diff options
author | Torbjorn Granlund <torbjorng@google.com> | 2016-01-14 15:17:53 +0100 |
---|---|---|
committer | Torbjorn Granlund <torbjorng@google.com> | 2016-01-14 14:18:02 +0000 |
commit | 31c8d2eac5aec977f584ab0ae5a1d457d674f101 (patch) | |
tree | 55ac1bf807784d9baaed6d6a2bd8752c6215d84a /webrtc | |
parent | e5e0e57bdfd8831b2ad917e7990e273fdfe26af4 (diff) | |
download | webrtc-31c8d2eac5aec977f584ab0ae5a1d457d674f101.tar.gz |
Update with new default boringssl no-aes cipher suites. Re-enable tests.
This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part).
BUG=webrtc:5381
R=davidben@webrtc.org, henrika@webrtc.org
Review URL: https://codereview.webrtc.org/1550773002 .
Cr-Commit-Position: refs/heads/master@{#11250}
Diffstat (limited to 'webrtc')
-rw-r--r-- | webrtc/base/opensslstreamadapter.cc | 8 | ||||
-rw-r--r-- | webrtc/base/sslstreamadapter_unittest.cc | 5 | ||||
-rw-r--r-- | webrtc/p2p/base/dtlstransportchannel_unittest.cc | 9 |
3 files changed, 4 insertions, 18 deletions
diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc index 7563f17c56..4b0fe02702 100644 --- a/webrtc/base/opensslstreamadapter.cc +++ b/webrtc/base/opensslstreamadapter.cc @@ -160,12 +160,10 @@ static int kDefaultSslCipher12 = static int kDefaultSslEcCipher12 = static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256); // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable. -// TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when -// available. static int kDefaultSslCipher12NoAesGcm = - static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD); + static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256); static int kDefaultSslEcCipher12NoAesGcm = - static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD); + static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256); #else // !OPENSSL_IS_BORINGSSL // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't // change between TLS 1.0 and TLS 1.2 with the current setup. @@ -173,7 +171,7 @@ static int kDefaultSslCipher12 = static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); static int kDefaultSslEcCipher12 = static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); -#endif +#endif // OPENSSL_IS_BORINGSSL #if defined(_MSC_VER) #pragma warning(pop) diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc index 1ed06c3154..a041c25211 100644 --- a/webrtc/base/sslstreamadapter_unittest.cc +++ b/webrtc/base/sslstreamadapter_unittest.cc @@ -1150,10 +1150,6 @@ INSTANTIATE_TEST_CASE_P( Values(rtc::KeyParams::RSA(1024, 65537), rtc::KeyParams::RSA(1152, 65537), rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); - -#if !defined(MEMORY_SANITIZER) -// Fails under MemorySanitizer: -// See https://code.google.com/p/webrtc/issues/detail?id=5381. INSTANTIATE_TEST_CASE_P( SSLStreamAdapterTestsDTLS, SSLStreamAdapterTestDTLS, @@ -1163,4 +1159,3 @@ INSTANTIATE_TEST_CASE_P( Values(rtc::KeyParams::RSA(1024, 65537), rtc::KeyParams::RSA(1152, 65537), rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); -#endif diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc index f5d42f3c6e..3791893442 100644 --- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc +++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc @@ -655,15 +655,8 @@ TEST_F(DtlsTransportChannelTest, TestDtls12None) { ASSERT_TRUE(Connect()); } -#if defined(MEMORY_SANITIZER) -// Fails under MemorySanitizer: -// See https://code.google.com/p/webrtc/issues/detail?id=5381. -#define MAYBE_TestDtls12Both DISABLED_TestDtls12Both -#else -#define MAYBE_TestDtls12Both TestDtls12Both -#endif // Create two channels with DTLS 1.2 and check ciphers. -TEST_F(DtlsTransportChannelTest, MAYBE_TestDtls12Both) { +TEST_F(DtlsTransportChannelTest, TestDtls12Both) { MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); |