15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/net/ssl_config_service_manager.h" 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/command_line.h" 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/ref_counted.h" 99ab5563a3196760eb381d102cbb2bc0f7abc6a50Ben Murdoch#include "base/message_loop/message_loop.h" 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/prefs/pref_registry_simple.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/prefs/testing_pref_store.h" 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/values.h" 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/content_settings/host_content_settings_map.h" 14f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "chrome/browser/prefs/pref_service_mock_factory.h" 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/chrome_switches.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/pref_names.h" 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chrome/test/base/testing_pref_service_syncable.h" 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/test/base/testing_profile.h" 191320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci#include "components/content_settings/core/common/content_settings.h" 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/test/test_browser_thread.h" 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "net/ssl/ssl_config_service.h" 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using base::ListValue; 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using base::Value; 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::BrowserThread; 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using net::SSLConfig; 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using net::SSLConfigService; 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SSLConfigServiceManagerPrefTest : public testing::Test { 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfigServiceManagerPrefTest() 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : ui_thread_(BrowserThread::UI, &message_loop_), 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) io_thread_(BrowserThread::IO, &message_loop_) {} 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) protected: 3790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoop message_loop_; 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TestBrowserThread ui_thread_; 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TestBrowserThread io_thread_; 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test channel id with no user prefs. 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SSLConfigServiceManagerPrefTest, ChannelIDWithoutUserPrefs) { 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) TestingPrefServiceSimple local_state; 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SSLConfigServiceManager::RegisterPrefs(local_state.registry()); 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<SSLConfigServiceManager> config_manager( 4890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) SSLConfigServiceManager::CreateDefaultManager(&local_state)); 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_manager.get()); 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<SSLConfigService> config_service(config_manager->Get()); 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_service.get()); 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig config; 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&config); 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(config.channel_id_enabled); 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that cipher suites can be disabled. "Good" refers to the fact that 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// every value is expected to be successfully parsed into a cipher suite. 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SSLConfigServiceManagerPrefTest, GoodDisabledCipherSuites) { 612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) TestingPrefServiceSimple local_state; 622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SSLConfigServiceManager::RegisterPrefs(local_state.registry()); 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<SSLConfigServiceManager> config_manager( 6590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) SSLConfigServiceManager::CreateDefaultManager(&local_state)); 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_manager.get()); 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<SSLConfigService> config_service(config_manager->Get()); 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_service.get()); 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig old_config; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&old_config); 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::ListValue* list_value = new base::ListValue(); 75effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch list_value->Append(new base::StringValue("0x0004")); 76effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch list_value->Append(new base::StringValue("0x0005")); 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) local_state.SetUserPref(prefs::kCipherSuiteBlacklist, list_value); 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Pump the message loop to notify the SSLConfigServiceManagerPref that the 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // preferences changed. 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) message_loop_.RunUntilIdle(); 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig config; 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&config); 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_NE(old_config.disabled_cipher_suites, config.disabled_cipher_suites); 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_EQ(2u, config.disabled_cipher_suites.size()); 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(0x0004, config.disabled_cipher_suites[0]); 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that cipher suites can be disabled. "Bad" refers to the fact that 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// there are one or more non-cipher suite strings in the preference. They 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// should be ignored. 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SSLConfigServiceManagerPrefTest, BadDisabledCipherSuites) { 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) TestingPrefServiceSimple local_state; 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SSLConfigServiceManager::RegisterPrefs(local_state.registry()); 985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<SSLConfigServiceManager> config_manager( 10090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) SSLConfigServiceManager::CreateDefaultManager(&local_state)); 1015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_manager.get()); 1025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<SSLConfigService> config_service(config_manager->Get()); 1035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_service.get()); 1045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig old_config; 1065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&old_config); 1075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(old_config.disabled_cipher_suites.empty()); 1085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::ListValue* list_value = new base::ListValue(); 110effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch list_value->Append(new base::StringValue("0x0004")); 111effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch list_value->Append(new base::StringValue("TLS_NOT_WITH_A_CIPHER_SUITE")); 112effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch list_value->Append(new base::StringValue("0x0005")); 113effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch list_value->Append(new base::StringValue("0xBEEFY")); 1145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) local_state.SetUserPref(prefs::kCipherSuiteBlacklist, list_value); 1155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Pump the message loop to notify the SSLConfigServiceManagerPref that the 1175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // preferences changed. 1182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) message_loop_.RunUntilIdle(); 1195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig config; 1215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&config); 1225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_NE(old_config.disabled_cipher_suites, config.disabled_cipher_suites); 1245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_EQ(2u, config.disabled_cipher_suites.size()); 1255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(0x0004, config.disabled_cipher_suites[0]); 1265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(0x0005, config.disabled_cipher_suites[1]); 1275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 129effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch// Test that without command-line settings for minimum and maximum SSL versions, 130effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch// SSL 3.0 ~ kDefaultSSLVersionMax are enabled. 1315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SSLConfigServiceManagerPrefTest, NoCommandLinePrefs) { 1325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); 1335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 134f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) PrefServiceMockFactory factory; 135f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) factory.set_user_prefs(local_state_store); 1362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple; 137f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) scoped_ptr<PrefService> local_state(factory.Create(registry.get())); 1385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 139868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) SSLConfigServiceManager::RegisterPrefs(registry.get()); 1405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<SSLConfigServiceManager> config_manager( 14290dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) SSLConfigServiceManager::CreateDefaultManager(local_state.get())); 1435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_manager.get()); 1445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<SSLConfigService> config_service(config_manager->Get()); 1455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_service.get()); 1465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig ssl_config; 1485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&ssl_config); 1495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The default value in the absence of command-line options is that 150effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch // SSL 3.0 ~ kDefaultSSLVersionMax are enabled. 1515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_min); 152effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch EXPECT_EQ(net::kDefaultSSLVersionMax, ssl_config.version_max); 1535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The settings should not be added to the local_state. 1555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMin)); 1565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(local_state->HasPrefPath(prefs::kSSLVersionMax)); 1575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Explicitly double-check the settings are not in the preference store. 1595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string version_min_str; 1605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string version_max_str; 1615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMin, 1625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &version_min_str)); 1635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMax, 1645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &version_max_str)); 1655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 1665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that command-line settings for minimum and maximum SSL versions are 1685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// respected and that they do not persist to the preferences files. 1695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST_F(SSLConfigServiceManagerPrefTest, CommandLinePrefs) { 1705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore()); 1715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CommandLine command_line(CommandLine::NO_PROGRAM); 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) command_line.AppendSwitchASCII(switches::kSSLVersionMin, "tls1"); 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) command_line.AppendSwitchASCII(switches::kSSLVersionMax, "ssl3"); 1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 176f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) PrefServiceMockFactory factory; 177f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) factory.set_user_prefs(local_state_store); 178f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) factory.SetCommandLine(&command_line); 1792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_refptr<PrefRegistrySimple> registry = new PrefRegistrySimple; 180f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) scoped_ptr<PrefService> local_state(factory.Create(registry.get())); 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 182868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) SSLConfigServiceManager::RegisterPrefs(registry.get()); 1835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_ptr<SSLConfigServiceManager> config_manager( 18590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) SSLConfigServiceManager::CreateDefaultManager(local_state.get())); 1865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_manager.get()); 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<SSLConfigService> config_service(config_manager->Get()); 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(config_service.get()); 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLConfig ssl_config; 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) config_service->GetSSLConfig(&ssl_config); 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Command-line flags should be respected. 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_min); 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max); 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Explicitly double-check the settings are not in the preference store. 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const PrefService::Preference* version_min_pref = 1985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) local_state->FindPreference(prefs::kSSLVersionMin); 1995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(version_min_pref->IsUserModifiable()); 2005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const PrefService::Preference* version_max_pref = 2025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) local_state->FindPreference(prefs::kSSLVersionMax); 2035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(version_max_pref->IsUserModifiable()); 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string version_min_str; 2065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string version_max_str; 2075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMin, 2085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &version_min_str)); 2095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(local_state_store->GetString(prefs::kSSLVersionMax, 2105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &version_max_str)); 2115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 212