Google Git
Sign in
boringssl / boringssl.git / 594e7d2b7703a6c231264edf6b03460b018d2200^! / .
commit594e7d2b7703a6c231264edf6b03460b018d2200[log] [tgz]
authorDavid Benjamin <davidben@google.com>Thu Mar 17 17:49:56 2016 -0400
committerDavid Benjamin <davidben@google.com>Fri Mar 18 19:47:46 2016 +0000
tree9a1752b2ccf4a530d1ce31327e7791808df6e606
parentf277add6c2de55286f0d13edebf41929e4970d5a [diff]
Add a test that declining ALPN works.

Inspired by https://mta.openssl.org/pipermail/openssl-dev/2016-March/006150.html

Change-Id: I973b3baf054ed1051002f7bb9941cb1deeb36d78
Reviewed-on: https://boringssl-review.googlesource.com/7504
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index 7da64bb..3ef0919 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc

@@ -493,7 +493,7 @@
 static int AlpnSelectCallback(SSL* ssl, const uint8_t** out, uint8_t* outlen,
                               const uint8_t* in, unsigned inlen, void* arg) {
   const TestConfig *config = GetConfigPtr(ssl);
-  if (config->select_alpn.empty()) {
+  if (config->decline_alpn) {
     return SSL_TLSEXT_ERR_NOACK;
   }
 
@@ -828,7 +828,7 @@
                                      NULL);
   }
 
-  if (!config->select_alpn.empty()) {
+  if (!config->select_alpn.empty() || config->decline_alpn) {
     SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), AlpnSelectCallback, NULL);
   }
 

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index e81786d..9754ad7 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -3603,6 +3603,16 @@
 		expectedNextProtoType: alpn,
 		resumeSession:         true,
 	})
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "ALPNServer-Decline",
+		config: Config{
+			NextProtos: []string{"foo", "bar", "baz"},
+		},
+		flags:             []string{"-decline-alpn"},
+		expectNoNextProto: true,
+		resumeSession:     true,
+	})
 	// Test that the server prefers ALPN over NPN.
 	testCases = append(testCases, testCase{
 		testType: serverTest,

diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc
index dfbd380..67a017d 100644
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc

@@ -62,6 +62,7 @@
   { "-no-ssl3", &TestConfig::no_ssl3 },
   { "-shim-writes-first", &TestConfig::shim_writes_first },
   { "-expect-session-miss", &TestConfig::expect_session_miss },
+  { "-decline-alpn", &TestConfig::decline_alpn },
   { "-expect-extended-master-secret",
     &TestConfig::expect_extended_master_secret },
   { "-enable-ocsp-stapling", &TestConfig::enable_ocsp_stapling },

diff --git a/ssl/test/test_config.h b/ssl/test/test_config.h
index e04fdd4..fe117d8 100644
--- a/ssl/test/test_config.h
+++ b/ssl/test/test_config.h

@@ -50,6 +50,7 @@
   std::string expected_alpn;
   std::string expected_advertised_alpn;
   std::string select_alpn;
+  bool decline_alpn = false;
   bool expect_session_miss = false;
   bool expect_extended_master_secret = false;
   std::string psk;