Test that we tolerate server-sent supported groups.
I should have added this test in
https://boringssl-review.googlesource.com/10320. This is necessary in
TLS 1.3 and spec compliance and TLS 1.2 to tolerate some broken servers.
Change-Id: Ibb52eaa1e370062f83e84856ef7f1c2c79d6a5d3
Reviewed-on: https://boringssl-review.googlesource.com/21124
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index bc0a9d0..39a3765 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -9612,6 +9612,28 @@
expectedError: ":ERROR_PARSING_EXTENSION:",
})
+ // Server-sent supported groups/curves are legal in TLS 1.3. They are
+ // illegal in TLS 1.2, but some servers send them anyway, so we must
+ // tolerate them.
+ testCases = append(testCases, testCase{
+ name: "SupportedCurves-ServerHello-TLS12",
+ config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ SendServerSupportedCurves: true,
+ },
+ },
+ })
+ testCases = append(testCases, testCase{
+ name: "SupportedCurves-EncryptedExtensions-TLS13",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ SendServerSupportedCurves: true,
+ },
+ },
+ })
+
// Test that we tolerate unknown point formats, as long as
// pointFormatUncompressed is present. Limit ciphers to ECDHE ciphers to
// check they are still functional.