summaryrefslogtreecommitdiff
path: root/src/ssl/test/runner/handshake_client.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/test/runner/handshake_client.go')
-rw-r--r--src/ssl/test/runner/handshake_client.go52
1 files changed, 42 insertions, 10 deletions
diff --git a/src/ssl/test/runner/handshake_client.go b/src/ssl/test/runner/handshake_client.go
index bf38c1a7..d73722c5 100644
--- a/src/ssl/test/runner/handshake_client.go
+++ b/src/ssl/test/runner/handshake_client.go
@@ -330,7 +330,7 @@ NextCipherSuite:
}
var sendEarlyData bool
- if len(hello.pskIdentities) > 0 && session.maxEarlyDataSize > 0 && c.config.Bugs.SendEarlyData != nil {
+ if len(hello.pskIdentities) > 0 && c.config.Bugs.SendEarlyData != nil {
hello.hasEarlyData = true
sendEarlyData = true
}
@@ -392,7 +392,6 @@ NextCipherSuite:
finishedHash.Write(helloBytes)
earlyTrafficSecret := finishedHash.deriveSecret(earlyTrafficLabel)
c.out.useTrafficSecret(session.vers, pskCipherSuite, earlyTrafficSecret, clientWrite)
-
for _, earlyData := range c.config.Bugs.SendEarlyData {
if _, err := c.writeRecord(recordTypeApplicationData, earlyData); err != nil {
return err
@@ -861,20 +860,41 @@ func (hs *clientHandshakeState) doTLS13Handshake() error {
// If we're expecting 0.5-RTT messages from the server, read them
// now.
- for _, expectedMsg := range c.config.Bugs.ExpectHalfRTTData {
- if err := c.readRecord(recordTypeApplicationData); err != nil {
- return err
+ if encryptedExtensions.extensions.hasEarlyData {
+ // BoringSSL will always send two tickets half-RTT when
+ // negotiating 0-RTT.
+ for i := 0; i < shimConfig.HalfRTTTickets; i++ {
+ msg, err := c.readHandshake()
+ if err != nil {
+ return fmt.Errorf("tls: error reading half-RTT ticket: %s", err)
+ }
+ newSessionTicket, ok := msg.(*newSessionTicketMsg)
+ if !ok {
+ return errors.New("tls: expected half-RTT ticket")
+ }
+ if err := c.processTLS13NewSessionTicket(newSessionTicket, hs.suite); err != nil {
+ return err
+ }
}
- if !bytes.Equal(c.input.data[c.input.off:], expectedMsg) {
- return errors.New("ExpectHalfRTTData: did not get expected message")
+ for _, expectedMsg := range c.config.Bugs.ExpectHalfRTTData {
+ if err := c.readRecord(recordTypeApplicationData); err != nil {
+ return err
+ }
+ if !bytes.Equal(c.input.data[c.input.off:], expectedMsg) {
+ return errors.New("ExpectHalfRTTData: did not get expected message")
+ }
+ c.in.freeBlock(c.input)
+ c.input = nil
}
- c.in.freeBlock(c.input)
- c.input = nil
}
// Send EndOfEarlyData and then switch write key to handshake
// traffic key.
- if c.out.cipher != nil {
+ if c.out.cipher != nil && !c.config.Bugs.SkipEndOfEarlyData {
+ if c.config.Bugs.SendStrayEarlyHandshake {
+ helloRequest := new(helloRequestMsg)
+ c.writeRecord(recordTypeHandshake, helloRequest.marshal())
+ }
c.sendAlert(alertEndOfEarlyData)
}
c.out.useTrafficSecret(c.vers, hs.suite, clientHandshakeTrafficSecret, clientWrite)
@@ -1336,6 +1356,18 @@ func (hs *clientHandshakeState) processServerExtensions(serverExtensions *server
c.srtpProtectionProfile = serverExtensions.srtpProtectionProfile
}
+ if c.vers >= VersionTLS13 && c.didResume {
+ if c.config.Bugs.ExpectEarlyDataAccepted && !serverExtensions.hasEarlyData {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server did not accept early data when expected")
+ }
+
+ if !c.config.Bugs.ExpectEarlyDataAccepted && serverExtensions.hasEarlyData {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server accepted early data when not expected")
+ }
+ }
+
return nil
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 02:23:56 +0000