diff options
author | sprang <sprang@webrtc.org> | 2016-01-14 09:14:02 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-01-14 17:14:06 +0000 |
commit | 3542013f587f0858fb24fa8e554ec3c01a323da8 (patch) | |
tree | 924410eee6f0419f14014bdd119277526875513e | |
parent | 2734d77c952cfae75fa79fd0631cc34caec4f084 (diff) | |
download | webrtc-3542013f587f0858fb24fa8e554ec3c01a323da8.tar.gz |
Revert of Update with new default boringssl no-aes cipher suites. Re-enable tests. (patchset #3 id:40001 of https://codereview.webrtc.org/1550773002/ )
Reason for revert:
We're getting boringssl version conflicts. Reverting for now.
Original issue's description:
> Update with new default boringssl no-aes cipher suites. Re-enable tests.
>
> This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part).
>
> BUG=webrtc:5381
> R=davidben@webrtc.org, henrika@webrtc.org
>
> Committed: https://crrev.com/31c8d2eac5aec977f584ab0ae5a1d457d674f101
> Cr-Commit-Position: refs/heads/master@{#11250}
TBR=davidben@webrtc.org,henrika@webrtc.org,torbjorng@webrtc.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=webrtc:5381
Review URL: https://codereview.webrtc.org/1586183002
Cr-Commit-Position: refs/heads/master@{#11253}
-rw-r--r-- | talk/app/webrtc/peerconnection_unittest.cc | 9 | ||||
-rw-r--r-- | webrtc/base/opensslstreamadapter.cc | 8 | ||||
-rw-r--r-- | webrtc/base/sslstreamadapter_unittest.cc | 5 | ||||
-rw-r--r-- | webrtc/p2p/base/dtlstransportchannel_unittest.cc | 9 |
4 files changed, 26 insertions, 5 deletions
diff --git a/talk/app/webrtc/peerconnection_unittest.cc b/talk/app/webrtc/peerconnection_unittest.cc index cf53c44f11..8d0793e25f 100644 --- a/talk/app/webrtc/peerconnection_unittest.cc +++ b/talk/app/webrtc/peerconnection_unittest.cc @@ -1485,8 +1485,15 @@ TEST_F(P2PTestConductor, GetDtls12None) { kDefaultSrtpCryptoSuite)); } +#if defined(MEMORY_SANITIZER) +// Fails under MemorySanitizer: +// See https://code.google.com/p/webrtc/issues/detail?id=5381. +#define MAYBE_GetDtls12Both DISABLED_GetDtls12Both +#else +#define MAYBE_GetDtls12Both GetDtls12Both +#endif // Test that DTLS 1.2 is used if both ends support it. -TEST_F(P2PTestConductor, GetDtls12Both) { +TEST_F(P2PTestConductor, MAYBE_GetDtls12Both) { PeerConnectionFactory::Options init_options; init_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12; PeerConnectionFactory::Options recv_options; diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc index 4b0fe02702..7563f17c56 100644 --- a/webrtc/base/opensslstreamadapter.cc +++ b/webrtc/base/opensslstreamadapter.cc @@ -160,10 +160,12 @@ static int kDefaultSslCipher12 = static int kDefaultSslEcCipher12 = static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256); // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable. +// TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when +// available. static int kDefaultSslCipher12NoAesGcm = - static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); + static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD); static int kDefaultSslEcCipher12NoAesGcm = - static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256); + static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD); #else // !OPENSSL_IS_BORINGSSL // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't // change between TLS 1.0 and TLS 1.2 with the current setup. @@ -171,7 +173,7 @@ static int kDefaultSslCipher12 = static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); static int kDefaultSslEcCipher12 = static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); -#endif // OPENSSL_IS_BORINGSSL +#endif #if defined(_MSC_VER) #pragma warning(pop) diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc index a041c25211..1ed06c3154 100644 --- a/webrtc/base/sslstreamadapter_unittest.cc +++ b/webrtc/base/sslstreamadapter_unittest.cc @@ -1150,6 +1150,10 @@ INSTANTIATE_TEST_CASE_P( Values(rtc::KeyParams::RSA(1024, 65537), rtc::KeyParams::RSA(1152, 65537), rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); + +#if !defined(MEMORY_SANITIZER) +// Fails under MemorySanitizer: +// See https://code.google.com/p/webrtc/issues/detail?id=5381. INSTANTIATE_TEST_CASE_P( SSLStreamAdapterTestsDTLS, SSLStreamAdapterTestDTLS, @@ -1159,3 +1163,4 @@ INSTANTIATE_TEST_CASE_P( Values(rtc::KeyParams::RSA(1024, 65537), rtc::KeyParams::RSA(1152, 65537), rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); +#endif diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc index 3791893442..f5d42f3c6e 100644 --- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc +++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc @@ -655,8 +655,15 @@ TEST_F(DtlsTransportChannelTest, TestDtls12None) { ASSERT_TRUE(Connect()); } +#if defined(MEMORY_SANITIZER) +// Fails under MemorySanitizer: +// See https://code.google.com/p/webrtc/issues/detail?id=5381. +#define MAYBE_TestDtls12Both DISABLED_TestDtls12Both +#else +#define MAYBE_TestDtls12Both TestDtls12Both +#endif // Create two channels with DTLS 1.2 and check ciphers. -TEST_F(DtlsTransportChannelTest, TestDtls12Both) { +TEST_F(DtlsTransportChannelTest, MAYBE_TestDtls12Both) { MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); |