Test that warning alerts are ignored.
Partly inspired by the new state exposed in
dc3da938992d209a3b36acbd9695cfcab1fdf041, stress this codepath by spamming our
poor shim with warning alerts.
Change-Id: I876c6e52911b6eb57493cf3e1782b37ea96d01f8
Reviewed-on: https://boringssl-review.googlesource.com/4112
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 5cc8e42..11bec4e 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -679,6 +679,10 @@
// IgnorePeerSignatureAlgorithmPreferences, if true, causes the peer's
// signature algorithm preferences to be ignored.
IgnorePeerSignatureAlgorithmPreferences bool
+
+ // SendWarningAlerts, if non-zero, causes every record to be prefaced by
+ // a warning alert.
+ SendWarningAlerts alert
}
func (c *Config) serverInit() {
diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index 6207b02..90cf01f 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go
@@ -829,6 +829,13 @@
// to the connection and updates the record layer state.
// c.out.Mutex <= L.
func (c *Conn) writeRecord(typ recordType, data []byte) (n int, err error) {
+ if typ != recordTypeAlert && c.config.Bugs.SendWarningAlerts != 0 {
+ alert := make([]byte, 2)
+ alert[0] = alertLevelWarning
+ alert[1] = byte(c.config.Bugs.SendWarningAlerts)
+ c.writeRecord(recordTypeAlert, alert)
+ }
+
if c.isDTLS {
return c.dtlsWriteRecord(typ, data)
}
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index a295cca..f66993f 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -904,6 +904,23 @@
shouldFail: true,
expectedError: ":WRONG_CIPHER_RETURNED:",
},
+ {
+ name: "SendWarningAlerts",
+ config: Config{
+ Bugs: ProtocolBugs{
+ SendWarningAlerts: alertAccessDenied,
+ },
+ },
+ },
+ {
+ protocol: dtls,
+ name: "SendWarningAlerts-DTLS",
+ config: Config{
+ Bugs: ProtocolBugs{
+ SendWarningAlerts: alertAccessDenied,
+ },
+ },
+ },
}
func doExchange(test *testCase, config *Config, conn net.Conn, messageLen int, isResume bool) error {