Change-Id: I79e21ffce9c2d7f47b055b75bd00b80aafa8b8f0 Reviewed-on: https://boringssl-review.googlesource.com/8668 Reviewed-by: David Benjamin <davidben@google.com>kris/onging/CECPQ3_patch15
@@ -842,6 +842,11 @@ type ProtocolBugs struct { | |||||
// data record. This only makes sense for a server. | // data record. This only makes sense for a server. | ||||
SendHelloRequestBeforeEveryAppDataRecord bool | SendHelloRequestBeforeEveryAppDataRecord bool | ||||
// SendHelloRequestBeforeEveryHandshakeMessage, if true, causes a | |||||
// HelloRequest handshake message to be sent before each handshake | |||||
// message. This only makes sense for a server. | |||||
SendHelloRequestBeforeEveryHandshakeMessage bool | |||||
// RequireDHPublicValueLen causes a fatal error if the length (in | // RequireDHPublicValueLen causes a fatal error if the length (in | ||||
// bytes) of the server's Diffie-Hellman public value is not equal to | // bytes) of the server's Diffie-Hellman public value is not equal to | ||||
// this. | // this. | ||||
@@ -945,9 +945,18 @@ func (c *Conn) writeRecord(typ recordType, data []byte) (n int, err error) { | |||||
return c.dtlsWriteRecord(typ, data) | return c.dtlsWriteRecord(typ, data) | ||||
} | } | ||||
if c.config.Bugs.PackHandshakeFlight && typ == recordTypeHandshake { | |||||
c.pendingFlight.Write(data) | |||||
return len(data), nil | |||||
if typ == recordTypeHandshake { | |||||
if c.config.Bugs.SendHelloRequestBeforeEveryHandshakeMessage { | |||||
newData := make([]byte, 0, 4+len(data)) | |||||
newData = append(newData, typeHelloRequest, 0, 0, 0) | |||||
newData = append(newData, data...) | |||||
data = newData | |||||
} | |||||
if c.config.Bugs.PackHandshakeFlight { | |||||
c.pendingFlight.Write(data) | |||||
return len(data), nil | |||||
} | |||||
} | } | ||||
return c.doWriteRecord(typ, data) | return c.doWriteRecord(typ, data) | ||||
@@ -4542,6 +4542,27 @@ func addRenegotiationTests() { | |||||
}, | }, | ||||
}) | }) | ||||
// Stray HelloRequests during the handshake are ignored. | |||||
testCases = append(testCases, testCase{ | |||||
name: "StrayHelloRequest", | |||||
config: Config{ | |||||
MaxVersion: VersionTLS12, | |||||
Bugs: ProtocolBugs{ | |||||
SendHelloRequestBeforeEveryHandshakeMessage: true, | |||||
}, | |||||
}, | |||||
}) | |||||
testCases = append(testCases, testCase{ | |||||
name: "StrayHelloRequest-Packed", | |||||
config: Config{ | |||||
MaxVersion: VersionTLS12, | |||||
Bugs: ProtocolBugs{ | |||||
PackHandshakeFlight: true, | |||||
SendHelloRequestBeforeEveryHandshakeMessage: true, | |||||
}, | |||||
}, | |||||
}) | |||||
// TODO(davidben): Add a test that HelloRequests are illegal in TLS 1.3. | // TODO(davidben): Add a test that HelloRequests are illegal in TLS 1.3. | ||||
} | } | ||||