diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-11 20:16:13 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-11 20:16:13 +0000 |
| commit | 974fbdfb90469825bd7061a7687767a0816aa29e (patch) | |
| tree | 06e3260b8d6e3bf0ed323d5735d7aa2bfc2b5016 /net/test | |
| parent | 3bc627156b7c1594df0ae95407e6b9d18f5b7343 (diff) | |
| download | chromium_src-974fbdfb90469825bd7061a7687767a0816aa29e.zip chromium_src-974fbdfb90469825bd7061a7687767a0816aa29e.tar.gz chromium_src-974fbdfb90469825bd7061a7687767a0816aa29e.tar.bz2 | |
net: add test for TLS_FALLBACK_SCSV
BUG=310768
Review URL: https://codereview.chromium.org/109563002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240163 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/test')
| -rw-r--r-- | net/test/spawned_test_server/base_test_server.cc | 8 | ||||
| -rw-r--r-- | net/test/spawned_test_server/base_test_server.h | 7 |
2 files changed, 13 insertions, 2 deletions
diff --git a/net/test/spawned_test_server/base_test_server.cc b/net/test/spawned_test_server/base_test_server.cc index 7ef2aba..3b06a0a 100644 --- a/net/test/spawned_test_server/base_test_server.cc +++ b/net/test/spawned_test_server/base_test_server.cc @@ -60,7 +60,8 @@ BaseTestServer::SSLOptions::SSLOptions() request_client_certificate(false), bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), record_resume(false), - tls_intolerant(TLS_INTOLERANT_NONE) {} + tls_intolerant(TLS_INTOLERANT_NONE), + fallback_scsv_enabled(false) {} BaseTestServer::SSLOptions::SSLOptions( BaseTestServer::SSLOptions::ServerCertificate cert) @@ -70,7 +71,8 @@ BaseTestServer::SSLOptions::SSLOptions( request_client_certificate(false), bulk_ciphers(SSLOptions::BULK_CIPHER_ANY), record_resume(false), - tls_intolerant(TLS_INTOLERANT_NONE) {} + tls_intolerant(TLS_INTOLERANT_NONE), + fallback_scsv_enabled(false) {} BaseTestServer::SSLOptions::~SSLOptions() {} @@ -396,6 +398,8 @@ bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const { arguments->Set("tls-intolerant", new base::FundamentalValue(ssl_options_.tls_intolerant)); } + if (ssl_options_.fallback_scsv_enabled) + arguments->Set("fallback-scsv", base::Value::CreateNullValue()); if (!ssl_options_.signed_cert_timestamps.empty()) { std::string b64_scts; base::Base64Encode(ssl_options_.signed_cert_timestamps, &b64_scts); diff --git a/net/test/spawned_test_server/base_test_server.h b/net/test/spawned_test_server/base_test_server.h index 9d5cda8..bb82ed0 100644 --- a/net/test/spawned_test_server/base_test_server.h +++ b/net/test/spawned_test_server/base_test_server.h @@ -148,6 +148,13 @@ class BaseTestServer { // negotiates an intolerant TLS version in order to test version fallback. TLSIntolerantLevel tls_intolerant; + // fallback_scsv_enabled, if true, causes the server to process the + // TLS_FALLBACK_SCSV cipher suite. This cipher suite is sent by Chrome + // when performing TLS version fallback in response to an SSL handshake + // failure. If this option is enabled then the server will reject fallback + // connections. + bool fallback_scsv_enabled; + // (Fake) SignedCertificateTimestampList (as a raw binary string) to send in // a TLS extension. // Temporary glue for testing: validation of SCTs is application-controlled |