Add tests for client-initiated renegotiation.
These'll get removed once most of renego support is gone, but this is to prove
removing the warning alert from the previous commit still prevents legacy
renegotiations.
Change-Id: I7d9d95e1d4c5d23d3b6d170938a5499a65f2d5ea
Reviewed-on: https://boringssl-review.googlesource.com/2236
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index c77f765..6130343 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -488,7 +488,7 @@
// the extended master secret option.
RequireExtendedMasterSecret bool
- // NoExtendedMasterSecret causes the client and server to behave is if
+ // NoExtendedMasterSecret causes the client and server to behave as if
// they didn't support an extended master secret.
NoExtendedMasterSecret bool
@@ -500,6 +500,10 @@
// renegotiation handshake to be incorrect.
BadRenegotiationInfo bool
+ // NoRenegotiationInfo causes the client to behave as if it
+ // didn't support the renegotiation info extension.
+ NoRenegotiationInfo bool
+
// SequenceNumberIncrement, if non-zero, causes outgoing sequence
// numbers in DTLS to increment by that value rather by 1. This is to
// stress the replay bitmap window by simulating extreme packet loss and
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 0c5192f..702797b 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -90,6 +90,10 @@
}
}
+ if c.config.Bugs.NoRenegotiationInfo {
+ hello.secureRenegotiation = nil
+ }
+
possibleCipherSuites := c.config.cipherSuites()
hello.cipherSuites = make([]uint16, 0, len(possibleCipherSuites))
@@ -249,7 +253,7 @@
return fmt.Errorf("tls: server selected an unsupported cipher suite")
}
- if len(c.clientVerify) > 0 {
+ if len(c.clientVerify) > 0 && !c.config.Bugs.NoRenegotiationInfo {
var expectedRenegInfo []byte
expectedRenegInfo = append(expectedRenegInfo, c.clientVerify...)
expectedRenegInfo = append(expectedRenegInfo, c.serverVerify...)
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 2c89717..f8649d3 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1826,6 +1826,34 @@
shouldFail: true,
expectedError: ":RENEGOTIATION_MISMATCH:",
})
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "Renegotiate-Server-ClientInitiated",
+ renegotiate: true,
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "Renegotiate-Server-ClientInitiated-NoExt",
+ renegotiate: true,
+ config: Config{
+ Bugs: ProtocolBugs{
+ NoRenegotiationInfo: true,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":UNSAFE_LEGACY_RENEGOTIATION_DISABLED:",
+ })
+ testCases = append(testCases, testCase{
+ testType: serverTest,
+ name: "Renegotiate-Server-ClientInitiated-NoExt-Allowed",
+ renegotiate: true,
+ config: Config{
+ Bugs: ProtocolBugs{
+ NoRenegotiationInfo: true,
+ },
+ },
+ flags: []string{"-allow-unsafe-legacy-renegotiation"},
+ })
// TODO(agl): test the renegotiation info SCSV.
testCases = append(testCases, testCase{
name: "Renegotiate-Client",