commit 0e4a448ab8aa66a38593f68d19fa0a2e340833e4
author Steven Valdez <svaldez@google.com> Mon Jul 17 11:12:34 2017 -0400
committer Steven Valdez <svaldez@google.com> Tue Jul 18 19:58:10 2017 +0000
tree 0de562c18b313ccdaa49bbec0baada203790e87d
parent 6f2cd5d5c2c73ee1f62977f7bee08b3c4c243f2e

Add ClientHello no_session_id variant.

Change-Id: I3d249582dea871d7b1c078a6b5f57679037d1b8f
Reviewed-on: https://boringssl-review.googlesource.com/17984
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>

ssl/test/runner/runner.go

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 8ced44d..c5f9971 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -527,6 +527,9 @@
 	if *deterministic {
 		config.Time = func() time.Time { return time.Unix(1234, 1234) }
 	}
+	if test.tls13Variant != 0 {
+		config.TLS13Variant = test.tls13Variant
+	}
 
 	conn = &timeoutConn{conn, *idleTimeout}
 
@@ -1038,7 +1041,6 @@
 	}
 
 	if test.tls13Variant != 0 {
-		test.config.TLS13Variant = test.tls13Variant
 		flags = append(flags, "-tls13-variant", strconv.Itoa(test.tls13Variant))
 	}
 
@@ -4015,25 +4017,23 @@
 			config: Config{
 				MaxVersion:       VersionTLS13,
 				MinVersion:       VersionTLS13,
-				TLS13Variant:     TLS13Experiment,
 				MaxEarlyDataSize: 16384,
 			},
 			resumeConfig: &Config{
 				MaxVersion:       VersionTLS13,
 				MinVersion:       VersionTLS13,
-				TLS13Variant:     TLS13Experiment,
 				MaxEarlyDataSize: 16384,
 				Bugs: ProtocolBugs{
 					ExpectEarlyData: [][]byte{{'h', 'e', 'l', 'l', 'o'}},
 				},
 			},
+			tls13Variant:  TLS13Experiment,
 			resumeSession: true,
 			flags: []string{
 				"-enable-early-data",
 				"-expect-early-data-info",
 				"-expect-accept-early-data",
 				"-on-resume-shim-writes-first",
-				"-tls13-variant", "1",
 			},
 		})
 
@@ -4055,13 +4055,13 @@
 					ExpectEarlyData: [][]byte{{'h', 'e', 'l', 'l', 'o'}},
 				},
 			},
+			tls13Variant:  TLS13RecordTypeExperiment,
 			resumeSession: true,
 			flags: []string{
 				"-enable-early-data",
 				"-expect-early-data-info",
 				"-expect-accept-early-data",
 				"-on-resume-shim-writes-first",
-				"-tls13-variant", "2",
 			},
 		})
 
@@ -11038,6 +11038,93 @@
 		},
 	})
 
+	for _, noSessionID := range []bool{false, true} {
+		prefix := "TLS13Experiment"
+		variant := TLS13Experiment
+		if noSessionID {
+			prefix = "TLS13NoSessionIDExperiment"
+			variant = TLS13NoSessionIDExperiment
+		}
+
+		// Test that enabling a TLS 1.3 variant does not interfere with
+		// TLS 1.2 session ID resumption.
+		testCases = append(testCases, testCase{
+			testType: clientTest,
+			name:     prefix + "-ResumeTLS12SessionID",
+			config: Config{
+				MaxVersion:             VersionTLS12,
+				SessionTicketsDisabled: true,
+			},
+			resumeSession: true,
+			flags:         []string{"-tls13-variant", strconv.Itoa(variant)},
+		})
+
+		// Test that the server correctly echoes back session IDs of
+		// various lengths.
+		testCases = append(testCases, testCase{
+			testType: serverTest,
+			name:     prefix + "-EmptySessionID",
+			config: Config{
+				MaxVersion: VersionTLS13,
+				Bugs: ProtocolBugs{
+					SendClientHelloSessionID: []byte{},
+				},
+			},
+			tls13Variant: variant,
+		})
+
+		testCases = append(testCases, testCase{
+			testType: serverTest,
+			name:     prefix + "-ShortSessionID",
+			config: Config{
+				MaxVersion: VersionTLS13,
+				Bugs: ProtocolBugs{
+					SendClientHelloSessionID: make([]byte, 16),
+				},
+			},
+			tls13Variant: variant,
+		})
+
+		testCases = append(testCases, testCase{
+			testType: serverTest,
+			name:     prefix + "-FullSessionID",
+			config: Config{
+				MaxVersion: VersionTLS13,
+				Bugs: ProtocolBugs{
+					SendClientHelloSessionID: make([]byte, 32),
+				},
+			},
+			tls13Variant: variant,
+		})
+	}
+
+	// Test that the client sends a fake session ID in TLS13Experiment.
+	testCases = append(testCases, testCase{
+		testType: clientTest,
+		name:     "TLS13Experiment-RequireSessionID",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			Bugs: ProtocolBugs{
+				ExpectClientHelloSessionID: true,
+			},
+		},
+		tls13Variant: TLS13Experiment,
+	})
+
+	// Test that the client does not send a fake session ID in
+	// TLS13NoSessionIDExperiment.
+	testCases = append(testCases, testCase{
+		testType: clientTest,
+		name:     "TLS13NoSessionIDExperiment-RequireEmptySessionID",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			Bugs: ProtocolBugs{
+				ExpectEmptyClientHelloSessionID: true,
+			},
+		},
+		tls13Variant: TLS13NoSessionIDExperiment,
+	})
+
 	testCases = append(testCases, testCase{
 		testType: clientTest,
 		name:     "TLS13-EarlyData-Reject-Client",
@@ -11067,23 +11154,21 @@
 		config: Config{
 			MaxVersion:       VersionTLS13,
 			MaxEarlyDataSize: 16384,
-			TLS13Variant:     TLS13Experiment,
 		},
 		resumeConfig: &Config{
 			MaxVersion:       VersionTLS13,
-			TLS13Variant:     TLS13Experiment,
 			MaxEarlyDataSize: 16384,
 			Bugs: ProtocolBugs{
 				AlwaysRejectEarlyData: true,
 			},
 		},
+		tls13Variant:  TLS13Experiment,
 		resumeSession: true,
 		flags: []string{
 			"-enable-early-data",
 			"-expect-early-data-info",
 			"-expect-reject-early-data",
 			"-on-resume-shim-writes-first",
-			"-tls13-variant", "1",
 		},
 	})
 
@@ -11093,23 +11178,21 @@
 		config: Config{
 			MaxVersion:       VersionTLS13,
 			MaxEarlyDataSize: 16384,
-			TLS13Variant:     TLS13RecordTypeExperiment,
 		},
 		resumeConfig: &Config{
 			MaxVersion:       VersionTLS13,
-			TLS13Variant:     TLS13RecordTypeExperiment,
 			MaxEarlyDataSize: 16384,
 			Bugs: ProtocolBugs{
 				AlwaysRejectEarlyData: true,
 			},
 		},
+		tls13Variant:  TLS13RecordTypeExperiment,
 		resumeSession: true,
 		flags: []string{
 			"-enable-early-data",
 			"-expect-early-data-info",
 			"-expect-reject-early-data",
 			"-on-resume-shim-writes-first",
-			"-tls13-variant", "2",
 		},
 	})