Add assertions on the initial record version number.
The record-layer version of the ServerHello should match the final version. The
record-layer version of the ClientHello should be the advertised version, but
clamped at TLS 1.0. This is to ensure future rewrites do not regress this.
Change-Id: I96f1f0674944997ff38b562453a322ce61652635
Reviewed-on: https://boringssl-review.googlesource.com/2540
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index ecf80db..5fed62b 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1632,12 +1632,19 @@
suffix += "-DTLS"
}
+ clientVers := shimVers.version
+ if clientVers > VersionTLS10 {
+ clientVers = VersionTLS10
+ }
testCases = append(testCases, testCase{
protocol: protocol,
testType: clientTest,
name: "VersionNegotiation-Client-" + suffix,
config: Config{
MaxVersion: runnerVers.version,
+ Bugs: ProtocolBugs{
+ ExpectInitialRecordVersion: clientVers,
+ },
},
flags: flags,
expectedVersion: expectedVersion,
@@ -1649,6 +1656,9 @@
name: "VersionNegotiation-Server-" + suffix,
config: Config{
MaxVersion: runnerVers.version,
+ Bugs: ProtocolBugs{
+ ExpectInitialRecordVersion: expectedVersion,
+ },
},
flags: flags,
expectedVersion: expectedVersion,
@@ -2157,25 +2167,25 @@
}
func addFastRadioPaddingTests() {
- testCases = append(testCases, testCase {
- protocol: tls,
- name: "FastRadio-Padding",
+ testCases = append(testCases, testCase{
+ protocol: tls,
+ name: "FastRadio-Padding",
config: Config{
Bugs: ProtocolBugs{
RequireFastradioPadding: true,
},
},
- flags: []string{"-fastradio-padding"},
+ flags: []string{"-fastradio-padding"},
})
- testCases = append(testCases, testCase {
- protocol: dtls,
- name: "FastRadio-Padding",
+ testCases = append(testCases, testCase{
+ protocol: dtls,
+ name: "FastRadio-Padding",
config: Config{
Bugs: ProtocolBugs{
RequireFastradioPadding: true,
},
},
- flags: []string{"-fastradio-padding"},
+ flags: []string{"-fastradio-padding"},
})
}