Remove old TLS 1.3 variants (NoSessionID and RecordType).
Change-Id: I2428321218d0b5dce242e3843d39ca269e1eb686
Reviewed-on: https://boringssl-review.googlesource.com/20984
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index a85fc9c..77c5b7c 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -591,7 +591,6 @@
#define TLS1_3_EXPERIMENT_VERSION 0x7e01
#define TLS1_3_EXPERIMENT2_VERSION 0x7e02
#define TLS1_3_EXPERIMENT3_VERSION 0x7e03
-#define TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION 0x7a12
// SSL_CTX_set_min_proto_version sets the minimum protocol version for |ctx| to
// |version|. If |version| is zero, the default minimum version is used. It
@@ -3219,10 +3218,8 @@
enum tls13_variant_t {
tls13_default = 0,
tls13_experiment = 1,
- tls13_record_type_experiment = 2,
- tls13_no_session_id_experiment = 3,
- tls13_experiment2 = 4,
- tls13_experiment3 = 5,
+ tls13_experiment2 = 2,
+ tls13_experiment3 = 3,
};
// SSL_CTX_set_tls13_variant sets which variant of TLS 1.3 we negotiate. On the
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 719a52d..6754cec 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -272,7 +272,6 @@
#define SSL3_RT_ALERT 21
#define SSL3_RT_HANDSHAKE 22
#define SSL3_RT_APPLICATION_DATA 23
-#define SSL3_RT_PLAINTEXT_HANDSHAKE 24
// Pseudo content type for SSL/TLS header info
#define SSL3_RT_HEADER 0x100
diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc
index f48e5e7..65e2089 100644
--- a/ssl/s3_both.cc
+++ b/ssl/s3_both.cc
@@ -189,15 +189,7 @@
Span<const uint8_t> chunk = rest.subspan(0, ssl->max_send_fragment);
rest = rest.subspan(chunk.size());
- uint8_t type = SSL3_RT_HANDSHAKE;
- if (ssl->server &&
- ssl->s3->have_version &&
- ssl->version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION &&
- ssl->s3->aead_write_ctx->is_null_cipher()) {
- type = SSL3_RT_PLAINTEXT_HANDSHAKE;
- }
-
- if (!add_record_to_flight(ssl, type, chunk)) {
+ if (!add_record_to_flight(ssl, SSL3_RT_HANDSHAKE, chunk)) {
return 0;
}
} while (!rest.empty());
diff --git a/ssl/s3_pkt.cc b/ssl/s3_pkt.cc
index b9eebf3..f7470ae 100644
--- a/ssl/s3_pkt.cc
+++ b/ssl/s3_pkt.cc
@@ -522,13 +522,7 @@
return -1;
}
- // Accept server_plaintext_handshake records when the content type TLS 1.3
- // variant is enabled.
- if (rr->type != SSL3_RT_HANDSHAKE &&
- !(!ssl->server &&
- ssl->tls13_variant == tls13_record_type_experiment &&
- ssl->s3->aead_read_ctx->is_null_cipher() &&
- rr->type == SSL3_RT_PLAINTEXT_HANDSHAKE)) {
+ if (rr->type != SSL3_RT_HANDSHAKE) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
return -1;
diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc
index c06a90e..c06c5ab 100644
--- a/ssl/ssl_versions.cc
+++ b/ssl/ssl_versions.cc
@@ -38,7 +38,6 @@
case TLS1_3_EXPERIMENT_VERSION:
case TLS1_3_EXPERIMENT2_VERSION:
case TLS1_3_EXPERIMENT3_VERSION:
- case TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION:
*out = TLS1_3_VERSION;
return true;
@@ -63,7 +62,6 @@
TLS1_3_EXPERIMENT3_VERSION,
TLS1_3_EXPERIMENT2_VERSION,
TLS1_3_EXPERIMENT_VERSION,
- TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION,
TLS1_3_DRAFT_VERSION,
TLS1_2_VERSION,
TLS1_1_VERSION,
@@ -108,8 +106,7 @@
if (version == TLS1_3_DRAFT_VERSION ||
version == TLS1_3_EXPERIMENT_VERSION ||
version == TLS1_3_EXPERIMENT2_VERSION ||
- version == TLS1_3_EXPERIMENT3_VERSION ||
- version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION) {
+ version == TLS1_3_EXPERIMENT3_VERSION) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_SSL_VERSION);
return false;
}
@@ -237,7 +234,6 @@
case TLS1_3_EXPERIMENT_VERSION:
case TLS1_3_EXPERIMENT2_VERSION:
case TLS1_3_EXPERIMENT3_VERSION:
- case TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION:
return "TLSv1.3";
case TLS1_2_VERSION:
@@ -284,20 +280,16 @@
if (ssl->tls13_variant == tls13_default &&
(version == TLS1_3_EXPERIMENT_VERSION ||
version == TLS1_3_EXPERIMENT2_VERSION ||
- version == TLS1_3_EXPERIMENT3_VERSION ||
- version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION)) {
+ version == TLS1_3_EXPERIMENT3_VERSION)) {
return false;
}
} else {
if ((ssl->tls13_variant != tls13_experiment &&
- ssl->tls13_variant != tls13_no_session_id_experiment &&
version == TLS1_3_EXPERIMENT_VERSION) ||
(ssl->tls13_variant != tls13_experiment2 &&
version == TLS1_3_EXPERIMENT2_VERSION) ||
(ssl->tls13_variant != tls13_experiment3 &&
version == TLS1_3_EXPERIMENT3_VERSION) ||
- (ssl->tls13_variant != tls13_record_type_experiment &&
- version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION) ||
(ssl->tls13_variant != tls13_default &&
version == TLS1_3_DRAFT_VERSION)) {
return false;
@@ -402,8 +394,7 @@
if (ret == TLS1_3_DRAFT_VERSION ||
ret == TLS1_3_EXPERIMENT_VERSION ||
ret == TLS1_3_EXPERIMENT2_VERSION ||
- ret == TLS1_3_EXPERIMENT3_VERSION ||
- ret == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION) {
+ ret == TLS1_3_EXPERIMENT3_VERSION) {
return TLS1_3_VERSION;
}
return ret;
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 8404d52..dc4055e 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -33,20 +33,17 @@
// A draft version of TLS 1.3 that is sent over the wire for the current draft.
const (
- tls13DraftVersion = 0x7f12
- tls13ExperimentVersion = 0x7e01
- tls13Experiment2Version = 0x7e02
- tls13Experiment3Version = 0x7e03
- tls13RecordTypeExperimentVersion = 0x7a12
+ tls13DraftVersion = 0x7f12
+ tls13ExperimentVersion = 0x7e01
+ tls13Experiment2Version = 0x7e02
+ tls13Experiment3Version = 0x7e03
)
const (
- TLS13Default = 0
- TLS13Experiment = 1
- TLS13RecordTypeExperiment = 2
- TLS13NoSessionIDExperiment = 3
- TLS13Experiment2 = 4
- TLS13Experiment3 = 5
+ TLS13Default = 0
+ TLS13Experiment = 1
+ TLS13Experiment2 = 2
+ TLS13Experiment3 = 3
)
var allTLSWireVersions = []uint16{
@@ -54,7 +51,6 @@
tls13Experiment3Version,
tls13Experiment2Version,
tls13ExperimentVersion,
- tls13RecordTypeExperimentVersion,
VersionTLS12,
VersionTLS11,
VersionTLS10,
@@ -743,10 +739,6 @@
// connection if there is not a SessionID in the ClientHello.
ExpectClientHelloSessionID bool
- // ExpectEmptyClientHelloSessionID, if true, causes the server to fail the
- // connection if there is a SessionID in the ClientHello.
- ExpectEmptyClientHelloSessionID bool
-
// ExpectNoTLS12Session, if true, causes the server to fail the
// connection if either a session ID or TLS 1.2 ticket is offered.
ExpectNoTLS12Session bool
@@ -1558,7 +1550,7 @@
switch vers {
case VersionSSL30, VersionTLS10, VersionTLS11, VersionTLS12:
return vers, true
- case tls13DraftVersion, tls13ExperimentVersion, tls13Experiment2Version, tls13Experiment3Version, tls13RecordTypeExperimentVersion:
+ case tls13DraftVersion, tls13ExperimentVersion, tls13Experiment2Version, tls13Experiment3Version:
return VersionTLS13, true
}
}
@@ -1582,10 +1574,9 @@
// it returns true and the corresponding protocol version. Otherwise, it returns
// false.
func (c *Config) isSupportedVersion(wireVers uint16, isDTLS bool) (uint16, bool) {
- if (c.TLS13Variant != TLS13Experiment && c.TLS13Variant != TLS13NoSessionIDExperiment && wireVers == tls13ExperimentVersion) ||
+ if (c.TLS13Variant != TLS13Experiment && wireVers == tls13ExperimentVersion) ||
(c.TLS13Variant != TLS13Experiment2 && wireVers == tls13Experiment2Version) ||
(c.TLS13Variant != TLS13Experiment3 && wireVers == tls13Experiment3Version) ||
- (c.TLS13Variant != TLS13RecordTypeExperiment && wireVers == tls13RecordTypeExperimentVersion) ||
(c.TLS13Variant != TLS13Default && wireVers == tls13DraftVersion) {
return 0, false
}
diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index 25123b1..a80e3c8 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go
@@ -774,11 +774,6 @@
return 0, nil, c.in.setErrorLocked(errors.New("tls: unsupported SSLv2 handshake received"))
}
- // Accept server_plaintext_handshake records when the content type TLS 1.3 variant is enabled.
- if c.isClient && c.in.cipher == nil && c.config.TLS13Variant == TLS13RecordTypeExperiment && want == recordTypeHandshake && typ == recordTypePlaintextHandshake {
- typ = recordTypeHandshake
- }
-
vers := uint16(b.data[1])<<8 | uint16(b.data[2])
n := int(b.data[3])<<8 | int(b.data[4])
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 0a67a80..b1729cb 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -573,11 +573,7 @@
if sendHelloRetryRequest {
oldClientHelloBytes := hs.clientHello.marshal()
hs.writeServerHash(helloRetryRequest.marshal())
- if c.vers == tls13RecordTypeExperimentVersion {
- c.writeRecord(recordTypePlaintextHandshake, helloRetryRequest.marshal())
- } else {
- c.writeRecord(recordTypeHandshake, helloRetryRequest.marshal())
- }
+ c.writeRecord(recordTypeHandshake, helloRetryRequest.marshal())
c.flushHandshake()
if hs.clientHello.hasEarlyData {
@@ -755,11 +751,7 @@
toWrite = append(toWrite, typeEncryptedExtensions)
c.writeRecord(recordTypeHandshake, toWrite)
} else {
- if c.vers == tls13RecordTypeExperimentVersion {
- c.writeRecord(recordTypePlaintextHandshake, hs.hello.marshal())
- } else {
- c.writeRecord(recordTypeHandshake, hs.hello.marshal())
- }
+ c.writeRecord(recordTypeHandshake, hs.hello.marshal())
}
c.flushHandshake()
@@ -1089,9 +1081,6 @@
copy(hs.hello.random[len(hs.hello.random)-8:], downgradeTLS12)
}
- if len(hs.clientHello.sessionId) > 0 && c.config.Bugs.ExpectEmptyClientHelloSessionID {
- return false, errors.New("tls: expected empty session ID from client")
- }
if len(hs.clientHello.sessionId) == 0 && c.config.Bugs.ExpectClientHelloSessionID {
return false, errors.New("tls: expected non-empty session ID from client")
}
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 5415aa5..bc0a9d0 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1316,13 +1316,6 @@
versionWire: tls13Experiment3Version,
tls13Variant: TLS13Experiment3,
},
- {
- name: "TLS13RecordTypeExperiment",
- version: VersionTLS13,
- excludeFlag: "-no-tls13",
- versionWire: tls13RecordTypeExperimentVersion,
- tls13Variant: TLS13RecordTypeExperiment,
- },
}
func allVersions(protocol protocol) []tlsVersion {
@@ -10762,10 +10755,7 @@
})
hasSessionID := false
- hasEmptySessionID := false
- if variant == TLS13NoSessionIDExperiment {
- hasEmptySessionID = true
- } else if variant != TLS13Default && variant != TLS13RecordTypeExperiment {
+ if variant != TLS13Default {
hasSessionID = true
}
@@ -10776,8 +10766,7 @@
config: Config{
MaxVersion: VersionTLS13,
Bugs: ProtocolBugs{
- ExpectClientHelloSessionID: hasSessionID,
- ExpectEmptyClientHelloSessionID: hasEmptySessionID,
+ ExpectClientHelloSessionID: hasSessionID,
},
},
tls13Variant: variant,
diff --git a/tool/client.cc b/tool/client.cc
index e1d9a26..d439860 100644
--- a/tool/client.cc
+++ b/tool/client.cc
@@ -327,14 +327,6 @@
*out = tls13_experiment3;
return true;
}
- if (in == "record-type") {
- *out = tls13_record_type_experiment;
- return true;
- }
- if (in == "no-session-id") {
- *out = tls13_no_session_id_experiment;
- return true;
- }
return false;
}
