tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

ssl_option_unittest.cc (2590B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=2 et sw=2 tw=80: */
      3 /* This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      5 * You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #include "gtest_utils.h"
      8 #include "ssl.h"
      9 #include "tls_connect.h"
     10 
     11 namespace nss_test {
     12 
     13 class SslOptionTest : public ::testing::Test {};
     14 
     15 static PRInt32 nextOption(PRInt32 index) {
     16  switch (++index) {
     17    case SSL_SOCKS:                // pinned to false
     18    case 4:                        // not defined
     19    case SSL_ENABLE_SSL2:          // pinned to false
     20    case SSL_V2_COMPATIBLE_HELLO:  // pinned to false
     21    case SSL_ENABLE_TLS:           // depends on other options
     22    case SSL_NO_STEP_DOWN:         // pinned to false
     23    case SSL_BYPASS_PKCS11:        // pinned to false
     24    case SSL_ENABLE_NPN:           // pinned to false
     25    case SSL_RECORD_SIZE_LIMIT:    // not a boolean
     26      return nextOption(index);
     27  }
     28  return index;
     29 }
     30 
     31 TEST_F(SslOptionTest, OptionSetDefault) {
     32  PRIntn original, modified;
     33  PRInt32 index = nextOption(0);
     34  while (SECSuccess == SSL_OptionGetDefault(index, &original)) {
     35    EXPECT_EQ(SECSuccess, SSL_OptionSetDefault(index, 1 ^ original));
     36    EXPECT_EQ(SECSuccess, SSL_OptionGetDefault(index, &modified));
     37    EXPECT_EQ(modified, 1 ^ original);
     38    EXPECT_EQ(SECSuccess, SSL_OptionSetDefault(index, original));
     39    index = nextOption(index);
     40  }
     41 
     42  // Update the expected value here when new options are added.
     43  EXPECT_EQ(index, SSL_DB_LOAD_CERTIFICATE_CHAIN + 1);
     44 }
     45 
     46 TEST_F(TlsConnectStreamTls13, OptionSet) {
     47  EnsureTlsSetup();
     48  PRIntn original, modified;
     49  PRInt32 index = nextOption(0);
     50  while (SECSuccess == SSL_OptionGetDefault(index, &original)) {
     51    EXPECT_EQ(SECSuccess,
     52              SSL_OptionSet(client_->ssl_fd(), index, 1 ^ original));
     53    EXPECT_EQ(SECSuccess, SSL_OptionGet(client_->ssl_fd(), index, &modified));
     54    EXPECT_EQ(modified, 1 ^ original);
     55    EXPECT_EQ(SECSuccess, SSL_OptionSet(client_->ssl_fd(), index, original));
     56    index = nextOption(index);
     57  }
     58 
     59  // Update the expected value here when new options are added.
     60  EXPECT_EQ(index, SSL_DB_LOAD_CERTIFICATE_CHAIN + 1);
     61  Connect();
     62 }
     63 
     64 TEST_P(TlsConnectTls12Plus, NoLocksHandshake) {
     65  EnsureTlsSetup();
     66 
     67  EXPECT_EQ(SECSuccess,
     68            SSL_OptionSet(client_->ssl_fd(), SSL_NO_LOCKS, PR_TRUE));
     69  EXPECT_EQ(SECSuccess,
     70            SSL_OptionSet(server_->ssl_fd(), SSL_NO_LOCKS, PR_TRUE));
     71 
     72  Connect();
     73 }
     74 
     75 }  // namespace nss_test