diff options
| author | davidben <davidben@chromium.org> | 2015-05-04 12:06:49 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-05-04 19:07:21 +0000 |
| commit | 299e307c22f01fb6a5e4dc0a3a6dfa0c04b9d1db (patch) | |
| tree | 6666de3883067c496665e34664eb29096d8fc7d7 /net | |
| parent | 365d0800c0f214e1b9469e4342f7638fc3ec53f6 (diff) | |
| download | chromium_src-299e307c22f01fb6a5e4dc0a3a6dfa0c04b9d1db.zip chromium_src-299e307c22f01fb6a5e4dc0a3a6dfa0c04b9d1db.tar.gz chromium_src-299e307c22f01fb6a5e4dc0a3a6dfa0c04b9d1db.tar.bz2 | |
Check for both TLS 1.2 and AES-GCM support in SSLServerSocket tests.
This is a speculative fix for crbug.com/484034. It seems NSS added AES-GCM
support before the key derivation steps for TLS 1.2, so there may be versions
of NSS which support the former but not the latter.
BUG=484034
Review URL: https://codereview.chromium.org/1126633002
Cr-Commit-Position: refs/heads/master@{#328164}
Diffstat (limited to 'net')
| -rw-r--r-- | net/socket/ssl_server_socket_unittest.cc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/net/socket/ssl_server_socket_unittest.cc b/net/socket/ssl_server_socket_unittest.cc index c15b8cc..fab2cb1 100644 --- a/net/socket/ssl_server_socket_unittest.cc +++ b/net/socket/ssl_server_socket_unittest.cc @@ -55,6 +55,9 @@ #if !defined(CKM_AES_GCM) #define CKM_AES_GCM 0x00001087 #endif +#if !defined(CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256) +#define CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256 (CKM_NSS + 24) +#endif #endif namespace net { @@ -401,7 +404,9 @@ TEST_F(SSLServerSocketTest, Handshake) { #if defined(USE_OPENSSL) bool supports_aead = true; #else - bool supports_aead = PK11_TokenExists(CKM_AES_GCM); + bool supports_aead = + PK11_TokenExists(CKM_AES_GCM) && + PK11_TokenExists(CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256); #endif EXPECT_TRUE(!supports_aead || is_aead); } |