| 782740701db73dd2dc4fef9df8cde270b0e631a4 |
|
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Fix SSLContextTest.test_SSLContext_defaultConfiguration failure
This test was failing because it assumed that all SSLContext
instances have the same set of TLS protocol versions enabled.
The fix refactored SSLDefaultConfigurationAsserts class into
SSLConfigurationAsserts class. The main difference is that the new
class has wider scope: it can assert that (1) the default
configuration of TLS/SSL primitives is as expected -- exactly what
the old SSLDefaultConfigurationAsserts class offered, and (2) that
TLS/SSL primitives are configured the same as a provided SSLContext.
Assertions about the default configuration of primitives other than
SSLContext are now implemented by asserting that these primitives are
configured exactly like the default SSLContext.
Change-Id: I52d6514768c4053054df2cf79e7182d8fd87bfe2
|
| ee109f62e99f43bcf8b78c857af430be9cf02985 |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Assert that setEnabledProtocols/CipherSuites copy their inputs.
SSLSocket, SSLServerSocket, and SSLEngine offer setEnabledProtocols
and setEnabledCipherSuites methods which take an array of protocols
or cipher suites as input. If these methods store references to the
input arrays, then the internal state (lists of enabled protocols and
cipher suites) of SSLSocket, SSLServerSocket, and SSLEngine could be
modified without going through the setter methods of these classes.
Correct implementations of these methods should store copies of the
input arrays.
Bug: 15753142
Change-Id: Ia5248050d81320ed1da99892278bd60872605f52
|
| 358552b505a8985ec9ed3691d0a6d590b60d620f |
|
25-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Assert that getEnabledCipherSuites/Protocols is affected by setters.
Change-Id: I806cfd4fd7f8be39c9bfcce956f6c2804e917c26
|
| f605c6822da13b32cd3643415a707882b62a3e91 |
|
06-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Higher-level default configuration asserts for TLS/SSL primitives.
This adds SSLDefaultConfigurationAsserts class that offers
higher-level checks for each TLS/SSL primitive. The goals are:
* check not only the cipher suites and protocols configured but also
the configuration of child primitives (e.g, configuration of
SSLSockets returned by SSLSocketFactory, or configuration of
SSLSocketFactory returned by SSLContext).
* hide the upcoming target API level dependent configuration checks
from test classes.
Bug: 11220570
Change-Id: Iec1476a1b2d132c984413754129adfcb671885fb
|
| f13911b39126ffae49737dadc74332b3a84e0d19 |
|
04-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Exact asserts for TLS/SSL protocols used by default.
Previously, assertions about the list of protocols used by default by
TLS/SSL primitives were checking that all of the protocols are
supported, but were not checking that the list was exactly as
expected. This CL adjusts the assertions to check that all of the
expected protocols are listed and that no other protocols are listed.
Three assert methods are added, corresponding to the three
concentually different lists: client-side (e.g., SSLSocket),
server-side (SSLServerSocket), and SSLEngine which currently does not
switch lists based on whether it's in client or server mode.
Bug: 11220570
Change-Id: Ib6b56c2372d76f94f254481aa01d29d2d03a085f
|
| befd74b622281de69f9f72ed1a046b9b899d85eb |
|
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Test the default config of SSLServerSocket(Factory).
Bug: 11220570
Change-Id: If3025296c50f794dbba7ffef499e82f49f7da42b
|