Test that SNI warning alerts are ignored. Although RFC 6066 recommends against it, some servers send a warning alert prior to ServerHello on SNI mismatch, and, per spec, TLS 1.2 allows it. We're fine here, but add a test for it. It interacts interestingly with TLS 1.3 forbidding warning alerts because it happens before version negotiation. Change-Id: I0032313c986c835b6ae1aa43da6ee0dad17a97c2 Reviewed-on: https://boringssl-review.googlesource.com/10800 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: abe94e3b0da0c9d858bd3d7806687db26865ec60 [log] [tgz]
author: David Benjamin <davidben@google.com> Sun Sep 04 14:18:58 2016 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Sep 09 16:20:25 2016 +0000
tree: e234c8d7e13aa9e433fd980dc2f024ad5ccd1717
parent: 3e5619d121901089e39ad5491de15bb919552a60 [diff] [blame]
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 742fb9e..cbb8786 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -2247,6 +2247,15 @@
 				},
 			},
 		},
+		{
+			name: "SendSNIWarningAlert",
+			config: Config{
+				MaxVersion: VersionTLS12,
+				Bugs: ProtocolBugs{
+					SendSNIWarningAlert: true,
+				},
+			},
+		},
 	}
 	testCases = append(testCases, basicTests...)
 }
commit	abe94e3b0da0c9d858bd3d7806687db26865ec60	[log] [tgz]
author	David Benjamin <davidben@google.com>	Sun Sep 04 14:18:58 2016 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Sep 09 16:20:25 2016 +0000
tree	e234c8d7e13aa9e433fd980dc2f024ad5ccd1717
parent	3e5619d121901089e39ad5491de15bb919552a60 [diff] [blame]