Adding handling for KeyUpdate post-handshake message. BUG=74 Change-Id: I72d52c1fbc3413e940dddbc0b20c7f22459da693 Reviewed-on: https://boringssl-review.googlesource.com/8981 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 1dc53d2840bb7f6551afa4364e3a2f71816e810e [log] [tgz]
author: Steven Valdez <svaldez@google.com> Tue Jul 26 12:27:38 2016 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Jul 29 23:06:09 2016 +0000
tree: 087f9d866e9136533a3cff0e3e96b5b8c0add214
parent: 8e1c7be1a70b7a2c6b49fcc8f39155218d7f16a8 [diff] [blame]
diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index d01643c..703908a 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go

@@ -1325,6 +1325,10 @@
 		c.flushHandshake()
 	}
 
+	if c.config.Bugs.SendKeyUpdateBeforeEveryAppDataRecord {
+		c.sendKeyUpdateLocked()
+	}
+
 	// SSL 3.0 and TLS 1.0 are susceptible to a chosen-plaintext
 	// attack when using block mode ciphers due to predictable IVs.
 	// This can be prevented by splitting each Application Data
@@ -1394,7 +1398,7 @@
 	}
 
 	if _, ok := msg.(*keyUpdateMsg); ok {
-		c.in.doKeyUpdate(c, true)
+		c.in.doKeyUpdate(c, false)
 		return nil
 	}
 
@@ -1704,6 +1708,6 @@
 	if err := c.flushHandshake(); err != nil {
 		return err
 	}
-	c.out.doKeyUpdate(c, false)
+	c.out.doKeyUpdate(c, true)
 	return nil
 }
commit	1dc53d2840bb7f6551afa4364e3a2f71816e810e	[log] [tgz]
author	Steven Valdez <svaldez@google.com>	Tue Jul 26 12:27:38 2016 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Jul 29 23:06:09 2016 +0000
tree	087f9d866e9136533a3cff0e3e96b5b8c0add214
parent	8e1c7be1a70b7a2c6b49fcc8f39155218d7f16a8 [diff] [blame]