Add server-side FallbackSCSV tests. Assert that inappropriate fallbacks are detected, but if the client_version matches the server's highest version, do not abort the handshake. Change-Id: I9d72570bce45e1eb23fc2b74a3c5fca10562e573 Reviewed-on: https://boringssl-review.googlesource.com/1373 Reviewed-by: Adam Langley <agl@google.com>

commit: bef270a9cfa9c3e6d3c1abea859c9cc42925df0f [log] [tgz]
author: David Benjamin <davidben@chromium.org> Sat Aug 02 04:22:02 2014 -0400
committer: Adam Langley <agl@google.com> Mon Aug 04 20:10:43 2014 +0000
tree: b08e93d7411867c5a18590d81006d9ae6333c16c
parent: d86c7671a84269e63bf653237d3459d8157b4446 [diff] [blame]
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 1cfdda9..4f34ce4 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -387,6 +387,10 @@
 	// SendV2ClientHello causes the client to send a V2ClientHello
 	// instead of a normal ClientHello.
 	SendV2ClientHello bool
+
+	// SendFallbackSCSV causes the client to include
+	// TLS_FALLBACK_SCSV in the ClientHello.
+	SendFallbackSCSV bool
 }
 
 func (c *Config) serverInit() {
commit	bef270a9cfa9c3e6d3c1abea859c9cc42925df0f	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Sat Aug 02 04:22:02 2014 -0400
committer	Adam Langley <agl@google.com>	Mon Aug 04 20:10:43 2014 +0000
tree	b08e93d7411867c5a18590d81006d9ae6333c16c
parent	d86c7671a84269e63bf653237d3459d8157b4446 [diff] [blame]