Google Git
Sign in
boringssl/boringssl.git/56c4ed9ad78bcabdf84dd8d872666f4877c0dac6^!/.
commit
56c4ed9ad78bcabdf84dd8d872666f4877c0dac6
[log]
author
Steven Valdez <svaldez@google.com>
Thu May 10 11:04:53 2018 -0400
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Thu May 10 20:27:34 2018 +0000
tree
d5c3393c6a536af013900733c7887c24662615bb
parent
65359f0887444998841b6a832b1196b82de117ef [diff]
Allow enabling all TLS 1.3 variants by setting |tls13_default|.

Update-Note: Enabling TLS 1.3 now enables both draft-23 and draft-28
by default, in preparation for cycling all to draft-28.
Change-Id: I9405f39081f2e5f7049aaae8a9c85399f21df047
Reviewed-on: https://boringssl-review.googlesource.com/28304
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 662053d..1033749 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -3379,7 +3379,8 @@
 
 enum tls13_variant_t {
   tls13_default = 0,
-  tls13_draft28 = 1,
+  tls13_draft23,
+  tls13_draft28,
 };
 
 // SSL_CTX_set_tls13_variant sets which variant of TLS 1.3 we negotiate. On the

diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc
index a09efa1..9588dd3 100644
--- a/ssl/ssl_versions.cc
+++ b/ssl/ssl_versions.cc

@@ -299,17 +299,20 @@
     return false;
   }
 
-  // This logic is part of the TLS 1.3 variants mechanism used in TLS 1.3
-  // experimentation. TLS 1.3 variants must match the enabled |tls13_variant|.
-  if (protocol_version != TLS1_3_VERSION ||
-      (ssl->tls13_variant == tls13_draft28 &&
-       version == TLS1_3_DRAFT28_VERSION) ||
-      (ssl->tls13_variant == tls13_default &&
-       version == TLS1_3_DRAFT23_VERSION)) {
-    return true;
+  // If the TLS 1.3 variant is set to |tls13_default|, all variants are enabled,
+  // otherwise only the matching version is enabled.
+  if (protocol_version == TLS1_3_VERSION) {
+    switch (ssl->tls13_variant) {
+      case tls13_draft23:
+        return version == TLS1_3_DRAFT23_VERSION;
+      case tls13_draft28:
+        return version == TLS1_3_DRAFT28_VERSION;
+      case tls13_default:
+        return true;
+    }
   }
 
-  return false;
+  return true;
 }
 
 bool ssl_add_supported_versions(SSL_HANDSHAKE *hs, CBB *cbb) {

diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index f5ddaed..dcc1b01 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -39,8 +39,9 @@
 )
 
 const (
-	TLS13Draft23 = 0
-	TLS13Draft28 = 1
+	TLS13Default = 0
+	TLS13Draft23 = 1
+	TLS13Draft28 = 2
 )
 
 var allTLSWireVersions = []uint16{
@@ -1714,8 +1715,8 @@
 // it returns true and the corresponding protocol version. Otherwise, it returns
 // false.
 func (c *Config) isSupportedVersion(wireVers uint16, isDTLS bool) (uint16, bool) {
-	if (c.TLS13Variant != TLS13Draft23 && wireVers == tls13Draft23Version) ||
-		(c.TLS13Variant != TLS13Draft28 && wireVers == tls13Draft28Version) {
+	if (c.TLS13Variant == TLS13Draft23 && wireVers == tls13Draft28Version) ||
+		(c.TLS13Variant == TLS13Draft28 && wireVers == tls13Draft23Version) {
 		return 0, false
 	}
 

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 0ad00c2..53eeb8b 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -1405,6 +1405,23 @@
 	return ret
 }
 
+func allShimVersions(protocol protocol) []tlsVersion {
+	if protocol == dtls {
+		return allVersions(protocol)
+	}
+	tls13Default := tlsVersion{
+		name:         "TLS13Default",
+		version:      VersionTLS13,
+		excludeFlag:  "-no-tls13",
+		versionWire:  0,
+		tls13Variant: TLS13Default,
+	}
+
+	var shimVersions []tlsVersion
+	shimVersions = append(shimVersions, allVersions(protocol)...)
+	return append(shimVersions, tls13Default)
+}
+
 type testCipherSuite struct {
 	name string
 	id   uint16
@@ -5371,7 +5388,7 @@
 
 func addVersionNegotiationTests() {
 	for _, protocol := range []protocol{tls, dtls} {
-		for _, shimVers := range allVersions(protocol) {
+		for _, shimVers := range allShimVersions(protocol) {
 			// Assemble flags to disable all newer versions on the shim.
 			var flags []string
 			for _, vers := range allVersions(protocol) {
@@ -5393,13 +5410,12 @@
 				if runnerVers.version < shimVers.version {
 					expectedVersion = runnerVers.version
 				}
-				// When running and shim have different TLS 1.3 variants enabled,
-				// shim peers are expected to fall back to TLS 1.2.
+
 				if expectedVersion == VersionTLS13 && runnerVers.tls13Variant != shimVers.tls13Variant {
-					expectedVersion = VersionTLS12
+					if shimVers.tls13Variant != TLS13Default {
+						expectedVersion = VersionTLS12
+					}
 				}
-				expectedClientVersion := expectedVersion
-				expectedServerVersion := expectedVersion
 
 				suffix := shimVers.name + "-" + runnerVers.name
 				if protocol == dtls {
@@ -5412,8 +5428,8 @@
 					clientVers = VersionTLS10
 				}
 				clientVers = recordVersionToWire(clientVers, protocol)
-				serverVers := expectedServerVersion
-				if expectedServerVersion >= VersionTLS13 {
+				serverVers := expectedVersion
+				if expectedVersion >= VersionTLS13 {
 					serverVers = VersionTLS12
 				}
 				serverVers = recordVersionToWire(serverVers, protocol)
@@ -5430,7 +5446,7 @@
 						},
 					},
 					flags:           flags,
-					expectedVersion: expectedClientVersion,
+					expectedVersion: expectedVersion,
 				})
 				testCases = append(testCases, testCase{
 					protocol: protocol,
@@ -5444,7 +5460,7 @@
 						},
 					},
 					flags:           flags2,
-					expectedVersion: expectedClientVersion,
+					expectedVersion: expectedVersion,
 				})
 
 				testCases = append(testCases, testCase{
@@ -5459,7 +5475,7 @@
 						},
 					},
 					flags:           flags,
-					expectedVersion: expectedServerVersion,
+					expectedVersion: expectedVersion,
 				})
 				testCases = append(testCases, testCase{
 					protocol: protocol,
@@ -5473,7 +5489,7 @@
 						},
 					},
 					flags:           flags2,
-					expectedVersion: expectedServerVersion,
+					expectedVersion: expectedVersion,
 				})
 			}
 		}

diff --git a/tool/client.cc b/tool/client.cc
index 037e10c..4ab0742 100644
--- a/tool/client.cc
+++ b/tool/client.cc

@@ -330,7 +330,7 @@
 
 static bool GetTLS13Variant(tls13_variant_t *out, const std::string &in) {
   if (in == "draft23") {
-    *out = tls13_default;
+    *out = tls13_draft23;
     return true;
   }
   if (in == "draft28") {

diff --git a/tool/server.cc b/tool/server.cc
index 7a4e53b..bc90630 100644
--- a/tool/server.cc
+++ b/tool/server.cc

@@ -68,7 +68,8 @@
         "-early-data", kBooleanArgument, "Allow early data",
     },
     {
-        "-tls13-variant", kBooleanArgument, "Enables all TLS 1.3 variants",
+        "-tls13-variant", kOptionalArgument,
+        "Enable the specified experimental TLS 1.3 variant",
     },
     {
         "-www", kBooleanArgument,
@@ -147,6 +148,18 @@
   return x509;
 }
 
+static bool GetTLS13Variant(tls13_variant_t *out, const std::string &in) {
+  if (in == "draft23") {
+    *out = tls13_draft23;
+    return true;
+  }
+  if (in == "draft28") {
+    *out = tls13_draft28;
+    return true;
+  }
+  return false;
+}
+
 static void InfoCallback(const SSL *ssl, int type, int value) {
   switch (type) {
     case SSL_CB_HANDSHAKE_START:
@@ -307,7 +320,13 @@
   }
 
   if (args_map.count("-tls13-variant") != 0) {
-    SSL_CTX_set_tls13_variant(ctx.get(), tls13_draft28);
+    tls13_variant_t variant;
+    if (!GetTLS13Variant(&variant, args_map["-tls13-variant"])) {
+      fprintf(stderr, "Unknown TLS 1.3 variant: %s\n",
+              args_map["-tls13-variant"].c_str());
+      return false;
+    }
+    SSL_CTX_set_tls13_variant(ctx.get(), variant);
   }
 
   if (args_map.count("-debug") != 0) {