Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3070)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/policy/policy_browsertest.cc

Issue 649373002: Provide enterprise policy option to set the minimum SSL version. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: ... Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/policy/configuration_policy_handler_list_factory.cc ('k') | chrome/test/data/policy/policy_test_cases.json » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/policy/policy_browsertest.cc
diff --git a/chrome/browser/policy/policy_browsertest.cc b/chrome/browser/policy/policy_browsertest.cc
index 1f7adc0e593eff97f41fa5692d9b0bc3e9039590..c41d7c80933a2f2ceacc2ea2c4b6c69e6ef3aadb 100644
--- a/chrome/browser/policy/policy_browsertest.cc
+++ b/chrome/browser/policy/policy_browsertest.cc
@@ -45,6 +45,7 @@
#include "chrome/browser/media/media_stream_devices_controller.h"
#include "chrome/browser/metrics/variations/variations_service.h"
#include "chrome/browser/net/prediction_options.h"
+#include "chrome/browser/net/ssl_config_service_manager.h"
#include "chrome/browser/net/url_request_mock_util.h"
#include "chrome/browser/plugins/plugin_prefs.h"
#include "chrome/browser/policy/cloud/test_request_interceptor.h"
@@ -132,6 +133,8 @@
#include "net/base/net_util.h"
#include "net/base/url_util.h"
#include "net/http/http_stream_factory.h"
+#include "net/ssl/ssl_config.h"
+#include "net/ssl/ssl_config_service.h"
#include "net/test/url_request/url_request_failed_job.h"
#include "net/test/url_request/url_request_mock_http_job.h"
#include "net/url_request/url_request.h"
@@ -2206,6 +2209,34 @@ IN_PROC_BROWSER_TEST_F(PolicyTest, MAYBE_FileURLBlacklist) {
CheckURLIsBlocked(browser(), file_path2.c_str());
}
+static bool IsMinSSLVersionTLS12(Profile* profile) {
+ scoped_refptr<net::SSLConfigService> config_service(
+ profile->GetSSLConfigService());
+ net::SSLConfig config;
+ config_service->GetSSLConfig(&config);
+ return config.version_min == net::SSL_PROTOCOL_VERSION_TLS1_2;
+}
+
+IN_PROC_BROWSER_TEST_F(PolicyTest, SSLVersionMin) {
+ PrefService* prefs = browser()->profile()->GetPrefs();
Joao da Silva 2014/10/15 18:38:19 This pref is registered for Local State, so this s
agl 2014/10/15 18:48:01 Thanks! browser()->local_state() didn't type chec
+
+ const std::string new_value("tls1.2");
+ const std::string default_value(prefs->GetString(prefs::kSSLVersionMin));
+
+ EXPECT_NE(default_value, new_value);
+ EXPECT_FALSE(IsMinSSLVersionTLS12(browser()->profile()));
+
+ PolicyMap policies;
+ policies.Set(key::kSSLVersionMin,
+ POLICY_LEVEL_MANDATORY,
+ POLICY_SCOPE_USER,
+ new base::StringValue(new_value),
+ NULL);
+ UpdateProviderPolicy(policies);
+
+ EXPECT_TRUE(IsMinSSLVersionTLS12(browser()->profile()));
+}
+
#if !defined(OS_MACOSX)
IN_PROC_BROWSER_TEST_F(PolicyTest, FullscreenAllowedBrowser) {
PolicyMap policies;
« no previous file with comments | « chrome/browser/policy/configuration_policy_handler_list_factory.cc ('k') | chrome/test/data/policy/policy_test_cases.json » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698