Verifying resumption cipher validity with current configuration.
BUG=chromium:659593
Change-Id: I73a4751609b85df7cd40f0f60dc3f3046a490940
Reviewed-on: https://boringssl-review.googlesource.com/11861
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index ab5fdee..03a0ef9 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -5367,6 +5367,31 @@
}
}
+ // Sessions with disabled ciphers are not resumed.
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "Resume-Server-CipherMismatch",
+ resumeSession: true,
+ config: Config{
+ MaxVersion: VersionTLS12,
+ },
+ flags: []string{"-cipher", "AES128", "-resume-cipher", "AES256"},
+ shouldFail: false,
+ expectResumeRejected: true,
+ })
+
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "Resume-Server-CipherMismatch-TLS13",
+ resumeSession: true,
+ config: Config{
+ MaxVersion: VersionTLS13,
+ },
+ flags: []string{"-cipher", "AES128", "-resume-cipher", "AES256"},
+ shouldFail: false,
+ expectResumeRejected: true,
+ })
+
testCases = append(testCases, testCase{
name: "Resume-Client-CipherMismatch",
resumeSession: true,