| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
| 6 | 6 |
| 7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
| 8 #include <windows.h> | 8 #include <windows.h> |
| 9 #include <shlobj.h> | 9 #include <shlobj.h> |
| 10 #endif | 10 #endif |
| (...skipping 7668 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7679 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7679 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
| 7680 ExpectConnection(SSL_CONNECTION_VERSION_TLS1); | 7680 ExpectConnection(SSL_CONNECTION_VERSION_TLS1); |
| 7681 } | 7681 } |
| 7682 #endif // !OS_ANDROID | 7682 #endif // !OS_ANDROID |
| 7683 | 7683 |
| 7684 // Tests that we don't fallback on handshake failure with servers that implement | 7684 // Tests that we don't fallback on handshake failure with servers that implement |
| 7685 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. | 7685 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. |
| 7686 TEST_F(HTTPSFallbackTest, FallbackSCSV) { | 7686 TEST_F(HTTPSFallbackTest, FallbackSCSV) { |
| 7687 SpawnedTestServer::SSLOptions ssl_options( | 7687 SpawnedTestServer::SSLOptions ssl_options( |
| 7688 SpawnedTestServer::SSLOptions::CERT_OK); | 7688 SpawnedTestServer::SSLOptions::CERT_OK); |
| 7689 // Configure HTTPS server to be intolerant of TLS >= 1.0 in order to trigger | 7689 // Configure HTTPS server to be intolerant of TLS >= 1.1 in order to trigger |
| 7690 // a version fallback. | 7690 // a version fallback. |
| 7691 ssl_options.tls_intolerant = | 7691 ssl_options.tls_intolerant = |
| 7692 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7692 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; |
| 7693 // Have the server process TLS_FALLBACK_SCSV so that version fallback | 7693 // Have the server process TLS_FALLBACK_SCSV so that version fallback |
| 7694 // connections are rejected. | 7694 // connections are rejected. |
| 7695 ssl_options.fallback_scsv_enabled = true; | 7695 ssl_options.fallback_scsv_enabled = true; |
| 7696 | 7696 |
| 7697 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7697 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
| 7698 | 7698 |
| 7699 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH is how the server simulates version | 7699 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH is how the server simulates version |
| 7700 // intolerance. If the fallback SCSV is processed when the original error | 7700 // intolerance. If the fallback SCSV is processed when the original error |
| 7701 // that caused the fallback should be returned, which should be | 7701 // that caused the fallback should be returned, which should be |
| 7702 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH. | 7702 // ERR_SSL_VERSION_OR_CIPHER_MISMATCH. |
| 7703 ExpectFailure(ERR_SSL_VERSION_OR_CIPHER_MISMATCH); | 7703 ExpectFailure(ERR_SSL_VERSION_OR_CIPHER_MISMATCH); |
| 7704 } | 7704 } |
| 7705 | 7705 |
| 7706 // Tests that we don't fallback on connection closed with servers that implement | 7706 // Tests that we don't fallback on connection closed with servers that implement |
| 7707 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. | 7707 // TLS_FALLBACK_SCSV. Also ensure that the original error code is reported. |
| 7708 TEST_F(HTTPSFallbackTest, FallbackSCSVClosed) { | 7708 TEST_F(HTTPSFallbackTest, FallbackSCSVClosed) { |
| 7709 SpawnedTestServer::SSLOptions ssl_options( | 7709 SpawnedTestServer::SSLOptions ssl_options( |
| 7710 SpawnedTestServer::SSLOptions::CERT_OK); | 7710 SpawnedTestServer::SSLOptions::CERT_OK); |
| 7711 // Configure HTTPS server to be intolerant of TLS >= 1.0 in order to trigger | 7711 // Configure HTTPS server to be intolerant of TLS >= 1.1 in order to trigger |
| 7712 // a version fallback. | 7712 // a version fallback. |
| 7713 ssl_options.tls_intolerant = | 7713 ssl_options.tls_intolerant = |
| 7714 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_ALL; | 7714 SpawnedTestServer::SSLOptions::TLS_INTOLERANT_TLS1_1; |
| 7715 ssl_options.tls_intolerance_type = | 7715 ssl_options.tls_intolerance_type = |
| 7716 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; | 7716 SpawnedTestServer::SSLOptions::TLS_INTOLERANCE_CLOSE; |
| 7717 // Have the server process TLS_FALLBACK_SCSV so that version fallback | 7717 // Have the server process TLS_FALLBACK_SCSV so that version fallback |
| 7718 // connections are rejected. | 7718 // connections are rejected. |
| 7719 ssl_options.fallback_scsv_enabled = true; | 7719 ssl_options.fallback_scsv_enabled = true; |
| 7720 | 7720 |
| 7721 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); | 7721 ASSERT_NO_FATAL_FAILURE(DoFallbackTest(ssl_options)); |
| 7722 | 7722 |
| 7723 // The original error should be replayed on rejected fallback. | 7723 // The original error should be replayed on rejected fallback. |
| 7724 ExpectFailure(ERR_CONNECTION_CLOSED); | 7724 ExpectFailure(ERR_CONNECTION_CLOSED); |
| (...skipping 1092 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 8817 | 8817 |
| 8818 EXPECT_FALSE(r->is_pending()); | 8818 EXPECT_FALSE(r->is_pending()); |
| 8819 EXPECT_EQ(1, d->response_started_count()); | 8819 EXPECT_EQ(1, d->response_started_count()); |
| 8820 EXPECT_FALSE(d->received_data_before_response()); | 8820 EXPECT_FALSE(d->received_data_before_response()); |
| 8821 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); | 8821 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); |
| 8822 } | 8822 } |
| 8823 } | 8823 } |
| 8824 #endif // !defined(DISABLE_FTP_SUPPORT) | 8824 #endif // !defined(DISABLE_FTP_SUPPORT) |
| 8825 | 8825 |
| 8826 } // namespace net | 8826 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 834313002:
Roll BoringSSL 306e520:aac2f6a (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master