OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <memory> | 5 #include <memory> |
6 #include <utility> | 6 #include <utility> |
7 | 7 |
8 #include "base/feature_list.h" | 8 #include "base/feature_list.h" |
| 9 #include "base/memory/ptr_util.h" |
9 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
10 #include "base/message_loop/message_loop.h" | 11 #include "base/message_loop/message_loop.h" |
11 #include "base/run_loop.h" | 12 #include "base/run_loop.h" |
12 #include "base/test/scoped_feature_list.h" | 13 #include "base/test/scoped_feature_list.h" |
13 #include "base/threading/thread_task_runner_handle.h" | 14 #include "base/threading/thread_task_runner_handle.h" |
14 #include "base/values.h" | 15 #include "base/values.h" |
15 #include "components/prefs/testing_pref_service.h" | 16 #include "components/prefs/testing_pref_service.h" |
16 #include "components/ssl_config/ssl_config_prefs.h" | 17 #include "components/ssl_config/ssl_config_prefs.h" |
17 #include "components/ssl_config/ssl_config_service_manager.h" | 18 #include "components/ssl_config/ssl_config_service_manager.h" |
18 #include "components/ssl_config/ssl_config_switches.h" | 19 #include "components/ssl_config/ssl_config_switches.h" |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
60 SSLConfigServiceManager::CreateDefaultManager( | 61 SSLConfigServiceManager::CreateDefaultManager( |
61 &local_state, base::ThreadTaskRunnerHandle::Get())); | 62 &local_state, base::ThreadTaskRunnerHandle::Get())); |
62 ASSERT_TRUE(config_manager.get()); | 63 ASSERT_TRUE(config_manager.get()); |
63 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 64 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
64 ASSERT_TRUE(config_service.get()); | 65 ASSERT_TRUE(config_service.get()); |
65 | 66 |
66 SSLConfig old_config; | 67 SSLConfig old_config; |
67 config_service->GetSSLConfig(&old_config); | 68 config_service->GetSSLConfig(&old_config); |
68 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); | 69 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); |
69 | 70 |
70 base::ListValue* list_value = new base::ListValue(); | 71 auto list_value = base::MakeUnique<base::ListValue>(); |
71 list_value->AppendString("0x0004"); | 72 list_value->AppendString("0x0004"); |
72 list_value->AppendString("0x0005"); | 73 list_value->AppendString("0x0005"); |
73 local_state.SetUserPref(ssl_config::prefs::kCipherSuiteBlacklist, list_value); | 74 local_state.SetUserPref(ssl_config::prefs::kCipherSuiteBlacklist, |
| 75 std::move(list_value)); |
74 | 76 |
75 // Pump the message loop to notify the SSLConfigServiceManagerPref that the | 77 // Pump the message loop to notify the SSLConfigServiceManagerPref that the |
76 // preferences changed. | 78 // preferences changed. |
77 base::RunLoop().RunUntilIdle(); | 79 base::RunLoop().RunUntilIdle(); |
78 | 80 |
79 SSLConfig config; | 81 SSLConfig config; |
80 config_service->GetSSLConfig(&config); | 82 config_service->GetSSLConfig(&config); |
81 | 83 |
82 EXPECT_NE(old_config.disabled_cipher_suites, config.disabled_cipher_suites); | 84 EXPECT_NE(old_config.disabled_cipher_suites, config.disabled_cipher_suites); |
83 ASSERT_EQ(2u, config.disabled_cipher_suites.size()); | 85 ASSERT_EQ(2u, config.disabled_cipher_suites.size()); |
(...skipping 12 matching lines...) Expand all Loading... |
96 SSLConfigServiceManager::CreateDefaultManager( | 98 SSLConfigServiceManager::CreateDefaultManager( |
97 &local_state, base::ThreadTaskRunnerHandle::Get())); | 99 &local_state, base::ThreadTaskRunnerHandle::Get())); |
98 ASSERT_TRUE(config_manager.get()); | 100 ASSERT_TRUE(config_manager.get()); |
99 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 101 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
100 ASSERT_TRUE(config_service.get()); | 102 ASSERT_TRUE(config_service.get()); |
101 | 103 |
102 SSLConfig old_config; | 104 SSLConfig old_config; |
103 config_service->GetSSLConfig(&old_config); | 105 config_service->GetSSLConfig(&old_config); |
104 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); | 106 EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); |
105 | 107 |
106 base::ListValue* list_value = new base::ListValue(); | 108 auto list_value = base::MakeUnique<base::ListValue>(); |
107 list_value->AppendString("0x0004"); | 109 list_value->AppendString("0x0004"); |
108 list_value->AppendString("TLS_NOT_WITH_A_CIPHER_SUITE"); | 110 list_value->AppendString("TLS_NOT_WITH_A_CIPHER_SUITE"); |
109 list_value->AppendString("0x0005"); | 111 list_value->AppendString("0x0005"); |
110 list_value->AppendString("0xBEEFY"); | 112 list_value->AppendString("0xBEEFY"); |
111 local_state.SetUserPref(ssl_config::prefs::kCipherSuiteBlacklist, list_value); | 113 local_state.SetUserPref(ssl_config::prefs::kCipherSuiteBlacklist, |
| 114 std::move(list_value)); |
112 | 115 |
113 // Pump the message loop to notify the SSLConfigServiceManagerPref that the | 116 // Pump the message loop to notify the SSLConfigServiceManagerPref that the |
114 // preferences changed. | 117 // preferences changed. |
115 base::RunLoop().RunUntilIdle(); | 118 base::RunLoop().RunUntilIdle(); |
116 | 119 |
117 SSLConfig config; | 120 SSLConfig config; |
118 config_service->GetSSLConfig(&config); | 121 config_service->GetSSLConfig(&config); |
119 | 122 |
120 EXPECT_NE(old_config.disabled_cipher_suites, config.disabled_cipher_suites); | 123 EXPECT_NE(old_config.disabled_cipher_suites, config.disabled_cipher_suites); |
121 ASSERT_EQ(2u, config.disabled_cipher_suites.size()); | 124 ASSERT_EQ(2u, config.disabled_cipher_suites.size()); |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
156 EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kSSLVersionMax, | 159 EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kSSLVersionMax, |
157 &version_max_str)); | 160 &version_max_str)); |
158 } | 161 } |
159 | 162 |
160 // Tests that "ssl3" is not treated as a valid minimum version. | 163 // Tests that "ssl3" is not treated as a valid minimum version. |
161 TEST_F(SSLConfigServiceManagerPrefTest, NoSSL3) { | 164 TEST_F(SSLConfigServiceManagerPrefTest, NoSSL3) { |
162 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 165 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
163 | 166 |
164 TestingPrefServiceSimple local_state; | 167 TestingPrefServiceSimple local_state; |
165 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMin, | 168 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMin, |
166 new base::Value("ssl3")); | 169 base::MakeUnique<base::Value>("ssl3")); |
167 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 170 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
168 | 171 |
169 std::unique_ptr<SSLConfigServiceManager> config_manager( | 172 std::unique_ptr<SSLConfigServiceManager> config_manager( |
170 SSLConfigServiceManager::CreateDefaultManager( | 173 SSLConfigServiceManager::CreateDefaultManager( |
171 &local_state, base::ThreadTaskRunnerHandle::Get())); | 174 &local_state, base::ThreadTaskRunnerHandle::Get())); |
172 ASSERT_TRUE(config_manager.get()); | 175 ASSERT_TRUE(config_manager.get()); |
173 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 176 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
174 ASSERT_TRUE(config_service.get()); | 177 ASSERT_TRUE(config_service.get()); |
175 | 178 |
176 SSLConfig ssl_config; | 179 SSLConfig ssl_config; |
177 config_service->GetSSLConfig(&ssl_config); | 180 config_service->GetSSLConfig(&ssl_config); |
178 // The command-line option must not have been honored. | 181 // The command-line option must not have been honored. |
179 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); | 182 EXPECT_LE(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); |
180 } | 183 } |
181 | 184 |
182 // Tests that SSL max version correctly sets the maximum version. | 185 // Tests that SSL max version correctly sets the maximum version. |
183 TEST_F(SSLConfigServiceManagerPrefTest, SSLVersionMax) { | 186 TEST_F(SSLConfigServiceManagerPrefTest, SSLVersionMax) { |
184 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 187 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
185 | 188 |
186 TestingPrefServiceSimple local_state; | 189 TestingPrefServiceSimple local_state; |
187 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMax, | 190 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMax, |
188 new base::Value("tls1.3")); | 191 base::MakeUnique<base::Value>("tls1.3")); |
189 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 192 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
190 | 193 |
191 std::unique_ptr<SSLConfigServiceManager> config_manager( | 194 std::unique_ptr<SSLConfigServiceManager> config_manager( |
192 SSLConfigServiceManager::CreateDefaultManager( | 195 SSLConfigServiceManager::CreateDefaultManager( |
193 &local_state, base::ThreadTaskRunnerHandle::Get())); | 196 &local_state, base::ThreadTaskRunnerHandle::Get())); |
194 ASSERT_TRUE(config_manager.get()); | 197 ASSERT_TRUE(config_manager.get()); |
195 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 198 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
196 ASSERT_TRUE(config_service.get()); | 199 ASSERT_TRUE(config_service.get()); |
197 | 200 |
198 SSLConfig ssl_config; | 201 SSLConfig ssl_config; |
199 config_service->GetSSLConfig(&ssl_config); | 202 config_service->GetSSLConfig(&ssl_config); |
200 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max); | 203 EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max); |
201 } | 204 } |
202 | 205 |
203 // Tests that SSL max version can not be set below TLS 1.2. | 206 // Tests that SSL max version can not be set below TLS 1.2. |
204 TEST_F(SSLConfigServiceManagerPrefTest, NoTLS11Max) { | 207 TEST_F(SSLConfigServiceManagerPrefTest, NoTLS11Max) { |
205 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 208 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
206 | 209 |
207 TestingPrefServiceSimple local_state; | 210 TestingPrefServiceSimple local_state; |
208 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMax, | 211 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMax, |
209 new base::Value("tls1.1")); | 212 base::MakeUnique<base::Value>("tls1.1")); |
210 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 213 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
211 | 214 |
212 std::unique_ptr<SSLConfigServiceManager> config_manager( | 215 std::unique_ptr<SSLConfigServiceManager> config_manager( |
213 SSLConfigServiceManager::CreateDefaultManager( | 216 SSLConfigServiceManager::CreateDefaultManager( |
214 &local_state, base::ThreadTaskRunnerHandle::Get())); | 217 &local_state, base::ThreadTaskRunnerHandle::Get())); |
215 ASSERT_TRUE(config_manager.get()); | 218 ASSERT_TRUE(config_manager.get()); |
216 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 219 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
217 ASSERT_TRUE(config_service.get()); | 220 ASSERT_TRUE(config_service.get()); |
218 | 221 |
219 SSLConfig ssl_config; | 222 SSLConfig ssl_config; |
(...skipping 25 matching lines...) Expand all Loading... |
245 // Tests that the SSLVersionMax preference overwites the TLS 1.3 feature. | 248 // Tests that the SSLVersionMax preference overwites the TLS 1.3 feature. |
246 TEST_F(SSLConfigServiceManagerPrefTest, TLS13SSLVersionMax) { | 249 TEST_F(SSLConfigServiceManagerPrefTest, TLS13SSLVersionMax) { |
247 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); | 250 scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); |
248 | 251 |
249 // Toggle the feature. | 252 // Toggle the feature. |
250 base::test::ScopedFeatureList scoped_feature_list; | 253 base::test::ScopedFeatureList scoped_feature_list; |
251 scoped_feature_list.InitFromCommandLine("NegotiateTLS13", std::string()); | 254 scoped_feature_list.InitFromCommandLine("NegotiateTLS13", std::string()); |
252 | 255 |
253 TestingPrefServiceSimple local_state; | 256 TestingPrefServiceSimple local_state; |
254 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMax, | 257 local_state.SetUserPref(ssl_config::prefs::kSSLVersionMax, |
255 new base::Value("tls1.2")); | 258 base::MakeUnique<base::Value>("tls1.2")); |
256 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); | 259 SSLConfigServiceManager::RegisterPrefs(local_state.registry()); |
257 | 260 |
258 std::unique_ptr<SSLConfigServiceManager> config_manager( | 261 std::unique_ptr<SSLConfigServiceManager> config_manager( |
259 SSLConfigServiceManager::CreateDefaultManager( | 262 SSLConfigServiceManager::CreateDefaultManager( |
260 &local_state, base::ThreadTaskRunnerHandle::Get())); | 263 &local_state, base::ThreadTaskRunnerHandle::Get())); |
261 ASSERT_TRUE(config_manager.get()); | 264 ASSERT_TRUE(config_manager.get()); |
262 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); | 265 scoped_refptr<SSLConfigService> config_service(config_manager->Get()); |
263 ASSERT_TRUE(config_service.get()); | 266 ASSERT_TRUE(config_service.get()); |
264 | 267 |
265 SSLConfig ssl_config; | 268 SSLConfig ssl_config; |
(...skipping 22 matching lines...) Expand all Loading... |
288 | 291 |
289 // Using a pref service without any preference set should result in | 292 // Using a pref service without any preference set should result in |
290 // SHA-1 local trust anchors being disabled. | 293 // SHA-1 local trust anchors being disabled. |
291 SSLConfig config2; | 294 SSLConfig config2; |
292 config_service->GetSSLConfig(&config2); | 295 config_service->GetSSLConfig(&config2); |
293 EXPECT_FALSE(config2.sha1_local_anchors_enabled); | 296 EXPECT_FALSE(config2.sha1_local_anchors_enabled); |
294 | 297 |
295 // Enabling the local preference should result in SHA-1 local trust anchors | 298 // Enabling the local preference should result in SHA-1 local trust anchors |
296 // being enabled. | 299 // being enabled. |
297 local_state.SetUserPref(ssl_config::prefs::kCertEnableSha1LocalAnchors, | 300 local_state.SetUserPref(ssl_config::prefs::kCertEnableSha1LocalAnchors, |
298 new base::Value(true)); | 301 base::MakeUnique<base::Value>(true)); |
299 // Pump the message loop to notify the SSLConfigServiceManagerPref that the | 302 // Pump the message loop to notify the SSLConfigServiceManagerPref that the |
300 // preferences changed. | 303 // preferences changed. |
301 base::RunLoop().RunUntilIdle(); | 304 base::RunLoop().RunUntilIdle(); |
302 | 305 |
303 SSLConfig config3; | 306 SSLConfig config3; |
304 config_service->GetSSLConfig(&config3); | 307 config_service->GetSSLConfig(&config3); |
305 EXPECT_TRUE(config3.sha1_local_anchors_enabled); | 308 EXPECT_TRUE(config3.sha1_local_anchors_enabled); |
306 | 309 |
307 // Disabling the local preference should result in SHA-1 local trust | 310 // Disabling the local preference should result in SHA-1 local trust |
308 // anchors being disabled. | 311 // anchors being disabled. |
309 local_state.SetUserPref(ssl_config::prefs::kCertEnableSha1LocalAnchors, | 312 local_state.SetUserPref(ssl_config::prefs::kCertEnableSha1LocalAnchors, |
310 new base::Value(false)); | 313 base::MakeUnique<base::Value>(false)); |
311 // Pump the message loop to notify the SSLConfigServiceManagerPref that the | 314 // Pump the message loop to notify the SSLConfigServiceManagerPref that the |
312 // preferences changed. | 315 // preferences changed. |
313 base::RunLoop().RunUntilIdle(); | 316 base::RunLoop().RunUntilIdle(); |
314 | 317 |
315 SSLConfig config4; | 318 SSLConfig config4; |
316 config_service->GetSSLConfig(&config4); | 319 config_service->GetSSLConfig(&config4); |
317 EXPECT_FALSE(config4.sha1_local_anchors_enabled); | 320 EXPECT_FALSE(config4.sha1_local_anchors_enabled); |
318 } | 321 } |
OLD | NEW |