Test that stray HelloRequests during the handshake are ignored. Change-Id: I79e21ffce9c2d7f47b055b75bd00b80aafa8b8f0 Reviewed-on: https://boringssl-review.googlesource.com/8668 Reviewed-by: David Benjamin <davidben@google.com>

commit: 71dd6660e849e8f98129c997e2f52ae8991ec3d3 [log] [tgz]
author: David Benjamin <davidben@google.com> Fri Jul 08 14:10:48 2016 -0700
committer: David Benjamin <davidben@google.com> Mon Jul 11 18:25:32 2016 +0000
tree: d1c1194e04a0f569636d42923da51552da608bc2
parent: 97718f14376a835dd8a5b5aa807a5f83ef0b84f8 [diff]
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index f0b945d..99c4e54 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -842,6 +842,11 @@
 	// data record. This only makes sense for a server.
 	SendHelloRequestBeforeEveryAppDataRecord bool
 
+	// SendHelloRequestBeforeEveryHandshakeMessage, if true, causes a
+	// HelloRequest handshake message to be sent before each handshake
+	// message. This only makes sense for a server.
+	SendHelloRequestBeforeEveryHandshakeMessage bool
+
 	// RequireDHPublicValueLen causes a fatal error if the length (in
 	// bytes) of the server's Diffie-Hellman public value is not equal to
 	// this.

diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index 601c731..7628c0f 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go

@@ -945,9 +945,18 @@
 		return c.dtlsWriteRecord(typ, data)
 	}
 
-	if c.config.Bugs.PackHandshakeFlight && typ == recordTypeHandshake {
-		c.pendingFlight.Write(data)
-		return len(data), nil
+	if typ == recordTypeHandshake {
+		if c.config.Bugs.SendHelloRequestBeforeEveryHandshakeMessage {
+			newData := make([]byte, 0, 4+len(data))
+			newData = append(newData, typeHelloRequest, 0, 0, 0)
+			newData = append(newData, data...)
+			data = newData
+		}
+
+		if c.config.Bugs.PackHandshakeFlight {
+			c.pendingFlight.Write(data)
+			return len(data), nil
+		}
 	}
 
 	return c.doWriteRecord(typ, data)

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 64ec39f..c6aa104 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -4542,6 +4542,27 @@
 		},
 	})
 
+	// Stray HelloRequests during the handshake are ignored.
+	testCases = append(testCases, testCase{
+		name: "StrayHelloRequest",
+		config: Config{
+			MaxVersion: VersionTLS12,
+			Bugs: ProtocolBugs{
+				SendHelloRequestBeforeEveryHandshakeMessage: true,
+			},
+		},
+	})
+	testCases = append(testCases, testCase{
+		name: "StrayHelloRequest-Packed",
+		config: Config{
+			MaxVersion: VersionTLS12,
+			Bugs: ProtocolBugs{
+				PackHandshakeFlight:                         true,
+				SendHelloRequestBeforeEveryHandshakeMessage: true,
+			},
+		},
+	})
+
 	// TODO(davidben): Add a test that HelloRequests are illegal in TLS 1.3.
 }
commit	71dd6660e849e8f98129c997e2f52ae8991ec3d3	[log] [tgz]
author	David Benjamin <davidben@google.com>	Fri Jul 08 14:10:48 2016 -0700
committer	David Benjamin <davidben@google.com>	Mon Jul 11 18:25:32 2016 +0000
tree	d1c1194e04a0f569636d42923da51552da608bc2
parent	97718f14376a835dd8a5b5aa807a5f83ef0b84f8 [diff]