Disallow all special operators once groups are used. + and - should also be forbidden. Any operation other than appending will mix up the in_group bits and give unexpected behavior. Change-Id: Ieaebb9ee6393aa36243d0765e45cae667f977ef5 Reviewed-on: https://boringssl-review.googlesource.com/1803 Reviewed-by: Adam Langley <agl@google.com>

commit: 37d924640a34da1dce96fa404843e95e055e3cbf [log] [tgz]
author: David Benjamin <davidben@chromium.org> Sat Sep 20 17:54:24 2014 -0400
committer: Adam Langley <agl@google.com> Mon Sep 22 17:22:56 2014 +0000
tree: a9c0b8a916433be8bcfa75e756f0ea1642621ea2
parent: 2a5ea98a4600327afdaf90ff959209db90ff8f4c [diff] [blame]
diff --git a/ssl/ssl_test.c b/ssl/ssl_test.c
index 19f7efd..68889a0 100644
--- a/ssl/ssl_test.c
+++ b/ssl/ssl_test.c

@@ -179,6 +179,11 @@
   "BOGUS",
   /* Invalid command. */
   "?BAR",
+  /* Special operators are not allowed if groups are used. */
+  "[ECDHE-RSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256]:+FOO",
+  "[ECDHE-RSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256]:!FOO",
+  "[ECDHE-RSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256]:-FOO",
+  "[ECDHE-RSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256]:@STRENGTH",
   NULL,
 };
commit	37d924640a34da1dce96fa404843e95e055e3cbf	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Sat Sep 20 17:54:24 2014 -0400
committer	Adam Langley <agl@google.com>	Mon Sep 22 17:22:56 2014 +0000
tree	a9c0b8a916433be8bcfa75e756f0ea1642621ea2
parent	2a5ea98a4600327afdaf90ff959209db90ff8f4c [diff] [blame]