commit 53210cb48e57f940788ca919951defe331f708bc
author David Benjamin <davidben@google.com> Wed Nov 16 09:01:48 2016 +0900
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Nov 16 00:20:09 2016 +0000
tree 65f319ca59547d3a7ee93bef09ed62c49bb351ae
parent ea80f9d5df4c302de391e999395e1c87f9c786b3

Do not send unsolicited SCTs in TLS 1.3.

The draft 18 implementation did not compute scts_requested correctly. As
a result, it always believed SCTs were requested. Fix this and add tests
for unsolicited OCSP responses and SCTs at all versions.

Thanks to Daniel Hirche for the report.

Change-Id: Ifc59c5c4d7edba5703fa485c6c7a4055b15954b4
Reviewed-on: https://boringssl-review.googlesource.com/12305
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/test/runner/runner.go

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 717c420..918618d 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -5197,6 +5197,25 @@
 			expectedSCTList: testSCTList,
 			resumeSession:   true,
 		})
+
+		// Test that certificate-related extensions are not sent unsolicited.
+		testCases = append(testCases, testCase{
+			testType: serverTest,
+			name:     "UnsolicitedCertificateExtensions-" + ver.name,
+			config: Config{
+				MaxVersion: ver.version,
+				Bugs: ProtocolBugs{
+					NoOCSPStapling:                true,
+					NoSignedCertificateTimestamps: true,
+				},
+			},
+			flags: []string{
+				"-ocsp-response",
+				base64.StdEncoding.EncodeToString(testOCSPResponse),
+				"-signed-cert-timestamps",
+				base64.StdEncoding.EncodeToString(testSCTList),
+			},
+		})
 	}
 
 	testCases = append(testCases, testCase{