Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1542)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/socket/ssl_client_socket_unittest.cc

Issue 2653773003: Remove remnants of DHE support. (Closed)
Patch Set: adjust tests Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/socket/ssl_client_socket_impl.cc ('k') | net/ssl/ssl_config.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/socket/ssl_client_socket_unittest.cc
diff --git a/net/socket/ssl_client_socket_unittest.cc b/net/socket/ssl_client_socket_unittest.cc
index 58c7fa811de607e5ca62b80453a3c009134885d3..ec24dcb762deb08e4e428a1ca8ba17a6ce504e44 100644
--- a/net/socket/ssl_client_socket_unittest.cc
+++ b/net/socket/ssl_client_socket_unittest.cc
@@ -2596,34 +2596,17 @@ TEST_F(SSLClientSocketTest, CertificateErrorNoResume) {
EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
}
-// Test that DHE is removed but gives a dedicated error. Also test that the
-// dhe_enabled option can restore it.
-TEST_F(SSLClientSocketTest, DHE) {
+// Test that DHE is removed.
+TEST_F(SSLClientSocketTest, NoDHE) {
SpawnedTestServer::SSLOptions ssl_options;
ssl_options.key_exchanges =
SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA;
ASSERT_TRUE(StartTestServer(ssl_options));
- // Normal handshakes with DHE do not work, with or without DHE enabled.
SSLConfig ssl_config;
int rv;
ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
EXPECT_THAT(rv, IsError(ERR_SSL_VERSION_OR_CIPHER_MISMATCH));
-
- ssl_config.dhe_enabled = true;
- ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
- EXPECT_THAT(rv, IsError(ERR_SSL_VERSION_OR_CIPHER_MISMATCH));
-
- // Enabling deprecated ciphers gives DHE a dedicated error code.
- ssl_config.dhe_enabled = false;
- ssl_config.deprecated_cipher_suites_enabled = true;
- ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
- EXPECT_THAT(rv, IsError(ERR_SSL_OBSOLETE_CIPHER));
-
- // Enabling both deprecated ciphers and DHE restores it.
- ssl_config.dhe_enabled = true;
- ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
- EXPECT_THAT(rv, IsOk());
}
// Tests that enabling deprecated ciphers shards the session cache.
@@ -2776,21 +2759,6 @@ TEST_F(SSLClientSocketFalseStartTest, RSA) {
TestFalseStart(server_options, client_config, false));
}
-// Test that False Start is disabled with DHE_RSA ciphers.
-TEST_F(SSLClientSocketFalseStartTest, DHE_RSA) {
- SpawnedTestServer::SSLOptions server_options;
- server_options.key_exchanges =
- SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA;
- server_options.bulk_ciphers =
- SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
- server_options.alpn_protocols.push_back("http/1.1");
- SSLConfig client_config;
- client_config.alpn_protos.push_back(kProtoHTTP11);
- // DHE is only advertised when deprecated ciphers are enabled.
- client_config.deprecated_cipher_suites_enabled = true;
- ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, false));
-}
-
// Test that False Start is disabled without an AEAD.
TEST_F(SSLClientSocketFalseStartTest, NoAEAD) {
SpawnedTestServer::SSLOptions server_options;
« no previous file with comments | « net/socket/ssl_client_socket_impl.cc ('k') | net/ssl/ssl_config.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698