Get())); |
217 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 195 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
218 ASSERT_TRUE(config_service.get()); | 196 ASSERT_TRUE(config_service.get()); |
219 | 197 |
220 // The feature should have switched the default version_fallback_min value. | 198 // The feature should have switched the default version_fallback_min value. |
221 SSLConfig ssl_config; | 199 SSLConfig ssl_config; |
222 config_service->GetSSLConfig(&ssl_config); | 200 config_service->GetSSLConfig(&ssl_config); |
223 EXPECT_TRUE(ssl_config.dhe_enabled); | 201 EXPECT_TRUE(ssl_config.dhe_enabled); |
224 } | 202 } |
OLD | NEW |