summaryrefslogtreecommitdiff
path: root/src/components/security_manager
diff options
context:
space:
mode:
Diffstat (limited to 'src/components/security_manager')
-rw-r--r--src/components/security_manager/src/crypto_manager_impl.cc5
-rw-r--r--src/components/security_manager/test/ssl_context_test.cc59
2 files changed, 42 insertions, 22 deletions
diff --git a/src/components/security_manager/src/crypto_manager_impl.cc b/src/components/security_manager/src/crypto_manager_impl.cc
index f44198953b..6d88cb9233 100644
--- a/src/components/security_manager/src/crypto_manager_impl.cc
+++ b/src/components/security_manager/src/crypto_manager_impl.cc
@@ -136,8 +136,13 @@ bool CryptoManagerImpl::Init() {
#endif
switch (get_settings().security_manager_protocol_name()) {
case SSLv3:
+#ifdef OPENSSL_NO_SSL3
+ LOG4CXX_WARN(logger_, "OpenSSL does not support SSL3 protocol");
+ return false;
+#else
method = is_server ? SSLv3_server_method() : SSLv3_client_method();
break;
+#endif
case TLSv1:
method = is_server ? TLSv1_server_method() : TLSv1_client_method();
break;
diff --git a/src/components/security_manager/test/ssl_context_test.cc b/src/components/security_manager/test/ssl_context_test.cc
index b35da3fc61..1c50c5833b 100644
--- a/src/components/security_manager/test/ssl_context_test.cc
+++ b/src/components/security_manager/test/ssl_context_test.cc
@@ -218,7 +218,7 @@ class SSLTestParam : public testing::TestWithParam<ProtocolAndCipher> {
GetParam().server_ciphers_list);
const bool crypto_manager_initialization = crypto_manager->Init();
- EXPECT_TRUE(crypto_manager_initialization);
+ ASSERT_TRUE(crypto_manager_initialization);
mock_client_manager_settings_ = utils::MakeShared<
NiceMock<security_manager_test::MockCryptoManagerSettings>>();
@@ -231,7 +231,7 @@ class SSLTestParam : public testing::TestWithParam<ProtocolAndCipher> {
GetParam().client_ciphers_list);
const bool client_manager_initialization = client_manager->Init();
- EXPECT_TRUE(client_manager_initialization);
+ ASSERT_TRUE(client_manager_initialization);
server_ctx = crypto_manager->CreateSSLContext();
client_ctx = client_manager->CreateSSLContext();
@@ -251,9 +251,12 @@ class SSLTestParam : public testing::TestWithParam<ProtocolAndCipher> {
}
void TearDown() OVERRIDE {
- crypto_manager->ReleaseSSLContext(server_ctx);
- client_manager->ReleaseSSLContext(client_ctx);
-
+ if (crypto_manager) {
+ crypto_manager->ReleaseSSLContext(server_ctx);
+ }
+ if (client_manager) {
+ client_manager->ReleaseSSLContext(client_ctx);
+ }
delete crypto_manager;
delete client_manager;
}
@@ -293,10 +296,10 @@ class SSLTestParam : public testing::TestWithParam<ProtocolAndCipher> {
mock_crypto_manager_settings_;
utils::SharedPtr<NiceMock<security_manager_test::MockCryptoManagerSettings>>
mock_client_manager_settings_;
- security_manager::CryptoManager* crypto_manager;
- security_manager::CryptoManager* client_manager;
- security_manager::SSLContext* server_ctx;
- security_manager::SSLContext* client_ctx;
+ security_manager::CryptoManager* crypto_manager = NULL;
+ security_manager::CryptoManager* client_manager = NULL;
+ security_manager::SSLContext* server_ctx = NULL;
+ security_manager::SSLContext* client_ctx = NULL;
std::string certificate_data_base64_;
};
@@ -313,11 +316,15 @@ INSTANTIATE_TEST_CASE_P(
ProtocolAndCipher(security_manager::TLSv1_1,
security_manager::TLSv1_1,
kFordCipher,
- kFordCipher),
+ kFordCipher)
+#ifndef OPENSSL_NO_SSL3
+ ,
ProtocolAndCipher(security_manager::SSLv3,
security_manager::SSLv3,
kFordCipher,
- kFordCipher)));
+ kFordCipher)
+#endif
+ ));
INSTANTIATE_TEST_CASE_P(
IncorrectProtocolAndCiphers,
@@ -326,18 +333,10 @@ INSTANTIATE_TEST_CASE_P(
security_manager::TLSv1_1,
kFordCipher,
kFordCipher),
- ProtocolAndCipher(security_manager::TLSv1,
- security_manager::SSLv3,
- kFordCipher,
- kFordCipher),
ProtocolAndCipher(security_manager::TLSv1_1,
security_manager::TLSv1,
kFordCipher,
kFordCipher),
- ProtocolAndCipher(security_manager::TLSv1_1,
- security_manager::SSLv3,
- kFordCipher,
- kFordCipher),
ProtocolAndCipher(security_manager::TLSv1_2,
security_manager::TLSv1,
kFordCipher,
@@ -345,6 +344,16 @@ INSTANTIATE_TEST_CASE_P(
ProtocolAndCipher(security_manager::TLSv1_2,
security_manager::TLSv1_1,
kFordCipher,
+ kFordCipher)
+#ifndef OPENSSL_NO_SSL3
+ ,
+ ProtocolAndCipher(security_manager::TLSv1,
+ security_manager::SSLv3,
+ kFordCipher,
+ kFordCipher),
+ ProtocolAndCipher(security_manager::TLSv1_1,
+ security_manager::SSLv3,
+ kFordCipher,
kFordCipher),
ProtocolAndCipher(security_manager::TLSv1_2,
security_manager::SSLv3,
@@ -357,7 +366,9 @@ INSTANTIATE_TEST_CASE_P(
ProtocolAndCipher(security_manager::SSLv3,
security_manager::TLSv1_1,
kFordCipher,
- kFordCipher)));
+ kFordCipher)
+#endif
+ ));
TEST_F(SSLTest, OnTSL2Protocol_BrokenHandshake) {
ASSERT_EQ(security_manager::SSLContext::Handshake_Result_Success,
@@ -510,11 +521,15 @@ INSTANTIATE_TEST_CASE_P(
ProtocolAndCipher(security_manager::TLSv1_1,
security_manager::TLSv1_2,
kFordCipher,
- kFordCipher),
+ kFordCipher)
+#ifndef OPENSSL_NO_SSL3
+ ,
ProtocolAndCipher(security_manager::SSLv3,
security_manager::TLSv1_2,
kFordCipher,
- kFordCipher)));
+ kFordCipher)
+#endif
+ ));
TEST_P(SSLTestForTLS1_2, HandshakeFailed) {
ASSERT_EQ(security_manager::SSLContext::Handshake_Result_Success,
View Lorry Controller Status