Fix DTLS handling of multiple records in a packet.

9a41d1b946c17f353c1f7f1d35713b5623dc399e broke handling of multiple records in
a single packet. If |extend| is true, not all of the previous packet should be
consumed, only up to the record length.

Add a test which stresses the DTLS stack's handling of multiple handshake
fragments in a handshake record and multiple handshake records in a packet.

Change-Id: I96571098ad9001e96440501c4730325227b155b8
Reviewed-by: Adam Langley <>
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 9e6cce3..864f526 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -478,7 +478,9 @@
 	// MaxHandshakeRecordLength, if non-zero, is the maximum size of a
 	// handshake record. Handshake messages will be split into multiple
 	// records at the specified size, except that the client_version will
-	// never be fragmented.
+	// never be fragmented. For DTLS, it is the maximum handshake fragment
+	// size, not record size; DTLS allows multiple handshake fragments in a
+	// single handshake record. See |PackHandshakeFragments|.
 	MaxHandshakeRecordLength int
 	// FragmentClientVersion will allow MaxHandshakeRecordLength to apply to
@@ -712,6 +714,15 @@
 	// DHGroupPrime, if not nil, is used to define the (finite field)
 	// Diffie-Hellman group. The generator used is always two.
 	DHGroupPrime *big.Int
+	// PackHandshakeFragments, if true, causes handshake fragments to be
+	// packed into individual handshake records, up to the specified record
+	// size.
+	PackHandshakeFragments int
+	// PackHandshakeRecords, if true, causes handshake records to be packed
+	// into individual packets, up to the specified packet size.
+	PackHandshakeRecords int
 func (c *Config) serverInit() {