chrome/browser/prefs/chrome_command_line_pref_store_ssl_manager_unittest.cc - chromium/src.git - Git at Google

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "base/command_line.h"
 #include "base/memory/ref_counted.h"
 #include "base/message_loop/message_loop.h"
 #include "base/threading/thread_task_runner_handle.h"
 #include "chrome/browser/prefs/chrome_command_line_pref_store.h"
 #include "components/prefs/pref_registry_simple.h"
 #include "components/prefs/pref_service.h"
 #include "components/prefs/testing_pref_store.h"
 #include "components/ssl_config/ssl_config_prefs.h"
 #include "components/ssl_config/ssl_config_service_manager.h"
 #include "components/ssl_config/ssl_config_switches.h"
 #include "components/sync_preferences/pref_service_mock_factory.h"
 #include "net/ssl/ssl_config.h"
 #include "net/ssl/ssl_config_service.h"
 #include "testing/gtest/include/gtest/gtest.h"

 using net::SSLConfig;
 using net::SSLConfigService;
 using ssl_config::SSLConfigServiceManager;

 class CommandLinePrefStoreSSLManagerTest : public testing::Test {
  public:
   CommandLinePrefStoreSSLManagerTest() {}

  protected:
   base::MessageLoop message_loop_;
 };

 // Test that command-line settings for SSL versions and TLS 1.3 variants
 // are respected and that they do not persist to the preferences files.
 TEST_F(CommandLinePrefStoreSSLManagerTest, CommandLinePrefs) {
   scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore());

   base::CommandLine command_line(base::CommandLine::NO_PROGRAM);
   command_line.AppendSwitchASCII(switches::kSSLVersionMin, "tls1.1");
   command_line.AppendSwitchASCII(switches::kSSLVersionMax, "tls1.2");
   command_line.AppendSwitchASCII(switches::kTLS13Variant, "draft");

   sync_preferences::PrefServiceMockFactory factory;
   factory.set_user_prefs(local_state_store);
   factory.set_command_line_prefs(new ChromeCommandLinePrefStore(&command_line));
   scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
   std::unique_ptr<PrefService> local_state(factory.Create(registry.get()));

   SSLConfigServiceManager::RegisterPrefs(registry.get());

   std::unique_ptr<SSLConfigServiceManager> config_manager(
       SSLConfigServiceManager::CreateDefaultManager(
           local_state.get(), base::ThreadTaskRunnerHandle::Get()));
   ASSERT_TRUE(config_manager.get());
   scoped_refptr<SSLConfigService> config_service(config_manager->Get());
   ASSERT_TRUE(config_service.get());

   SSLConfig ssl_config;
   config_service->GetSSLConfig(&ssl_config);
   // Command-line flags should be respected.
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_1, ssl_config.version_min);
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max);
   EXPECT_EQ(net::kTLS13VariantDraft, ssl_config.tls13_variant);

   // Explicitly double-check the settings are not in the preference store.
   const PrefService::Preference* version_min_pref =
       local_state->FindPreference(ssl_config::prefs::kSSLVersionMin);
   EXPECT_FALSE(version_min_pref->IsUserModifiable());

   const PrefService::Preference* version_max_pref =
       local_state->FindPreference(ssl_config::prefs::kSSLVersionMax);
   EXPECT_FALSE(version_max_pref->IsUserModifiable());

   const PrefService::Preference* tls13_variant_pref =
       local_state->FindPreference(ssl_config::prefs::kTLS13Variant);
   EXPECT_FALSE(tls13_variant_pref->IsUserModifiable());

   std::string version_min_str;
   std::string version_max_str;
   std::string tls13_variant_str;
   EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kSSLVersionMin,
                                             &version_min_str));
   EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kSSLVersionMax,
                                             &version_max_str));
   EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kTLS13Variant,
                                             &tls13_variant_str));
 }

 // Test that setting an enabled TLS 1.3 variant correctly sets SSLVersionMax.
 TEST_F(CommandLinePrefStoreSSLManagerTest, TLS13VariantEnabled) {
   scoped_refptr<TestingPrefStore> local_state_store =
       base::MakeRefCounted<TestingPrefStore>();

   base::CommandLine command_line(base::CommandLine::NO_PROGRAM);
   command_line.AppendSwitchASCII(switches::kTLS13Variant, "experiment");

   sync_preferences::PrefServiceMockFactory factory;
   factory.set_user_prefs(local_state_store);
   factory.set_command_line_prefs(new ChromeCommandLinePrefStore(&command_line));
   scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
   std::unique_ptr<PrefService> local_state(factory.Create(registry.get()));

   SSLConfigServiceManager::RegisterPrefs(registry.get());

   std::unique_ptr<SSLConfigServiceManager> config_manager(
       SSLConfigServiceManager::CreateDefaultManager(
           local_state.get(), base::ThreadTaskRunnerHandle::Get()));
   ASSERT_TRUE(config_manager.get());
   scoped_refptr<SSLConfigService> config_service(config_manager->Get());
   ASSERT_TRUE(config_service.get());

   SSLConfig ssl_config;
   config_service->GetSSLConfig(&ssl_config);
   // Command-line flags should be respected.
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max);
   EXPECT_EQ(net::kTLS13VariantExperiment, ssl_config.tls13_variant);
 }

 // Test that setting a disabled TLS 1.3 variant correctly sets SSLVersionMax.
 TEST_F(CommandLinePrefStoreSSLManagerTest, TLS13VariantDisabled) {
   scoped_refptr<TestingPrefStore> local_state_store =
       base::MakeRefCounted<TestingPrefStore>();

   base::CommandLine command_line(base::CommandLine::NO_PROGRAM);
   command_line.AppendSwitchASCII(switches::kSSLVersionMax, "tls1.3");
   command_line.AppendSwitchASCII(switches::kTLS13Variant, "disabled");

   sync_preferences::PrefServiceMockFactory factory;
   factory.set_user_prefs(local_state_store);
   factory.set_command_line_prefs(new ChromeCommandLinePrefStore(&command_line));
   scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
   std::unique_ptr<PrefService> local_state(factory.Create(registry.get()));

   SSLConfigServiceManager::RegisterPrefs(registry.get());

   std::unique_ptr<SSLConfigServiceManager> config_manager(
       SSLConfigServiceManager::CreateDefaultManager(
           local_state.get(), base::ThreadTaskRunnerHandle::Get()));
   ASSERT_TRUE(config_manager.get());
   scoped_refptr<SSLConfigService> config_service(config_manager->Get());
   ASSERT_TRUE(config_service.get());

   SSLConfig ssl_config;
   config_service->GetSSLConfig(&ssl_config);
   // Command-line flags should be respected.
   EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_2, ssl_config.version_max);
 }
	// Copyright 2015 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "base/command_line.h"
	#include "base/memory/ref_counted.h"
	#include "base/message_loop/message_loop.h"
	#include "base/threading/thread_task_runner_handle.h"
	#include "chrome/browser/prefs/chrome_command_line_pref_store.h"
	#include "components/prefs/pref_registry_simple.h"
	#include "components/prefs/pref_service.h"
	#include "components/prefs/testing_pref_store.h"
	#include "components/ssl_config/ssl_config_prefs.h"
	#include "components/ssl_config/ssl_config_service_manager.h"
	#include "components/ssl_config/ssl_config_switches.h"
	#include "components/sync_preferences/pref_service_mock_factory.h"
	#include "net/ssl/ssl_config.h"
	#include "net/ssl/ssl_config_service.h"
	#include "testing/gtest/include/gtest/gtest.h"

	using net::SSLConfig;
	using net::SSLConfigService;
	using ssl_config::SSLConfigServiceManager;

	class CommandLinePrefStoreSSLManagerTest : public testing::Test {
	public:
	CommandLinePrefStoreSSLManagerTest() {}

	protected:
	base::MessageLoop message_loop_;
	};

	// Test that command-line settings for SSL versions and TLS 1.3 variants
	// are respected and that they do not persist to the preferences files.
	TEST_F(CommandLinePrefStoreSSLManagerTest, CommandLinePrefs) {
	scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore());

	base::CommandLine command_line(base::CommandLine::NO_PROGRAM);
	command_line.AppendSwitchASCII(switches::kSSLVersionMin, "tls1.1");
	command_line.AppendSwitchASCII(switches::kSSLVersionMax, "tls1.2");
	command_line.AppendSwitchASCII(switches::kTLS13Variant, "draft");

	sync_preferences::PrefServiceMockFactory factory;
	factory.set_user_prefs(local_state_store);
	factory.set_command_line_prefs(new ChromeCommandLinePrefStore(&command_line));
	scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
	std::unique_ptr<PrefService> local_state(factory.Create(registry.get()));

	SSLConfigServiceManager::RegisterPrefs(registry.get());

	std::unique_ptr<SSLConfigServiceManager> config_manager(
	SSLConfigServiceManager::CreateDefaultManager(
	local_state.get(), base::ThreadTaskRunnerHandle::Get()));
	ASSERT_TRUE(config_manager.get());
	scoped_refptr<SSLConfigService> config_service(config_manager->Get());
	ASSERT_TRUE(config_service.get());

	SSLConfig ssl_config;
	config_service->GetSSLConfig(&ssl_config);
	// Command-line flags should be respected.
	EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_1, ssl_config.version_min);
	EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max);
	EXPECT_EQ(net::kTLS13VariantDraft, ssl_config.tls13_variant);

	// Explicitly double-check the settings are not in the preference store.
	const PrefService::Preference* version_min_pref =
	local_state->FindPreference(ssl_config::prefs::kSSLVersionMin);
	EXPECT_FALSE(version_min_pref->IsUserModifiable());

	const PrefService::Preference* version_max_pref =
	local_state->FindPreference(ssl_config::prefs::kSSLVersionMax);
	EXPECT_FALSE(version_max_pref->IsUserModifiable());

	const PrefService::Preference* tls13_variant_pref =
	local_state->FindPreference(ssl_config::prefs::kTLS13Variant);
	EXPECT_FALSE(tls13_variant_pref->IsUserModifiable());

	std::string version_min_str;
	std::string version_max_str;
	std::string tls13_variant_str;
	EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kSSLVersionMin,
	&version_min_str));
	EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kSSLVersionMax,
	&version_max_str));
	EXPECT_FALSE(local_state_store->GetString(ssl_config::prefs::kTLS13Variant,
	&tls13_variant_str));
	}

	// Test that setting an enabled TLS 1.3 variant correctly sets SSLVersionMax.
	TEST_F(CommandLinePrefStoreSSLManagerTest, TLS13VariantEnabled) {
	scoped_refptr<TestingPrefStore> local_state_store =
	base::MakeRefCounted<TestingPrefStore>();

	base::CommandLine command_line(base::CommandLine::NO_PROGRAM);
	command_line.AppendSwitchASCII(switches::kTLS13Variant, "experiment");

	sync_preferences::PrefServiceMockFactory factory;
	factory.set_user_prefs(local_state_store);
	factory.set_command_line_prefs(new ChromeCommandLinePrefStore(&command_line));
	scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
	std::unique_ptr<PrefService> local_state(factory.Create(registry.get()));

	SSLConfigServiceManager::RegisterPrefs(registry.get());

	std::unique_ptr<SSLConfigServiceManager> config_manager(
	SSLConfigServiceManager::CreateDefaultManager(
	local_state.get(), base::ThreadTaskRunnerHandle::Get()));
	ASSERT_TRUE(config_manager.get());
	scoped_refptr<SSLConfigService> config_service(config_manager->Get());
	ASSERT_TRUE(config_service.get());

	SSLConfig ssl_config;
	config_service->GetSSLConfig(&ssl_config);
	// Command-line flags should be respected.
	EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max);
	EXPECT_EQ(net::kTLS13VariantExperiment, ssl_config.tls13_variant);
	}

	// Test that setting a disabled TLS 1.3 variant correctly sets SSLVersionMax.
	TEST_F(CommandLinePrefStoreSSLManagerTest, TLS13VariantDisabled) {
	scoped_refptr<TestingPrefStore> local_state_store =
	base::MakeRefCounted<TestingPrefStore>();

	base::CommandLine command_line(base::CommandLine::NO_PROGRAM);
	command_line.AppendSwitchASCII(switches::kSSLVersionMax, "tls1.3");
	command_line.AppendSwitchASCII(switches::kTLS13Variant, "disabled");

	sync_preferences::PrefServiceMockFactory factory;
	factory.set_user_prefs(local_state_store);
	factory.set_command_line_prefs(new ChromeCommandLinePrefStore(&command_line));
	scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple;
	std::unique_ptr<PrefService> local_state(factory.Create(registry.get()));

	SSLConfigServiceManager::RegisterPrefs(registry.get());

	std::unique_ptr<SSLConfigServiceManager> config_manager(
	SSLConfigServiceManager::CreateDefaultManager(
	local_state.get(), base::ThreadTaskRunnerHandle::Get()));
	ASSERT_TRUE(config_manager.get());
	scoped_refptr<SSLConfigService> config_service(config_manager->Get());
	ASSERT_TRUE(config_service.get());

	SSLConfig ssl_config;
	config_service->GetSSLConfig(&ssl_config);
	// Command-line flags should be respected.
	EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_2, ssl_config.version_max);
	}