Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1218)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/socket/ssl_client_socket_unittest.cc

Issue 6804032: Add TLS-SRP (RFC 5054) support Base URL: http://git.chromium.org/git/chromium.git@trunk
Patch Set: remove "httpsv" scheme, minor NSS/OpenSSL changes Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/socket/ssl_client_socket_tls_srp_unittest.cc ('k') | net/spdy/spdy_stream.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/socket/ssl_client_socket_unittest.cc
diff --git a/net/socket/ssl_client_socket_unittest.cc b/net/socket/ssl_client_socket_unittest.cc
index 3df20bbc42d366cb96be51ae7940bfcd38787d4b..a581c1aad967059837e6613d6c15988ae9eb67db 100644
--- a/net/socket/ssl_client_socket_unittest.cc
+++ b/net/socket/ssl_client_socket_unittest.cc
@@ -283,6 +283,56 @@ TEST_F(SSLClientSocketTest, ConnectClientAuthSendNullCert) {
EXPECT_FALSE(sock->IsConnected());
}
+// Connect using a certificate to a server that has TLS-SRP enabled. Tests that
+// when we set use_tls_auth=false in SSL config, it doesn't attempt TLS-SRP
+// auth.
+TEST_F(SSLClientSocketTest, ConnectUsingCertWithTLSAuthDisabled) {
+ net::TestServer::HTTPSOptions https_options;
+ https_options.use_tls_srp = true;
+ net::TestServer test_server(https_options, FilePath());
+ ASSERT_TRUE(test_server.Start());
+
+ net::AddressList addr;
+ ASSERT_TRUE(test_server.GetAddressList(&addr));
+
+ TestCompletionCallback callback;
+ net::CapturingNetLog log(net::CapturingNetLog::kUnbounded);
+ net::ClientSocket* transport = new net::TCPClientSocket(
+ addr, &log, net::NetLog::Source());
+ int rv = transport->Connect(&callback);
+ if (rv == net::ERR_IO_PENDING)
+ rv = callback.WaitForResult();
+ EXPECT_EQ(net::OK, rv);
+
+ // Disable TLS-SRP
+ net::SSLConfig ssl_config = kDefaultSSLConfig;
+ ssl_config.use_tls_auth = false;
+
+ scoped_ptr<net::SSLClientSocket> sock(
+ socket_factory_->CreateSSLClientSocket(
+ transport, test_server.host_port_pair(), ssl_config,
+ NULL, cert_verifier_.get()));
+
+ EXPECT_FALSE(sock->IsConnected());
+
+ rv = sock->Connect(&callback);
+
+ net::CapturingNetLog::EntryList entries;
+ log.GetEntries(&entries);
+ EXPECT_TRUE(net::LogContainsBeginEvent(
+ entries, 5, net::NetLog::TYPE_SSL_CONNECT));
+ if (rv == net::ERR_IO_PENDING)
+ rv = callback.WaitForResult();
+ EXPECT_EQ(net::OK, rv);
+
+ EXPECT_TRUE(sock->IsConnected());
+ log.GetEntries(&entries);
+ EXPECT_TRUE(LogContainsSSLConnectEndEvent(entries, -1));
+
+ sock->Disconnect();
+ EXPECT_FALSE(sock->IsConnected());
+}
+
// TODO(wtc): Add unit tests for IsConnectedAndIdle:
// - Server closes an SSL connection (with a close_notify alert message).
// - Server closes the underlying TCP connection directly.
« no previous file with comments | « net/socket/ssl_client_socket_tls_srp_unittest.cc ('k') | net/spdy/spdy_stream.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698