Remove SSL_OP_TLS_ROLLBACK_BUG.
It's not part of SSL_OP_ALL and is unused, so remove it. Add a test that
asserts the version check works.
Change-Id: I917516594ec5a4998a8316782f035697c33d99b0
Reviewed-on: https://boringssl-review.googlesource.com/1418
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index eb1d57c..d69f09f 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -396,6 +396,11 @@
// handshake record. Handshake messages will be split at the record
// layer.
MaxHandshakeRecordLength int
+
+ // RsaClientKeyExchangeVersion, if non-zero, causes the client to send a
+ // ClientKeyExchange with the specified version rather than the
+ // client_version when performing the RSA key exchange.
+ RsaClientKeyExchangeVersion uint16
}
func (c *Config) serverInit() {
diff --git a/ssl/test/runner/key_agreement.go b/ssl/test/runner/key_agreement.go
index 0e29d63..929eb06 100644
--- a/ssl/test/runner/key_agreement.go
+++ b/ssl/test/runner/key_agreement.go
@@ -70,8 +70,12 @@
func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
preMasterSecret := make([]byte, 48)
- preMasterSecret[0] = byte(clientHello.vers >> 8)
- preMasterSecret[1] = byte(clientHello.vers)
+ vers := clientHello.vers
+ if config.Bugs.RsaClientKeyExchangeVersion != 0 {
+ vers = config.Bugs.RsaClientKeyExchangeVersion
+ }
+ preMasterSecret[0] = byte(vers >> 8)
+ preMasterSecret[1] = byte(vers)
_, err := io.ReadFull(config.rand(), preMasterSecret[2:])
if err != nil {
return nil, nil, err
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 3edbd8b..f2e268e 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -124,6 +124,18 @@
expectedError: ":WRONG_CURVE:",
},
{
+ testType: serverTest,
+ name: "BadRSAVersion",
+ config: Config{
+ CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
+ Bugs: ProtocolBugs{
+ RsaClientKeyExchangeVersion: VersionTLS11,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
+ },
+ {
name: "NoFallbackSCSV",
config: Config{
Bugs: ProtocolBugs{
@@ -736,8 +748,8 @@
"-write-different-record-sizes",
"-cbc-record-splitting",
},
- },
- testCase{
+ })
+ testCases = append(testCases, testCase{
name: "CBCRecordSplittingPartialWrite",
config: Config{
MaxVersion: VersionTLS10,