Enforce that sessions are resumed at the version they're created. After sharding the session cache for fallbacks, the numbers have been pretty good; 0.03% on dev and 0.02% on canary. Stable is at 0.06% but does not have the sharded session cache. Before sharding, stable, beta, and dev had been fairly closely aligned. Between 0.03% being low and the fallback saving us in all but extremely contrived cases, I think this should be fairly safe. Add tests for both the cipher suite and protocol version mismatch checks. BUG=441456 Change-Id: I2374bf64d0aee0119f293d207d45319c274d89ab Reviewed-on: https://boringssl-review.googlesource.com/3972 Reviewed-by: Adam Langley <agl@google.com>

commit: ece3de95c642ae9cc07c644039231178bc570710 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Mon Mar 16 18:02:20 2015 -0400
committer: Adam Langley <agl@google.com> Mon Apr 06 21:40:32 2015 +0000
tree: 0a6c8837d46beaf5ce12d7b3c8a3bb45d86a4af6
parent: 883e49fdd812271b1b657050688df432f73b1b8c [diff] [blame]
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 77fd0a5..46e0fb0 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go

@@ -443,6 +443,9 @@
 	c := hs.c
 
 	hs.hello.cipherSuite = hs.suite.id
+	if c.config.Bugs.SendCipherSuite != 0 {
+		hs.hello.cipherSuite = c.config.Bugs.SendCipherSuite
+	}
 	// We echo the client's session ID in the ServerHello to let it know
 	// that we're doing a resumption.
 	hs.hello.sessionId = hs.clientHello.sessionId
commit	ece3de95c642ae9cc07c644039231178bc570710	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Mon Mar 16 18:02:20 2015 -0400
committer	Adam Langley <agl@google.com>	Mon Apr 06 21:40:32 2015 +0000
tree	0a6c8837d46beaf5ce12d7b3c8a3bb45d86a4af6
parent	883e49fdd812271b1b657050688df432f73b1b8c [diff] [blame]