Reorder some extensions to better match Firefox.
Change-Id: I3e2056b3c958d0fc5f49c0caa5003dc37f598424
Reviewed-on: https://boringssl-review.googlesource.com/31264
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index bb47b70..894bb14 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -1966,18 +1966,18 @@
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0xc0, 0x09,
0xc0, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0x00, 0x2f, 0x00, 0x35, 0x00, 0x0a,
- 0x01, 0x00, 0x00, 0x1f, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00,
- 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
- 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18}},
+ 0x01, 0x00, 0x00, 0x1f, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01,
+ 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00,
+ 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00}},
{TLS1_1_VERSION,
{0x16, 0x03, 0x01, 0x00, 0x5a, 0x01, 0x00, 0x00, 0x56, 0x03, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0xc0, 0x09,
0xc0, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0x00, 0x2f, 0x00, 0x35, 0x00, 0x0a,
- 0x01, 0x00, 0x00, 0x1f, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00,
- 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
- 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18}},
+ 0x01, 0x00, 0x00, 0x1f, 0x00, 0x17, 0x00, 0x00, 0xff, 0x01, 0x00, 0x01,
+ 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00,
+ 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, 0x00}},
{TLS1_2_VERSION,
{0x16, 0x03, 0x01, 0x00, 0x82, 0x01, 0x00, 0x00, 0x7e, 0x03, 0x03, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -1985,12 +1985,12 @@
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1e, 0xcc, 0xa9,
0xcc, 0xa8, 0xc0, 0x2b, 0xc0, 0x2f, 0xc0, 0x2c, 0xc0, 0x30, 0xc0, 0x09,
0xc0, 0x13, 0xc0, 0x0a, 0xc0, 0x14, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f,
- 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x37, 0xff, 0x01, 0x00, 0x01,
- 0x00, 0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00,
- 0x14, 0x00, 0x12, 0x04, 0x03, 0x08, 0x04, 0x04, 0x01, 0x05, 0x03, 0x08,
- 0x05, 0x05, 0x01, 0x08, 0x06, 0x06, 0x01, 0x02, 0x01, 0x00, 0x0b, 0x00,
- 0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00,
- 0x17, 0x00, 0x18}},
+ 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x37, 0x00, 0x17, 0x00, 0x00,
+ 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00,
+ 0x1d, 0x00, 0x17, 0x00, 0x18, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
+ 0x23, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x14, 0x00, 0x12, 0x04, 0x03, 0x08,
+ 0x04, 0x04, 0x01, 0x05, 0x03, 0x08, 0x05, 0x05, 0x01, 0x08, 0x06, 0x06,
+ 0x01, 0x02, 0x01}},
// TODO(davidben): Add a change detector for TLS 1.3 once the spec and our
// implementation has settled enough that it won't change.
};
@@ -2033,7 +2033,7 @@
}
}
if (i + 12 >= client_hello.size()) {
- printf("}}");
+ printf("}},");
}
printf("\n");
}
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 3f4818f..678e4a3 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -2775,14 +2775,6 @@
// kExtensions contains all the supported extensions.
static const struct tls_extension kExtensions[] = {
{
- TLSEXT_TYPE_renegotiate,
- NULL,
- ext_ri_add_clienthello,
- ext_ri_parse_serverhello,
- ext_ri_parse_clienthello,
- ext_ri_add_serverhello,
- },
- {
TLSEXT_TYPE_server_name,
NULL,
ext_sni_add_clienthello,
@@ -2799,6 +2791,30 @@
ext_ems_add_serverhello,
},
{
+ TLSEXT_TYPE_renegotiate,
+ NULL,
+ ext_ri_add_clienthello,
+ ext_ri_parse_serverhello,
+ ext_ri_parse_clienthello,
+ ext_ri_add_serverhello,
+ },
+ {
+ TLSEXT_TYPE_supported_groups,
+ NULL,
+ ext_supported_groups_add_clienthello,
+ ext_supported_groups_parse_serverhello,
+ ext_supported_groups_parse_clienthello,
+ dont_add_serverhello,
+ },
+ {
+ TLSEXT_TYPE_ec_point_formats,
+ NULL,
+ ext_ec_point_add_clienthello,
+ ext_ec_point_parse_serverhello,
+ ext_ec_point_parse_clienthello,
+ ext_ec_point_add_serverhello,
+ },
+ {
TLSEXT_TYPE_session_ticket,
NULL,
ext_ticket_add_clienthello,
@@ -2808,6 +2824,23 @@
ext_ticket_add_serverhello,
},
{
+ TLSEXT_TYPE_application_layer_protocol_negotiation,
+ NULL,
+ ext_alpn_add_clienthello,
+ ext_alpn_parse_serverhello,
+ // ALPN is negotiated late in |ssl_negotiate_alpn|.
+ ignore_parse_clienthello,
+ ext_alpn_add_serverhello,
+ },
+ {
+ TLSEXT_TYPE_status_request,
+ NULL,
+ ext_ocsp_add_clienthello,
+ ext_ocsp_parse_serverhello,
+ ext_ocsp_parse_clienthello,
+ ext_ocsp_add_serverhello,
+ },
+ {
TLSEXT_TYPE_signature_algorithms,
NULL,
ext_sigalgs_add_clienthello,
@@ -2824,14 +2857,6 @@
dont_add_serverhello,
},
{
- TLSEXT_TYPE_status_request,
- NULL,
- ext_ocsp_add_clienthello,
- ext_ocsp_parse_serverhello,
- ext_ocsp_parse_clienthello,
- ext_ocsp_add_serverhello,
- },
- {
TLSEXT_TYPE_next_proto_neg,
NULL,
ext_npn_add_clienthello,
@@ -2848,15 +2873,6 @@
ext_sct_add_serverhello,
},
{
- TLSEXT_TYPE_application_layer_protocol_negotiation,
- NULL,
- ext_alpn_add_clienthello,
- ext_alpn_parse_serverhello,
- // ALPN is negotiated late in |ssl_negotiate_alpn|.
- ignore_parse_clienthello,
- ext_alpn_add_serverhello,
- },
- {
TLSEXT_TYPE_channel_id,
ext_channel_id_init,
ext_channel_id_add_clienthello,
@@ -2873,14 +2889,6 @@
ext_srtp_add_serverhello,
},
{
- TLSEXT_TYPE_ec_point_formats,
- NULL,
- ext_ec_point_add_clienthello,
- ext_ec_point_parse_serverhello,
- ext_ec_point_parse_clienthello,
- ext_ec_point_add_serverhello,
- },
- {
TLSEXT_TYPE_key_share,
NULL,
ext_key_share_add_clienthello,
@@ -2929,14 +2937,6 @@
ext_quic_transport_params_add_serverhello,
},
{
- TLSEXT_TYPE_supported_groups,
- NULL,
- ext_supported_groups_add_clienthello,
- ext_supported_groups_parse_serverhello,
- ext_supported_groups_parse_clienthello,
- dont_add_serverhello,
- },
- {
TLSEXT_TYPE_token_binding,
NULL,
ext_token_binding_add_clienthello,