Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(241)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_unittest.cc

Issue 2800853008: Add a dedicated error code for TLS 1.3 interference. (Closed)
Patch Set: mpearson comment Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_client_socket_pool.cc ('k') | net/ssl/ssl_config.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket.h" 5 #include "net/socket/ssl_client_socket.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
(...skipping 2823 matching lines...) Expand 10 before | Expand all | Expand 10 after
2834 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); 2834 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info));
2835 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type); 2835 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type);
2836 2836
2837 // However, enabling deprecated ciphers connects fresh. 2837 // However, enabling deprecated ciphers connects fresh.
2838 ASSERT_TRUE(CreateAndConnectSSLClientSocket(deprecated_ssl_config, &rv)); 2838 ASSERT_TRUE(CreateAndConnectSSLClientSocket(deprecated_ssl_config, &rv));
2839 EXPECT_THAT(rv, IsOk()); 2839 EXPECT_THAT(rv, IsOk());
2840 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); 2840 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info));
2841 EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type); 2841 EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
2842 } 2842 }
2843 2843
2844 // Tests that the version_interference_probe option rejects successful
2845 // connections and passes errors through.
2846 TEST_F(SSLClientSocketTest, VersionInterferenceProbe) {
2847 ASSERT_TRUE(StartTestServer(SpawnedTestServer::SSLOptions()));
2848
2849 SSLConfig ssl_config;
2850 ssl_config.version_max = SSL_PROTOCOL_VERSION_TLS1_2;
2851 ssl_config.version_interference_probe = true;
2852
2853 // Successful connections map to a dedicated error.
2854 int rv;
2855 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
2856 EXPECT_THAT(rv, IsError(ERR_SSL_VERSION_INTERFERENCE));
2857
2858 // Failed connections pass through.
2859 TestCompletionCallback callback;
2860 std::unique_ptr<StreamSocket> real_transport(
2861 new TCPClientSocket(addr(), NULL, NULL, NetLogSource()));
2862 std::unique_ptr<SynchronousErrorStreamSocket> transport(
2863 new SynchronousErrorStreamSocket(std::move(real_transport)));
2864 rv = callback.GetResult(transport->Connect(callback.callback()));
2865 EXPECT_THAT(rv, IsOk());
2866 SynchronousErrorStreamSocket* raw_transport = transport.get();
2867 std::unique_ptr<SSLClientSocket> sock(CreateSSLClientSocket(
2868 std::move(transport), spawned_test_server()->host_port_pair(),
2869 ssl_config));
2870 raw_transport->SetNextWriteError(ERR_CONNECTION_RESET);
2871 rv = callback.GetResult(sock->Connect(callback.callback()));
2872 EXPECT_THAT(rv, IsError(ERR_CONNECTION_RESET));
2873 }
2874
2844 TEST_F(SSLClientSocketTest, RequireECDHE) { 2875 TEST_F(SSLClientSocketTest, RequireECDHE) {
2845 // Run test server without ECDHE. 2876 // Run test server without ECDHE.
2846 SpawnedTestServer::SSLOptions ssl_options; 2877 SpawnedTestServer::SSLOptions ssl_options;
2847 ssl_options.key_exchanges = SpawnedTestServer::SSLOptions::KEY_EXCHANGE_RSA; 2878 ssl_options.key_exchanges = SpawnedTestServer::SSLOptions::KEY_EXCHANGE_RSA;
2848 ASSERT_TRUE(StartTestServer(ssl_options)); 2879 ASSERT_TRUE(StartTestServer(ssl_options));
2849 2880
2850 SSLConfig config; 2881 SSLConfig config;
2851 config.require_ecdhe = true; 2882 config.require_ecdhe = true;
2852 int rv; 2883 int rv;
2853 ASSERT_TRUE(CreateAndConnectSSLClientSocket(config, &rv)); 2884 ASSERT_TRUE(CreateAndConnectSSLClientSocket(config, &rv));
(...skipping 1025 matching lines...) Expand 10 before | Expand all | Expand 10 after
3879 // The read buffer should be released. 3910 // The read buffer should be released.
3880 StreamSocket::SocketMemoryStats stats; 3911 StreamSocket::SocketMemoryStats stats;
3881 client->DumpMemoryStats(&stats); 3912 client->DumpMemoryStats(&stats);
3882 EXPECT_EQ(0u, stats.buffer_size); 3913 EXPECT_EQ(0u, stats.buffer_size);
3883 EXPECT_EQ(1u, stats.cert_count); 3914 EXPECT_EQ(1u, stats.cert_count);
3884 EXPECT_LT(0u, stats.cert_size); 3915 EXPECT_LT(0u, stats.cert_size);
3885 EXPECT_EQ(stats.cert_size, stats.total_size); 3916 EXPECT_EQ(stats.cert_size, stats.total_size);
3886 } 3917 }
3887 3918
3888 } // namespace net 3919 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket_pool.cc ('k') | net/ssl/ssl_config.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698