Assert on the alert sent on FALLBACK_SCSV.
We were only asserting on the shim-side error code.
Change-Id: Idc08c253a7723a2a7fd489da761a56c72f7a3b96
Reviewed-on: https://boringssl-review.googlesource.com/12923
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/alert.go b/ssl/test/runner/alert.go
index 8320b7e..93de4b5 100644
--- a/ssl/test/runner/alert.go
+++ b/ssl/test/runner/alert.go
@@ -37,6 +37,7 @@
alertProtocolVersion alert = 70
alertInsufficientSecurity alert = 71
alertInternalError alert = 80
+ alertInappropriateFallback alert = 86
alertUserCanceled alert = 90
alertNoRenegotiation alert = 100
alertMissingExtension alert = 109
@@ -68,6 +69,7 @@
alertProtocolVersion: "protocol version not supported",
alertInsufficientSecurity: "insufficient security level",
alertInternalError: "internal error",
+ alertInappropriateFallback: "inappropriate fallback",
alertUserCanceled: "user canceled",
alertNoRenegotiation: "no renegotiation",
alertMissingExtension: "missing extension",
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index bbe6042..da1c90a 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1315,8 +1315,9 @@
SendFallbackSCSV: true,
},
},
- shouldFail: true,
- expectedError: ":INAPPROPRIATE_FALLBACK:",
+ shouldFail: true,
+ expectedError: ":INAPPROPRIATE_FALLBACK:",
+ expectedLocalError: "remote error: inappropriate fallback",
},
{
testType: serverTest,