Get SSL 3.0 server tests working.

The missing SSL 3.0 client support in runner.go was fairly minor. Change-Id: Ibbd440c9b6be99be08a214dec6b93ca358d8cf0a Reviewed-on: https://boringssl-review.googlesource.com/1516 Reviewed-by: Adam Langley <agl@google.com>
10 years ago · 76d8abe7fd
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -184,13 +184,11 @@ NextCipherSuite:
 		return unexpectedMessageError(serverHello, msg)
 	}

 	vers, ok := c.config.mutualVersion(serverHello.vers)
 	if !ok || vers < VersionTLS10 {
 		// TLS 1.0 is the minimum version supported as a client.
 	c.vers, ok = c.config.mutualVersion(serverHello.vers)
 	if !ok {
 		c.sendAlert(alertProtocolVersion)
 		return fmt.Errorf("tls: server selected unsupported protocol version %x", serverHello.vers)
 	}
 	c.vers = vers
 	c.haveVers = true

 	suite := mutualCipherSuite(c.config.cipherSuites(), serverHello.cipherSuite)
--- a/ssl/test/runner/key_agreement.go
+++ b/ssl/test/runner/key_agreement.go
@@ -87,10 +87,14 @@ func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello
 		return nil, nil, err
 	}
 	ckx := new(clientKeyExchangeMsg)
 	ckx.ciphertext = make([]byte, len(encrypted)+2)
 	ckx.ciphertext[0] = byte(len(encrypted) >> 8)
 	ckx.ciphertext[1] = byte(len(encrypted))
 	copy(ckx.ciphertext[2:], encrypted)
 	if clientHello.vers != VersionSSL30 {
 		ckx.ciphertext = make([]byte, len(encrypted)+2)
 		ckx.ciphertext[0] = byte(len(encrypted) >> 8)
 		ckx.ciphertext[1] = byte(len(encrypted))
 		copy(ckx.ciphertext[2:], encrypted)
 	} else {
 		ckx.ciphertext = encrypted
 	}
 	return preMasterSecret, ckx, nil
 }

--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -755,26 +755,19 @@ func addCipherSuiteTests() {
 				resumeSession: resumeSession,
 			})

 			// Go's TLS implementation implements SSLv3 as a server,
 			// but not as a client.
 			//
 			// TODO(davidben): Implement SSLv3 as a client too to
 			// exercise that code.
 			if ver.version != VersionSSL30 {
 				testCases = append(testCases, testCase{
 					testType: serverTest,
 					name:     ver.name + "-" + suite.name + "-server",
 					config: Config{
 						MinVersion:   ver.version,
 						MaxVersion:   ver.version,
 						CipherSuites: []uint16{suite.id},
 						Certificates: []Certificate{cert},
 					},
 					certFile:      certFile,
 					keyFile:       keyFile,
 					resumeSession: resumeSession,
 				})
 			}
 			testCases = append(testCases, testCase{
 				testType: serverTest,
 				name:     ver.name + "-" + suite.name + "-server",
 				config: Config{
 					MinVersion:   ver.version,
 					MaxVersion:   ver.version,
 					CipherSuites: []uint16{suite.id},
 					Certificates: []Certificate{cert},
 				},
 				certFile:      certFile,
 				keyFile:       keyFile,
 				resumeSession: resumeSession,
 			})

 			// TODO(davidben): Fix DTLS 1.2 support and test that.
 			if ver.version == VersionTLS10 && strings.Index(suite.name, "RC4") == -1 {
@@ -1212,18 +1205,15 @@ func addVersionNegotiationTests() {
 				expectedVersion: expectedVersion,
 			})

 			// TODO(davidben): Implement SSLv3 as a client in the runner.
 			if expectedVersion > VersionSSL30 {
 				testCases = append(testCases, testCase{
 					testType: serverTest,
 					name:     "VersionNegotiation-Server-" + suffix,
 					config: Config{
 						MaxVersion: runnerVers.version,
 					},
 					flags:           flags,
 					expectedVersion: expectedVersion,
 				})
 			}
 			testCases = append(testCases, testCase{
 				testType: serverTest,
 				name:     "VersionNegotiation-Server-" + suffix,
 				config: Config{
 					MaxVersion: runnerVers.version,
 				},
 				flags:           flags,
 				expectedVersion: expectedVersion,
 			})
 		}
 	}
 }