OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
6 | 6 |
7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
8 #include <windows.h> | 8 #include <windows.h> |
9 #include <shlobj.h> | 9 #include <shlobj.h> |
10 #endif | 10 #endif |
(...skipping 7668 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7679 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7679 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7680 ExpectConnection(SSL_CONNECTION_VERSION_TLS1); | 7680 ExpectConnection(SSL_CONNECTION_VERSION_TLS1); |
7681 } | 7681 } |
7682 #endif // !OS_ANDROID | 7682 #endif // !OS_ANDROID |
7683 | 7683 |
7684 // Tests that we don't fallback on handshake failure with servers that implement | 7684 // Tests that we don't fallback on handshake failure with servers that implement |
7685 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. | 7685 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. |
7686 TEST_F(HTTPSFallbackTest, FallbackSCSV) { | 7686 TEST_F(HTTPSFallbackTest, FallbackSCSV) { |
7687 SpawnedTestServer::SSLOptions ssl_options( | 7687 SpawnedTestServer::SSLOptions ssl_options( |
7688 SpawnedTestServer::SSLOptions::CERT_OK); | 7688 SpawnedTestServer::SSLOptions::CERT_OK); |
7689 // Configure HTTPS server to be intolerant of TLS >= 1.0 in order to trigger | 7689 // Configure HTTPS server to be intolerant of TLS >= 1.1 in order to trigger |
7690 // a version fallback. | 7690 // a version fallback. |
7691 ssl_options.tls_intolerant = | 7691 ssl_options.tls_intolerant = |
7692 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7692 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; |
7693 // Have the server process TLS_FALLBACK_SCSV so that version fallback | 7693 // Have the server process TLS_FALLBACK_SCSV so that version fallback |
7694 // connections are rejected. | 7694 // connections are rejected. |
7695 ssl_options.fallback_scsv_enabled = true; | 7695 ssl_options.fallback_scsv_enabled = true; |
7696 | 7696 |
7697 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7697 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7698 | 7698 |
7699 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH is how the server simulates version | 7699 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH is how the server simulates version |
7700 // intolerance. If the fallback SCSV is processed when the original error | 7700 // intolerance. If the fallback SCSV is processed when the original error |
7701 // that caused the fallback should be returned, which should be | 7701 // that caused the fallback should be returned, which should be |
7702 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH. | 7702 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH. |
7703 ExpectFailure(ERR_SSL_VERSION_OR_CIPHER_MISMATCH); | 7703 ExpectFailure(ERR_SSL_VERSION_OR_CIPHER_MISMATCH); |
7704 } | 7704 } |
7705 | 7705 |
7706 // Tests that we don't fallback on connection closed with servers that implement | 7706 // Tests that we don't fallback on connection closed with servers that implement |
7707 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. | 7707 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. |
7708 TEST_F(HTTPSFallbackTest, FallbackSCSVClosed) { | 7708 TEST_F(HTTPSFallbackTest, FallbackSCSVClosed) { |
7709 SpawnedTestServer::SSLOptions ssl_options( | 7709 SpawnedTestServer::SSLOptions ssl_options( |
7710 SpawnedTestServer::SSLOptions::CERT_OK); | 7710 SpawnedTestServer::SSLOptions::CERT_OK); |
7711 // Configure HTTPS server to be intolerant of TLS >= 1.0 in order to trigger | 7711 // Configure HTTPS server to be intolerant of TLS >= 1.1 in order to trigger |
7712 // a version fallback. | 7712 // a version fallback. |
7713 ssl_options.tls_intolerant = | 7713 ssl_options.tls_intolerant = |
7714 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7714 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; |
7715 ssl_options.tls_intolerance_type = | 7715 ssl_options.tls_intolerance_type = |
7716 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; | 7716 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; |
7717 // Have the server process TLS_FALLBACK_SCSV so that version fallback | 7717 // Have the server process TLS_FALLBACK_SCSV so that version fallback |
7718 // connections are rejected. | 7718 // connections are rejected. |
7719 ssl_options.fallback_scsv_enabled = true; | 7719 ssl_options.fallback_scsv_enabled = true; |
7720 | 7720 |
7721 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7721 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
7722 | 7722 |
7723 // The original error should be replayed on rejected fallback. | 7723 // The original error should be replayed on rejected fallback. |
7724 ExpectFailure(ERR_CONNECTION_CLOSED); | 7724 ExpectFailure(ERR_CONNECTION_CLOSED); |
(...skipping 1092 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
8817 | 8817 |
8818 EXPECT_FALSE(r->is_pending()); | 8818 EXPECT_FALSE(r->is_pending()); |
8819 EXPECT_EQ(1, d->response_started_count()); | 8819 EXPECT_EQ(1, d->response_started_count()); |
8820 EXPECT_FALSE(d->received_data_before_response()); | 8820 EXPECT_FALSE(d->received_data_before_response()); |
8821 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); | 8821 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); |
8822 } | 8822 } |
8823 } | 8823 } |
8824 #endif // !defined(DISABLE_FTP_SUPPORT) | 8824 #endif // !defined(DISABLE_FTP_SUPPORT) |
8825 | 8825 |
8826 } // namespace net | 8826 } // namespace net |
OLD | NEW |