OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
6 | 6 |
7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
8 #include <windows.h> | 8 #include <windows.h> |
9 #include <shlobj.h> | 9 #include <shlobj.h> |
10 #endif | 10 #endif |
(...skipping 6916 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
6927 EXPECT_EQ("insert", parts[0]); | 6927 EXPECT_EQ("insert", parts[0]); |
6928 session_id = parts[1]; | 6928 session_id = parts[1]; |
6929 } else { | 6929 } else { |
6930 EXPECT_EQ("lookup", parts[0]); | 6930 EXPECT_EQ("lookup", parts[0]); |
6931 EXPECT_EQ(session_id, parts[1]); | 6931 EXPECT_EQ(session_id, parts[1]); |
6932 } | 6932 } |
6933 } | 6933 } |
6934 } | 6934 } |
6935 } | 6935 } |
6936 | 6936 |
6937 // AssertTwoDistinctSessionsInserted checks that |session_info|, which must be | |
6938 // the result of fetching "ssl-session-cache" from the test server, indicates | |
6939 // that exactly two different sessions were inserted, with no lookups etc. | |
6940 static void AssertTwoDistinctSessionsInserted(const string& session_info) { | |
6941 std::vector<std::string> lines; | |
6942 base::SplitString(session_info, '\n', &lines); | |
6943 ASSERT_EQ(3u, lines.size()) << session_info; | |
6944 | |
6945 std::string session_id; | |
6946 for (size_t i = 0; i < 2; i++) { | |
6947 std::vector<std::string> parts; | |
6948 base::SplitString(lines[i], '\t', &parts); | |
6949 ASSERT_EQ(2u, parts.size()); | |
6950 EXPECT_EQ("insert", parts[0]); | |
6951 if (i == 0) { | |
6952 session_id = parts[1]; | |
6953 } else { | |
6954 EXPECT_NE(session_id, parts[1]); | |
6955 } | |
6956 } | |
6957 } | |
6958 | |
6937 TEST_F(HTTPSRequestTest, SSLSessionCacheShardTest) { | 6959 TEST_F(HTTPSRequestTest, SSLSessionCacheShardTest) { |
6938 // Test that sessions aren't resumed when the value of ssl_session_cache_shard | 6960 // Test that sessions aren't resumed when the value of ssl_session_cache_shard |
6939 // differs. | 6961 // differs. |
6940 SpawnedTestServer::SSLOptions ssl_options; | 6962 SpawnedTestServer::SSLOptions ssl_options; |
6941 ssl_options.record_resume = true; | 6963 ssl_options.record_resume = true; |
6942 SpawnedTestServer test_server( | 6964 SpawnedTestServer test_server( |
6943 SpawnedTestServer::TYPE_HTTPS, | 6965 SpawnedTestServer::TYPE_HTTPS, |
6944 ssl_options, | 6966 ssl_options, |
6945 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | 6967 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
6946 ASSERT_TRUE(test_server.Start()); | 6968 ASSERT_TRUE(test_server.Start()); |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
6990 base::RunLoop().Run(); | 7012 base::RunLoop().Run(); |
6991 | 7013 |
6992 // The response will look like; | 7014 // The response will look like; |
6993 // insert abc | 7015 // insert abc |
6994 // insert xyz | 7016 // insert xyz |
6995 // | 7017 // |
6996 // With a newline at the end which makes the split think that there are | 7018 // With a newline at the end which makes the split think that there are |
6997 // three lines. | 7019 // three lines. |
6998 | 7020 |
6999 EXPECT_EQ(1, d.response_started_count()); | 7021 EXPECT_EQ(1, d.response_started_count()); |
7000 std::vector<std::string> lines; | 7022 AssertTwoDistinctSessionsInserted(d.data_received()); |
7001 base::SplitString(d.data_received(), '\n', &lines); | |
7002 ASSERT_EQ(3u, lines.size()); | |
7003 | |
7004 std::string session_id; | |
7005 for (size_t i = 0; i < 2; i++) { | |
7006 std::vector<std::string> parts; | |
7007 base::SplitString(lines[i], '\t', &parts); | |
7008 ASSERT_EQ(2u, parts.size()); | |
7009 EXPECT_EQ("insert", parts[0]); | |
7010 if (i == 0) { | |
7011 session_id = parts[1]; | |
7012 } else { | |
7013 EXPECT_NE(session_id, parts[1]); | |
7014 } | |
7015 } | |
7016 } | 7023 } |
7017 } | 7024 } |
7018 | 7025 |
7019 #if defined(OS_WIN) | 7026 #if defined(OS_WIN) |
7020 | 7027 |
7021 namespace { | 7028 namespace { |
7022 | 7029 |
7023 bool IsECDSACipherSuite(uint16_t cipher_suite) { | 7030 bool IsECDSACipherSuite(uint16_t cipher_suite) { |
7024 const char* key_exchange; | 7031 const char* key_exchange; |
7025 const char* cipher; | 7032 const char* cipher; |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
7060 for (size_t i = 0; i < lines.size(); i++) { | 7067 for (size_t i = 0; i < lines.size(); i++) { |
7061 int cipher_suite; | 7068 int cipher_suite; |
7062 ASSERT_TRUE(base::StringToInt(lines[i], &cipher_suite)); | 7069 ASSERT_TRUE(base::StringToInt(lines[i], &cipher_suite)); |
7063 EXPECT_FALSE(IsECDSACipherSuite(cipher_suite)) | 7070 EXPECT_FALSE(IsECDSACipherSuite(cipher_suite)) |
7064 << "ClientHello advertised " << cipher_suite; | 7071 << "ClientHello advertised " << cipher_suite; |
7065 } | 7072 } |
7066 } | 7073 } |
7067 | 7074 |
7068 #endif // OS_WIN | 7075 #endif // OS_WIN |
7069 | 7076 |
7077 class TestSSLConfigService : public SSLConfigService { | |
7078 public: | |
7079 TestSSLConfigService(bool ev_enabled, | |
7080 bool online_rev_checking, | |
7081 bool rev_checking_required_local_anchors) | |
7082 : ev_enabled_(ev_enabled), | |
7083 online_rev_checking_(online_rev_checking), | |
7084 rev_checking_required_local_anchors_( | |
7085 rev_checking_required_local_anchors), | |
7086 fallback_min_version_(0) {} | |
7087 | |
7088 void set_fallback_min_version(uint16 version) { | |
7089 fallback_min_version_ = version; | |
7090 } | |
7091 | |
7092 // SSLConfigService: | |
7093 virtual void GetSSLConfig(SSLConfig* config) OVERRIDE { | |
7094 *config = SSLConfig(); | |
7095 config->rev_checking_enabled = online_rev_checking_; | |
7096 config->verify_ev_cert = ev_enabled_; | |
7097 config->rev_checking_required_local_anchors = | |
7098 rev_checking_required_local_anchors_; | |
7099 if (fallback_min_version_) { | |
7100 config->version_fallback_min = fallback_min_version_; | |
7101 } | |
7102 } | |
7103 | |
7104 protected: | |
7105 virtual ~TestSSLConfigService() {} | |
7106 | |
7107 private: | |
7108 const bool ev_enabled_; | |
7109 const bool online_rev_checking_; | |
7110 const bool rev_checking_required_local_anchors_; | |
7111 uint16 fallback_min_version_; | |
7112 }; | |
7113 | |
7114 class FallbackTestURLRequestContext : public TestURLRequestContext { | |
7115 public: | |
7116 explicit FallbackTestURLRequestContext(bool delay_initialization) | |
7117 : TestURLRequestContext(delay_initialization) {} | |
7118 | |
7119 void set_fallback_min_version(uint16 version) { | |
7120 TestSSLConfigService *ssl_config_service = | |
7121 new TestSSLConfigService(true /* check for EV */, | |
7122 false /* online revocation checking */, | |
7123 false /* require rev. checking for local | |
7124 anchors */); | |
7125 ssl_config_service->set_fallback_min_version(version); | |
7126 set_ssl_config_service(ssl_config_service); | |
7127 } | |
7128 }; | |
7129 | |
7070 class HTTPSFallbackTest : public testing::Test { | 7130 class HTTPSFallbackTest : public testing::Test { |
7071 public: | 7131 public: |
7072 HTTPSFallbackTest() : context_(true) { | 7132 HTTPSFallbackTest() : context_(true) {} |
7073 context_.Init(); | |
7074 delegate_.set_allow_certificate_errors(true); | |
7075 } | |
7076 virtual ~HTTPSFallbackTest() {} | 7133 virtual ~HTTPSFallbackTest() {} |
7077 | 7134 |
7078 protected: | 7135 protected: |
7079 void DoFallbackTest(const SpawnedTestServer::SSLOptions& ssl_options) { | 7136 void DoFallbackTest(const SpawnedTestServer::SSLOptions& ssl_options) { |
7080 DCHECK(!request_); | 7137 DCHECK(!request_); |
7138 context_.Init(); | |
7139 delegate_.set_allow_certificate_errors(true); | |
7140 | |
7081 SpawnedTestServer test_server( | 7141 SpawnedTestServer test_server( |
7082 SpawnedTestServer::TYPE_HTTPS, | 7142 SpawnedTestServer::TYPE_HTTPS, |
7083 ssl_options, | 7143 ssl_options, |
7084 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | 7144 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
7085 ASSERT_TRUE(test_server.Start()); | 7145 ASSERT_TRUE(test_server.Start()); |
7086 | 7146 |
7087 request_ = context_.CreateRequest( | 7147 request_ = context_.CreateRequest( |
7088 test_server.GetURL(std::string()), DEFAULT_PRIORITY, &delegate_, NULL); | 7148 test_server.GetURL(std::string()), DEFAULT_PRIORITY, &delegate_, NULL); |
7089 request_->Start(); | 7149 request_->Start(); |
7090 | 7150 |
7091 base::RunLoop().Run(); | 7151 base::RunLoop().Run(); |
7092 } | 7152 } |
7093 | 7153 |
7154 void set_fallback_min_version(uint16 version) { | |
7155 context_.set_fallback_min_version(version); | |
7156 } | |
7157 | |
7094 void ExpectConnection(int version) { | 7158 void ExpectConnection(int version) { |
7095 EXPECT_EQ(1, delegate_.response_started_count()); | 7159 EXPECT_EQ(1, delegate_.response_started_count()); |
7096 EXPECT_NE(0, delegate_.bytes_received()); | 7160 EXPECT_NE(0, delegate_.bytes_received()); |
7097 EXPECT_EQ(version, SSLConnectionStatusToVersion( | 7161 EXPECT_EQ(version, SSLConnectionStatusToVersion( |
7098 request_->ssl_info().connection_status)); | 7162 request_->ssl_info().connection_status)); |
7099 EXPECT_TRUE(request_->ssl_info().connection_status & | 7163 EXPECT_TRUE(request_->ssl_info().connection_status & |
7100 SSL_CONNECTION_VERSION_FALLBACK); | 7164 SSL_CONNECTION_VERSION_FALLBACK); |
7101 } | 7165 } |
7102 | 7166 |
7103 void ExpectFailure(int error) { | 7167 void ExpectFailure(int error) { |
7104 EXPECT_EQ(1, delegate_.response_started_count()); | 7168 EXPECT_EQ(1, delegate_.response_started_count()); |
7105 EXPECT_FALSE(request_->status().is_success()); | 7169 EXPECT_FALSE(request_->status().is_success()); |
7106 EXPECT_EQ(URLRequestStatus::FAILED, request_->status().status()); | 7170 EXPECT_EQ(URLRequestStatus::FAILED, request_->status().status()); |
7107 EXPECT_EQ(error, request_->status().error()); | 7171 EXPECT_EQ(error, request_->status().error()); |
7108 } | 7172 } |
7109 | 7173 |
7110 private: | 7174 private: |
7111 TestDelegate delegate_; | 7175 TestDelegate delegate_; |
7112 TestURLRequestContext context_; | 7176 FallbackTestURLRequestContext context_; |
7113 scoped_ptr<URLRequest> request_; | 7177 scoped_ptr<URLRequest> request_; |
7114 }; | 7178 }; |
7115 | 7179 |
7116 // Tests TLSv1.1 -> TLSv1 fallback. Verifies that we don't fall back more | 7180 // Tests TLSv1.1 -> TLSv1 fallback. Verifies that we don't fall back more |
7117 // than necessary. | 7181 // than necessary. |
7118 TEST_F(HTTPSFallbackTest, TLSv1Fallback) { | 7182 TEST_F(HTTPSFallbackTest, TLSv1Fallback) { |
7119 SpawnedTestServer::SSLOptions ssl_options( | 7183 SpawnedTestServer::SSLOptions ssl_options( |
7120 SpawnedTestServer::SSLOptions::CERT_OK); | 7184 SpawnedTestServer::SSLOptions::CERT_OK); |
7121 ssl_options.tls_intolerant = | 7185 ssl_options.tls_intolerant = |
7122 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; | 7186 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
7178 // Have the server process TLS_FALLBACK_SCSV so that version fallback | 7242 // Have the server process TLS_FALLBACK_SCSV so that version fallback |
7179 // connections are rejected. | 7243 // connections are rejected. |
7180 ssl_options.fallback_scsv_enabled = true; | 7244 ssl_options.fallback_scsv_enabled = true; |
7181 | 7245 |
7182 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7246 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7183 | 7247 |
7184 // The original error should be replayed on rejected fallback. | 7248 // The original error should be replayed on rejected fallback. |
7185 ExpectFailure(ERR_CONNECTION_CLOSED); | 7249 ExpectFailure(ERR_CONNECTION_CLOSED); |
7186 } | 7250 } |
7187 | 7251 |
7188 // Tests that the SSLv3 fallback triggers on alert. | 7252 // Tests that the SSLv3 fallback doesn't happen by default. |
7189 TEST_F(HTTPSFallbackTest, SSLv3Fallback) { | 7253 TEST_F(HTTPSFallbackTest, SSLv3Fallback) { |
7190 SpawnedTestServer::SSLOptions ssl_options( | 7254 SpawnedTestServer::SSLOptions ssl_options( |
7191 SpawnedTestServer::SSLOptions::CERT_OK); | 7255 SpawnedTestServer::SSLOptions::CERT_OK); |
7192 ssl_options.tls_intolerant = | 7256 ssl_options.tls_intolerant = |
7193 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7257 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
7194 | 7258 |
7195 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7259 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7260 ExpectFailure(ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION); | |
7261 } | |
7262 | |
7263 // Tests that the SSLv3 fallback works when explicitly enabled. | |
7264 TEST_F(HTTPSFallbackTest, SSLv3FallbackEnabled) { | |
7265 SpawnedTestServer::SSLOptions ssl_options( | |
7266 SpawnedTestServer::SSLOptions::CERT_OK); | |
7267 ssl_options.tls_intolerant = | |
7268 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | |
7269 set_fallback_min_version(SSL_PROTOCOL_VERSION_SSL3); | |
7270 | |
7271 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | |
7196 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); | 7272 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); |
7197 } | 7273 } |
7198 | 7274 |
7199 // Tests that the SSLv3 fallback triggers on closed connections. | 7275 // Tests that the SSLv3 fallback triggers on closed connections when explicitly |
7276 // enabled. | |
7200 TEST_F(HTTPSFallbackTest, SSLv3FallbackClosed) { | 7277 TEST_F(HTTPSFallbackTest, SSLv3FallbackClosed) { |
7201 SpawnedTestServer::SSLOptions ssl_options( | 7278 SpawnedTestServer::SSLOptions ssl_options( |
7202 SpawnedTestServer::SSLOptions::CERT_OK); | 7279 SpawnedTestServer::SSLOptions::CERT_OK); |
7203 ssl_options.tls_intolerant = | 7280 ssl_options.tls_intolerant = |
7204 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7281 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
7205 ssl_options.tls_intolerance_type = | 7282 ssl_options.tls_intolerance_type = |
7206 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; | 7283 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; |
7284 set_fallback_min_version(SSL_PROTOCOL_VERSION_SSL3); | |
7207 | 7285 |
7208 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7286 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7209 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); | 7287 ExpectConnection(SSL_CONNECTION_VERSION_SSL3); |
7210 } | 7288 } |
7211 | 7289 |
7290 // Test that SSLv3 fallback probe connections don't cause sessions to be cached. | |
7291 TEST_F(HTTPSFallbackTest, SSLv3FallbackNoCache) { | |
7292 SpawnedTestServer::SSLOptions ssl_options( | |
7293 SpawnedTestServer::SSLOptions::CERT_OK); | |
7294 ssl_options.tls_intolerant = | |
7295 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | |
7296 ssl_options.tls_intolerance_type = | |
7297 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; | |
7298 ssl_options.record_resume = true; | |
7299 | |
7300 SpawnedTestServer test_server( | |
7301 SpawnedTestServer::TYPE_HTTPS, | |
7302 ssl_options, | |
7303 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | |
7304 ASSERT_TRUE(test_server.Start()); | |
7305 | |
7306 SSLClientSocket::ClearSessionCache(); | |
7307 | |
7308 // Make a connection that does a probe fallback to SSLv3 but fails because | |
7309 // SSLv3 fallback is disabled. We don't wish a session for this connection to | |
7310 // be inserted locally. | |
7311 { | |
7312 TestDelegate delegate; | |
7313 FallbackTestURLRequestContext context(true); | |
7314 | |
7315 context.Init(); | |
7316 scoped_ptr<URLRequest> request(context.CreateRequest( | |
7317 test_server.GetURL(std::string()), DEFAULT_PRIORITY, &delegate, NULL)); | |
7318 request->Start(); | |
7319 | |
7320 base::RunLoop().Run(); | |
7321 | |
7322 EXPECT_EQ(1, delegate.response_started_count()); | |
7323 EXPECT_FALSE(request->status().is_success()); | |
7324 EXPECT_EQ(URLRequestStatus::FAILED, request->status().status()); | |
7325 EXPECT_EQ(ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION, | |
7326 request->status().error()); | |
7327 } | |
7328 | |
7329 // Now allow SSLv3 connections and request the session cache log. | |
7330 { | |
7331 TestDelegate delegate; | |
7332 FallbackTestURLRequestContext context(true); | |
7333 context.set_fallback_min_version(SSL_PROTOCOL_VERSION_SSL3); | |
7334 | |
7335 context.Init(); | |
7336 scoped_ptr<URLRequest> request( | |
7337 context.CreateRequest(test_server.GetURL("ssl-session-cache"), | |
7338 DEFAULT_PRIORITY, | |
davidben
2014/10/08 02:54:37
Nit: indentation
| |
7339 &delegate, | |
7340 NULL)); | |
7341 request->Start(); | |
7342 | |
7343 base::RunLoop().Run(); | |
7344 | |
7345 EXPECT_EQ(1, delegate.response_started_count()); | |
7346 EXPECT_NE(0, delegate.bytes_received()); | |
7347 EXPECT_EQ(SSL_CONNECTION_VERSION_SSL3, SSLConnectionStatusToVersion( | |
7348 request->ssl_info().connection_status)); | |
7349 EXPECT_TRUE(request->ssl_info().connection_status & | |
7350 SSL_CONNECTION_VERSION_FALLBACK); | |
7351 | |
7352 std::vector<std::string> lines; | |
7353 // If no sessions were cached then the server should have seen two sessions | |
7354 // inserted with no lookups. | |
7355 AssertTwoDistinctSessionsInserted(delegate.data_received()); | |
7356 } | |
7357 } | |
7358 | |
7212 // This test is disabled on Android because the remote test server doesn't cause | 7359 // This test is disabled on Android because the remote test server doesn't cause |
7213 // a TCP reset. | 7360 // a TCP reset. |
7214 #if !defined(OS_ANDROID) | 7361 #if !defined(OS_ANDROID) |
7215 // Tests that a reset connection does not fallback down to SSL3. | 7362 // Tests that a reset connection does not fallback down to SSL3. |
7216 TEST_F(HTTPSFallbackTest, SSLv3NoFallbackReset) { | 7363 TEST_F(HTTPSFallbackTest, SSLv3NoFallbackReset) { |
7217 SpawnedTestServer::SSLOptions ssl_options( | 7364 SpawnedTestServer::SSLOptions ssl_options( |
7218 SpawnedTestServer::SSLOptions::CERT_OK); | 7365 SpawnedTestServer::SSLOptions::CERT_OK); |
7219 ssl_options.tls_intolerant = | 7366 ssl_options.tls_intolerant = |
7220 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7367 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; |
7221 ssl_options.tls_intolerance_type = | 7368 ssl_options.tls_intolerance_type = |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
7294 // With a newline at the end which makes the split think that there are | 7441 // With a newline at the end which makes the split think that there are |
7295 // three lines. | 7442 // three lines. |
7296 // | 7443 // |
7297 // If a session was presented (eg: a bug), then the response would look | 7444 // If a session was presented (eg: a bug), then the response would look |
7298 // like; | 7445 // like; |
7299 // insert abc | 7446 // insert abc |
7300 // lookup abc | 7447 // lookup abc |
7301 // insert xyz | 7448 // insert xyz |
7302 | 7449 |
7303 EXPECT_EQ(1, d.response_started_count()); | 7450 EXPECT_EQ(1, d.response_started_count()); |
7304 std::vector<std::string> lines; | 7451 AssertTwoDistinctSessionsInserted(d.data_received()); |
7305 base::SplitString(d.data_received(), '\n', &lines); | |
7306 ASSERT_EQ(3u, lines.size()) << d.data_received(); | |
7307 | |
7308 std::string session_id; | |
7309 for (size_t i = 0; i < 2; i++) { | |
7310 std::vector<std::string> parts; | |
7311 base::SplitString(lines[i], '\t', &parts); | |
7312 ASSERT_EQ(2u, parts.size()); | |
7313 EXPECT_EQ("insert", parts[0]); | |
7314 if (i == 0) { | |
7315 session_id = parts[1]; | |
7316 } else { | |
7317 EXPECT_NE(session_id, parts[1]); | |
7318 } | |
7319 } | |
7320 } | 7452 } |
7321 } | 7453 } |
7322 | 7454 |
7323 class TestSSLConfigService : public SSLConfigService { | |
7324 public: | |
7325 TestSSLConfigService(bool ev_enabled, | |
7326 bool online_rev_checking, | |
7327 bool rev_checking_required_local_anchors) | |
7328 : ev_enabled_(ev_enabled), | |
7329 online_rev_checking_(online_rev_checking), | |
7330 rev_checking_required_local_anchors_( | |
7331 rev_checking_required_local_anchors) {} | |
7332 | |
7333 // SSLConfigService: | |
7334 virtual void GetSSLConfig(SSLConfig* config) OVERRIDE { | |
7335 *config = SSLConfig(); | |
7336 config->rev_checking_enabled = online_rev_checking_; | |
7337 config->verify_ev_cert = ev_enabled_; | |
7338 config->rev_checking_required_local_anchors = | |
7339 rev_checking_required_local_anchors_; | |
7340 } | |
7341 | |
7342 protected: | |
7343 virtual ~TestSSLConfigService() {} | |
7344 | |
7345 private: | |
7346 const bool ev_enabled_; | |
7347 const bool online_rev_checking_; | |
7348 const bool rev_checking_required_local_anchors_; | |
7349 }; | |
7350 | |
7351 // This the fingerprint of the "Testing CA" certificate used by the testserver. | 7455 // This the fingerprint of the "Testing CA" certificate used by the testserver. |
7352 // See net/data/ssl/certificates/ocsp-test-root.pem. | 7456 // See net/data/ssl/certificates/ocsp-test-root.pem. |
7353 static const SHA1HashValue kOCSPTestCertFingerprint = | 7457 static const SHA1HashValue kOCSPTestCertFingerprint = |
7354 { { 0xf1, 0xad, 0xf6, 0xce, 0x42, 0xac, 0xe7, 0xb4, 0xf4, 0x24, | 7458 { { 0xf1, 0xad, 0xf6, 0xce, 0x42, 0xac, 0xe7, 0xb4, 0xf4, 0x24, |
7355 0xdb, 0x1a, 0xf7, 0xa0, 0x9f, 0x09, 0xa1, 0xea, 0xf1, 0x5c } }; | 7459 0xdb, 0x1a, 0xf7, 0xa0, 0x9f, 0x09, 0xa1, 0xea, 0xf1, 0x5c } }; |
7356 | 7460 |
7357 // This is the SHA256, SPKI hash of the "Testing CA" certificate used by the | 7461 // This is the SHA256, SPKI hash of the "Testing CA" certificate used by the |
7358 // testserver. | 7462 // testserver. |
7359 static const SHA256HashValue kOCSPTestCertSPKI = { { | 7463 static const SHA256HashValue kOCSPTestCertSPKI = { { |
7360 0xee, 0xe6, 0x51, 0x2d, 0x4c, 0xfa, 0xf7, 0x3e, | 7464 0xee, 0xe6, 0x51, 0x2d, 0x4c, 0xfa, 0xf7, 0x3e, |
(...skipping 816 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
8177 | 8281 |
8178 EXPECT_FALSE(r->is_pending()); | 8282 EXPECT_FALSE(r->is_pending()); |
8179 EXPECT_EQ(1, d->response_started_count()); | 8283 EXPECT_EQ(1, d->response_started_count()); |
8180 EXPECT_FALSE(d->received_data_before_response()); | 8284 EXPECT_FALSE(d->received_data_before_response()); |
8181 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); | 8285 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); |
8182 } | 8286 } |
8183 } | 8287 } |
8184 #endif // !defined(DISABLE_FTP_SUPPORT) | 8288 #endif // !defined(DISABLE_FTP_SUPPORT) |
8185 | 8289 |
8186 } // namespace net | 8290 } // namespace net |
OLD | NEW |