Revert of Update with new default boringssl no-aes cipher suites. Re-enable tests. (patchset #3 id:40001 of https://codereview.webrtc.org/1550773002/ ) Reason for revert: We're getting boringssl version conflicts. Reverting for now. Original issue's description: > Update with new default boringssl no-aes cipher suites. Re-enable tests. > > This undoes https://codereview.webrtc.org/1533253002 (except the DEPS part). > > BUG=webrtc:5381 > R=davidben@webrtc.org, henrika@webrtc.org > > Committed: https://crrev.com/31c8d2eac5aec977f584ab0ae5a1d457d674f101 > Cr-Commit-Position: refs/heads/master@{#11250} TBR=davidben@webrtc.org,henrika@webrtc.org,torbjorng@webrtc.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=webrtc:5381 Review URL: https://codereview.webrtc.org/1586183002 Cr-Commit-Position: refs/heads/master@{#11253}

commit: 3542013f587f0858fb24fa8e554ec3c01a323da8 [log] [tgz]
author: sprang <sprang@webrtc.org> Thu Jan 14 09:14:02 2016 -0800
committer: Commit bot <commit-bot@chromium.org> Thu Jan 14 17:14:06 2016 +0000
tree: 924410eee6f0419f14014bdd119277526875513e
parent: 2734d77c952cfae75fa79fd0631cc34caec4f084 [diff]
diff --git a/talk/app/webrtc/peerconnection_unittest.cc b/talk/app/webrtc/peerconnection_unittest.cc
index cf53c44..8d0793e 100644
--- a/talk/app/webrtc/peerconnection_unittest.cc
+++ b/talk/app/webrtc/peerconnection_unittest.cc

@@ -1485,8 +1485,15 @@
                                           kDefaultSrtpCryptoSuite));
 }
 
+#if defined(MEMORY_SANITIZER)
+// Fails under MemorySanitizer:
+// See https://code.google.com/p/webrtc/issues/detail?id=5381.
+#define MAYBE_GetDtls12Both DISABLED_GetDtls12Both
+#else
+#define MAYBE_GetDtls12Both GetDtls12Both
+#endif
 // Test that DTLS 1.2 is used if both ends support it.
-TEST_F(P2PTestConductor, GetDtls12Both) {
+TEST_F(P2PTestConductor, MAYBE_GetDtls12Both) {
   PeerConnectionFactory::Options init_options;
   init_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12;
   PeerConnectionFactory::Options recv_options;

diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc
index 4b0fe02..7563f17 100644
--- a/webrtc/base/opensslstreamadapter.cc
+++ b/webrtc/base/opensslstreamadapter.cc

@@ -160,10 +160,12 @@
 static int kDefaultSslEcCipher12 =
     static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
 // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable.
+// TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when
+// available.
 static int kDefaultSslCipher12NoAesGcm =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
+    static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD);
 static int kDefaultSslEcCipher12NoAesGcm =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
+    static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD);
 #else  // !OPENSSL_IS_BORINGSSL
 // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't
 // change between TLS 1.0 and TLS 1.2 with the current setup.
@@ -171,7 +173,7 @@
     static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
 static int kDefaultSslEcCipher12 =
     static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
-#endif  // OPENSSL_IS_BORINGSSL
+#endif
 
 #if defined(_MSC_VER)
 #pragma warning(pop)

diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc
index a041c25..1ed06c3 100644
--- a/webrtc/base/sslstreamadapter_unittest.cc
+++ b/webrtc/base/sslstreamadapter_unittest.cc

@@ -1150,6 +1150,10 @@
             Values(rtc::KeyParams::RSA(1024, 65537),
                    rtc::KeyParams::RSA(1152, 65537),
                    rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));
+
+#if !defined(MEMORY_SANITIZER)
+// Fails under MemorySanitizer:
+// See https://code.google.com/p/webrtc/issues/detail?id=5381.
 INSTANTIATE_TEST_CASE_P(
     SSLStreamAdapterTestsDTLS,
     SSLStreamAdapterTestDTLS,
@@ -1159,3 +1163,4 @@
             Values(rtc::KeyParams::RSA(1024, 65537),
                    rtc::KeyParams::RSA(1152, 65537),
                    rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));
+#endif

diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc
index 3791893..f5d42f3 100644
--- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc
+++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc

@@ -655,8 +655,15 @@
   ASSERT_TRUE(Connect());
 }
 
+#if defined(MEMORY_SANITIZER)
+// Fails under MemorySanitizer:
+// See https://code.google.com/p/webrtc/issues/detail?id=5381.
+#define MAYBE_TestDtls12Both DISABLED_TestDtls12Both
+#else
+#define MAYBE_TestDtls12Both TestDtls12Both
+#endif
 // Create two channels with DTLS 1.2 and check ciphers.
-TEST_F(DtlsTransportChannelTest, TestDtls12Both) {
+TEST_F(DtlsTransportChannelTest, MAYBE_TestDtls12Both) {
   MAYBE_SKIP_TEST(HaveDtls);
   SetChannelCount(2);
   PrepareDtls(true, true, rtc::KT_DEFAULT);
commit	3542013f587f0858fb24fa8e554ec3c01a323da8	[log] [tgz]
author	sprang <sprang@webrtc.org>	Thu Jan 14 09:14:02 2016 -0800
committer	Commit bot <commit-bot@chromium.org>	Thu Jan 14 17:14:06 2016 +0000
tree	924410eee6f0419f14014bdd119277526875513e
parent	2734d77c952cfae75fa79fd0631cc34caec4f084 [diff]