Revert "Drop retransmits in DTLS tests."
This reverts commit c67a3ae6babb8accceb6854ec5167cd8b1d19e2f. With a
deterministic clock, we can now go back to being strict about retransmits. Our
tests will now require that the shim only retransmit when we expect it to.
Change-Id: Iab1deb9665dcd294790c8253d920089e83a9140c
Reviewed-on: https://boringssl-review.googlesource.com/3211
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/conn.go b/ssl/test/runner/conn.go
index d4a6817..1c64c6a 100644
--- a/ssl/test/runner/conn.go
+++ b/ssl/test/runner/conn.go
@@ -756,11 +756,8 @@
if typ != want {
// A client might need to process a HelloRequest from
// the server, thus receiving a handshake message when
- // application data is expected is ok. Moreover, a DTLS
- // peer who sends Finished second may retransmit the
- // final leg. BoringSSL retrainsmits on an internal
- // timer, so this may also occur in test code.
- if !c.isClient && !c.isDTLS {
+ // application data is expected is ok.
+ if !c.isClient {
return c.in.setErrorLocked(c.sendAlert(alertNoRenegotiation))
}
}
@@ -1096,9 +1093,9 @@
// Soft error, like EAGAIN
return 0, err
}
- if c.hand.Len() > 0 && !c.isDTLS {
+ if c.hand.Len() > 0 {
// We received handshake bytes, indicating the
- // start of a renegotiation or a DTLS retransmit.
+ // start of a renegotiation.
if err := c.handleRenegotiation(); err != nil {
return 0, err
}
diff --git a/ssl/test/runner/dtls.go b/ssl/test/runner/dtls.go
index a395980..2e1fb65 100644
--- a/ssl/test/runner/dtls.go
+++ b/ssl/test/runner/dtls.go
@@ -38,7 +38,6 @@
}
func (c *Conn) dtlsDoReadRecord(want recordType) (recordType, *block, error) {
-Again:
recordHeaderLen := dtlsRecordHeaderLen
if c.rawInput == nil {
@@ -82,13 +81,6 @@
}
}
seq := b.data[3:11]
- if !bytes.Equal(seq[:2], c.in.seq[:2]) {
- // If the epoch didn't match, silently drop the record.
- // BoringSSL retransmits on an internal timer, so it may flakily
- // revisit the previous epoch if retransmiting ChangeCipherSpec
- // and Finished.
- goto Again
- }
// For test purposes, we assume a reliable channel. Require
// that the explicit sequence number matches the incrementing
// one we maintain. A real implementation would maintain a
@@ -250,9 +242,9 @@
func (c *Conn) dtlsDoReadHandshake() ([]byte, error) {
// Assemble a full handshake message. For test purposes, this
- // implementation assumes fragments arrive in order, but tolerates
- // retransmits. It may need to be cleverer if we ever test BoringSSL's
- // retransmit behavior.
+ // implementation assumes fragments arrive in order. It may
+ // need to be cleverer if we ever test BoringSSL's retransmit
+ // behavior.
for len(c.handMsg) < 4+c.handMsgLen {
// Get a new handshake record if the previous has been
// exhausted.
@@ -281,16 +273,9 @@
}
fragment := c.hand.Next(fragLen)
- if fragSeq < c.recvHandshakeSeq {
- // BoringSSL retransmits based on an internal timer, so
- // it may flakily retransmit part of a handshake
- // message. Ignore those fragments.
- //
- // TODO(davidben): Revise this if BoringSSL's retransmit
- // logic is made more deterministic.
- continue
- } else if fragSeq > c.recvHandshakeSeq {
- return nil, errors.New("dtls: handshake messages sent out of order")
+ // Check it's a fragment for the right message.
+ if fragSeq != c.recvHandshakeSeq {
+ return nil, errors.New("dtls: bad handshake sequence number")
}
// Check that the length is consistent.