runner: Simplify Config.minVersion and Config.maxVersion

The DTLS machinery doesn't really do anything. It's not enough to keep
the range from excluding a hypothetical DTLS 1.1, and between (D)TLS 1.3
and the weird version switches, we already have to do something a little
special to compute the ClientHello version.

Change-Id: I2854c9332bba51257121aa0aa1b57a85c650feff
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/89470
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Lily Chen <chlily@google.com>
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index bbdae4f..3044813 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -2215,35 +2215,19 @@
 	return s
 }
 
-func (c *Config) minVersion(isDTLS bool) uint16 {
+func (c *Config) minVersion() uint16 {
 	ret := uint16(minVersion)
 	if c != nil && c.MinVersion != 0 {
 		ret = c.MinVersion
 	}
-	if isDTLS {
-		// The lowest version of DTLS is 1.0. There is no DSSL 3.0.
-		if ret < VersionTLS10 {
-			return VersionTLS10
-		}
-		// There is no such thing as DTLS 1.1.
-		if ret == VersionTLS11 {
-			return VersionTLS12
-		}
-	}
 	return ret
 }
 
-func (c *Config) maxVersion(isDTLS bool) uint16 {
+func (c *Config) maxVersion() uint16 {
 	ret := uint16(maxVersion)
 	if c != nil && c.MaxVersion != 0 {
 		ret = c.MaxVersion
 	}
-	if isDTLS {
-		// There is no such thing as DTLS 1.1.
-		if ret == VersionTLS11 {
-			return VersionTLS10
-		}
-	}
 	return ret
 }
 
@@ -2306,7 +2290,7 @@
 // false.
 func (c *Config) isSupportedVersion(wireVers uint16, isDTLS bool) (uint16, bool) {
 	vers, ok := wireToVersion(wireVers, isDTLS)
-	if !ok || c.minVersion(isDTLS) > vers || vers > c.maxVersion(isDTLS) {
+	if !ok || c.minVersion() > vers || vers > c.maxVersion() {
 		return 0, false
 	}
 	return vers, true
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index f2f9c97..72caba4 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -52,7 +52,8 @@
 	switch vers {
 	case VersionTLS12:
 		return VersionDTLS12
-	case VersionTLS10:
+	case VersionTLS11, VersionTLS10:
+		// There is no DTLS 1.1.
 		return VersionDTLS10
 	}
 
@@ -475,8 +476,8 @@
 
 	isInner := innerHello == nil && hs.echHPKEContext != nil
 
-	minVersion := c.config.minVersion(c.isDTLS)
-	maxVersion := c.config.maxVersion(c.isDTLS)
+	minVersion := c.config.minVersion()
+	maxVersion := c.config.maxVersion()
 	// The ClientHelloInner may not offer TLS 1.2 or below.
 	requireTLS13 := isInner && !c.config.Bugs.AllowTLS12InClientHelloInner
 	if requireTLS13 && minVersion < VersionTLS13 {
@@ -2166,13 +2167,13 @@
 	// Check for downgrade signals in the server random, per RFC 8446, section 4.1.3.
 	gotDowngrade := hs.serverHello.random[len(hs.serverHello.random)-8:]
 	if !c.config.Bugs.IgnoreTLS13DowngradeRandom {
-		if c.config.maxVersion(c.isDTLS) >= VersionTLS13 {
+		if c.config.maxVersion() >= VersionTLS13 {
 			if bytes.Equal(gotDowngrade, downgradeTLS13) {
 				c.sendAlert(alertProtocolVersion)
 				return false, errors.New("tls: downgrade from TLS 1.3 detected")
 			}
 		}
-		if c.vers <= VersionTLS11 && c.config.maxVersion(c.isDTLS) >= VersionTLS12 {
+		if c.vers <= VersionTLS11 && c.config.maxVersion() >= VersionTLS12 {
 			if bytes.Equal(gotDowngrade, downgradeTLS12) {
 				c.sendAlert(alertProtocolVersion)
 				return false, errors.New("tls: downgrade from TLS 1.2 detected")
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 0f0feab..7dad53a 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -1495,10 +1495,10 @@
 
 	// Signal downgrades in the server random, per RFC 8446, section 4.1.3.
 	if supportsTLS13 || config.Bugs.SendTLS13DowngradeRandom {
-		if c.vers <= VersionTLS12 && config.maxVersion(c.isDTLS) >= VersionTLS13 {
+		if c.vers <= VersionTLS12 && config.maxVersion() >= VersionTLS13 {
 			copy(hs.hello.random[len(hs.hello.random)-8:], downgradeTLS13)
 		}
-		if c.vers <= VersionTLS11 && config.maxVersion(c.isDTLS) == VersionTLS12 {
+		if c.vers <= VersionTLS11 && config.maxVersion() == VersionTLS12 {
 			copy(hs.hello.random[len(hs.hello.random)-8:], downgradeTLS12)
 		}
 	}