Implement draft 16 HelloRetryRequest and cookie. We'll never send cookies, but we'll echo them on request. Implement it in runner as well and test. BUG=98 Change-Id: Idd3799f1eaccd52ac42f5e2e5ae07c209318c270 Reviewed-on: https://boringssl-review.googlesource.com/11565 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: 3baa6e153b9b7cb0a6bd99f508762487c777f817 [log] [tgz]
author: David Benjamin <davidben@google.com> Fri Oct 07 21:10:38 2016 -0400
committer: David Benjamin <davidben@google.com> Thu Oct 13 19:12:30 2016 +0000
tree: e0633f2c9ae8ae847fd6e63d902df66da4fccdd6
parent: c4aa727e739df266371fdf5b0c84aaa1d852f24d [diff] [blame]
diff --git a/ssl/tls13_server.c b/ssl/tls13_server.c
index 532b708..cf3c9f7 100644
--- a/ssl/tls13_server.c
+++ b/ssl/tls13_server.c

@@ -254,10 +254,11 @@
   if (!ssl->method->init_message(ssl, &cbb, &body,
                                  SSL3_MT_HELLO_RETRY_REQUEST) ||
       !CBB_add_u16(&body, ssl->version) ||
-      !CBB_add_u16(&body, ssl_cipher_get_value(ssl->s3->tmp.new_cipher)) ||
       !tls1_get_shared_group(ssl, &group_id) ||
-      !CBB_add_u16(&body, group_id) ||
       !CBB_add_u16_length_prefixed(&body, &extensions) ||
+      !CBB_add_u16(&extensions, TLSEXT_TYPE_key_share) ||
+      !CBB_add_u16(&extensions, 2 /* length */) ||
+      !CBB_add_u16(&extensions, group_id) ||
       !ssl->method->finish_message(ssl, &cbb)) {
     CBB_cleanup(&cbb);
     return ssl_hs_error;
commit	3baa6e153b9b7cb0a6bd99f508762487c777f817	[log] [tgz]
author	David Benjamin <davidben@google.com>	Fri Oct 07 21:10:38 2016 -0400
committer	David Benjamin <davidben@google.com>	Thu Oct 13 19:12:30 2016 +0000
tree	e0633f2c9ae8ae847fd6e63d902df66da4fccdd6
parent	c4aa727e739df266371fdf5b0c84aaa1d852f24d [diff] [blame]