Add assertions on the initial record version number. The record-layer version of the ServerHello should match the final version. The record-layer version of the ClientHello should be the advertised version, but clamped at TLS 1.0. This is to ensure future rewrites do not regress this. Change-Id: I96f1f0674944997ff38b562453a322ce61652635 Reviewed-on: https://boringssl-review.googlesource.com/2540 Reviewed-by: Adam Langley <agl@google.com>

commit: 1e29a6b7c5a5a4946ce43976af017e2e4c0e0d18 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Wed Dec 10 02:27:24 2014 -0500
committer: Adam Langley <agl@google.com> Thu Dec 11 00:04:37 2014 +0000
tree: 14d55babc2e2785d014e60311de7b98494d95981
parent: af7e74ba9f1aae1ce1ac2fd4897ecbdea32f8aaa [diff]
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 90c5294..4dd710c 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -586,6 +586,10 @@
 	// RequireFastradioPadding, if true, requires that ClientHello messages
 	// be at least 1000 bytes long.
 	RequireFastradioPadding bool
+
+	// ExpectInitialRecordVersion, if non-zero, is the expected
+	// version of the records before the version is determined.
+	ExpectInitialRecordVersion uint16
 }
 
 func (c *Config) serverInit() {

diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index 177e458..1c64c6a 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go

@@ -625,9 +625,16 @@
 
 	vers := uint16(b.data[1])<<8 | uint16(b.data[2])
 	n := int(b.data[3])<<8 | int(b.data[4])
-	if c.haveVers && vers != c.vers {
-		c.sendAlert(alertProtocolVersion)
-		return 0, nil, c.in.setErrorLocked(fmt.Errorf("tls: received record with version %x when expecting version %x", vers, c.vers))
+	if c.haveVers {
+		if vers != c.vers {
+			c.sendAlert(alertProtocolVersion)
+			return 0, nil, c.in.setErrorLocked(fmt.Errorf("tls: received record with version %x when expecting version %x", vers, c.vers))
+		}
+	} else {
+		if expect := c.config.Bugs.ExpectInitialRecordVersion; expect != 0 && vers != expect {
+			c.sendAlert(alertProtocolVersion)
+			return 0, nil, c.in.setErrorLocked(fmt.Errorf("tls: received record with version %x when expecting version %x", vers, expect))
+		}
 	}
 	if n > maxCiphertext {
 		c.sendAlert(alertRecordOverflow)

diff --git a/ssl/test/runner/dtls.go b/ssl/test/runner/dtls.go
index 9c48b19..e7c5041 100644
--- a/ssl/test/runner/dtls.go
+++ b/ssl/test/runner/dtls.go

@@ -66,9 +66,16 @@
 	}
 	typ := recordType(b.data[0])
 	vers := wireToVersion(uint16(b.data[1])<<8|uint16(b.data[2]), c.isDTLS)
-	if c.haveVers && vers != c.vers {
-		c.sendAlert(alertProtocolVersion)
-		return 0, nil, c.in.setErrorLocked(fmt.Errorf("dtls: received record with version %x when expecting version %x", vers, c.vers))
+	if c.haveVers {
+		if vers != c.vers {
+			c.sendAlert(alertProtocolVersion)
+			return 0, nil, c.in.setErrorLocked(fmt.Errorf("dtls: received record with version %x when expecting version %x", vers, c.vers))
+		}
+	} else {
+		if expect := c.config.Bugs.ExpectInitialRecordVersion; expect != 0 && vers != expect {
+			c.sendAlert(alertProtocolVersion)
+			return 0, nil, c.in.setErrorLocked(fmt.Errorf("dtls: received record with version %x when expecting version %x", vers, expect))
+		}
 	}
 	seq := b.data[3:11]
 	// For test purposes, we assume a reliable channel. Require

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index ecf80db..5fed62b 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -1632,12 +1632,19 @@
 					suffix += "-DTLS"
 				}
 
+				clientVers := shimVers.version
+				if clientVers > VersionTLS10 {
+					clientVers = VersionTLS10
+				}
 				testCases = append(testCases, testCase{
 					protocol: protocol,
 					testType: clientTest,
 					name:     "VersionNegotiation-Client-" + suffix,
 					config: Config{
 						MaxVersion: runnerVers.version,
+						Bugs: ProtocolBugs{
+							ExpectInitialRecordVersion: clientVers,
+						},
 					},
 					flags:           flags,
 					expectedVersion: expectedVersion,
@@ -1649,6 +1656,9 @@
 					name:     "VersionNegotiation-Server-" + suffix,
 					config: Config{
 						MaxVersion: runnerVers.version,
+						Bugs: ProtocolBugs{
+							ExpectInitialRecordVersion: expectedVersion,
+						},
 					},
 					flags:           flags,
 					expectedVersion: expectedVersion,
@@ -2157,25 +2167,25 @@
 }
 
 func addFastRadioPaddingTests() {
-	testCases = append(testCases, testCase {
-		protocol:	tls,
-		name:		"FastRadio-Padding",
+	testCases = append(testCases, testCase{
+		protocol: tls,
+		name:     "FastRadio-Padding",
 		config: Config{
 			Bugs: ProtocolBugs{
 				RequireFastradioPadding: true,
 			},
 		},
-		flags:		[]string{"-fastradio-padding"},
+		flags: []string{"-fastradio-padding"},
 	})
-	testCases = append(testCases, testCase {
-		protocol:	dtls,
-		name:		"FastRadio-Padding",
+	testCases = append(testCases, testCase{
+		protocol: dtls,
+		name:     "FastRadio-Padding",
 		config: Config{
 			Bugs: ProtocolBugs{
 				RequireFastradioPadding: true,
 			},
 		},
-		flags:		[]string{"-fastradio-padding"},
+		flags: []string{"-fastradio-padding"},
 	})
 }
commit	1e29a6b7c5a5a4946ce43976af017e2e4c0e0d18	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Wed Dec 10 02:27:24 2014 -0500
committer	Adam Langley <agl@google.com>	Thu Dec 11 00:04:37 2014 +0000
tree	14d55babc2e2785d014e60311de7b98494d95981
parent	af7e74ba9f1aae1ce1ac2fd4897ecbdea32f8aaa [diff]