Add tests for CVE-2014-3511. Also change MaxHandshakeRecordLength to 1 in the handshake coverage tests to better stress the state machine. Change-Id: I27fce2c000b3d4818fd2e9a47fb09d3f646dd1bd Reviewed-on: https://boringssl-review.googlesource.com/1452 Reviewed-by: Adam Langley <agl@google.com>

commit: 9821454f2bad416f22fab57c66800fa6f20fdeda [log] [tgz]
author: David Benjamin <davidben@chromium.org> Thu Aug 07 18:02:39 2014 -0400
committer: Adam Langley <agl@google.com> Fri Aug 08 17:39:47 2014 +0000
tree: fe9149e3add21c5ca2ec04ef88022bbcabdd970b
parent: 7e2e6cf1a0d2c5308d290fa6cbf0df2e758a5478 [diff] [blame]
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index d69f09f..6c1dfcd 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -393,10 +393,15 @@
 	SendFallbackSCSV bool
 
 	// MaxHandshakeRecordLength, if non-zero, is the maximum size of a
-	// handshake record. Handshake messages will be split at the record
-	// layer.
+	// handshake record. Handshake messages will be split into multiple
+	// records at the specified size, except that the client_version will
+	// never be fragmented.
 	MaxHandshakeRecordLength int
 
+	// FragmentClientVersion will allow MaxHandshakeRecordLength to apply to
+	// the first 6 bytes of the ClientHello.
+	FragmentClientVersion bool
+
 	// RsaClientKeyExchangeVersion, if non-zero, causes the client to send a
 	// ClientKeyExchange with the specified version rather than the
 	// client_version when performing the RSA key exchange.
commit	9821454f2bad416f22fab57c66800fa6f20fdeda	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Thu Aug 07 18:02:39 2014 -0400
committer	Adam Langley <agl@google.com>	Fri Aug 08 17:39:47 2014 +0000
tree	fe9149e3add21c5ca2ec04ef88022bbcabdd970b
parent	7e2e6cf1a0d2c5308d290fa6cbf0df2e758a5478 [diff] [blame]