widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade TLS version in integration tests

Browse Source 
[ Merge of http://go/wvgerrit/18295 ]

SSL v3 is being disabled across Google infrastructure. Networking
code in integration tests used SSL v3 during HTTPS protocol negotiation.
Once this is disabled, it will cause integration test failures at
staging and UAT license servers.

With this change the client will use TLS 1.2. Insecure cipher suites
(TLS_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_RC4_128_SHA,
 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA)
have been disabled as well.

b/29356581

Change-Id: I98a04d345fe83c48132b9d79986a21cc84827dc8
This commit is contained in:
Rahul Frias
2016-06-17 19:33:43 -07:00
parent e33895f5de
commit b552a133c2
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libwvdrmengine/cdm/core/test/http_socket.cpp
View File

@@ -41,9 +41,12 @@ SSL_CTX* InitSslContext() {
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
SSL_load_error_strings(); SSL_load_error_strings();
method = SSLv3_client_method(); method = TLSv1_2_client_method();
ctx = SSL_CTX_new(method); ctx = SSL_CTX_new(method);
if (!ctx) LOGE("failed to create SSL context"); if (!ctx) LOGE("failed to create SSL context");
int ret = SSL_CTX_set_cipher_list(
ctx, "ALL:!RC4-MD5:!RC4-SHA:!ECDHE-ECDSA-RC4-SHA:!ECDHE-RSA-RC4-SHA");
if (0 != ret) LOGE("error disabling vulnerable ciphers");
return ctx; return ctx;
} }