Apply bugs to second, TLS 1.3 ClientHello.
Based on elements of the Bugs structure, runner will tweak a ClientHello
message after parsing. However, unless the same tweaks are made to a
second ClientHello in a TLS 1.3 connection, it might appear that they
don't match.
Change-Id: I4467c8ece12dc75c7c7b0fad9e622e6783c55f21
Reviewed-on: https://boringssl-review.googlesource.com/14224
Commit-Queue: Adam Langley <alangley@gmail.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 9b4bff8..64edd01 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -342,19 +342,23 @@
}
}
- if config.Bugs.IgnorePeerSignatureAlgorithmPreferences {
- hs.clientHello.signatureAlgorithms = config.signSignatureAlgorithms()
- }
- if config.Bugs.IgnorePeerCurvePreferences {
- hs.clientHello.supportedCurves = config.curvePreferences()
- }
- if config.Bugs.IgnorePeerCipherPreferences {
- hs.clientHello.cipherSuites = config.cipherSuites()
- }
+ applyBugsToClientHello(hs.clientHello, config)
return nil
}
+func applyBugsToClientHello(clientHello *clientHelloMsg, config *Config) {
+ if config.Bugs.IgnorePeerSignatureAlgorithmPreferences {
+ clientHello.signatureAlgorithms = config.signSignatureAlgorithms()
+ }
+ if config.Bugs.IgnorePeerCurvePreferences {
+ clientHello.supportedCurves = config.curvePreferences()
+ }
+ if config.Bugs.IgnorePeerCipherPreferences {
+ clientHello.cipherSuites = config.cipherSuites()
+ }
+}
+
func (hs *serverHandshakeState) doTLS13Handshake() error {
c := hs.c
config := c.config
@@ -587,6 +591,8 @@
}
hs.writeClientHash(newClientHello.marshal())
+ applyBugsToClientHello(newClientHello, config)
+
// Check that the new ClientHello matches the old ClientHello,
// except for relevant modifications.
//
