diff options
author | David Benjamin <davidben@chromium.org> | 2015-11-06 02:23:20 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-11-06 22:18:24 +0300 |
commit | f93995be609ee204e7fe208bf683b901140ce584 (patch) | |
tree | 7aca67631fc5568c16774576fd2707c0e04f0e6c | |
parent | 5f88999a1edd11d8b5e8a72a627a5714c95373cf (diff) |
Test that the client doesn't offer TLS 1.2 ciphers when it shouldn't.
Change-Id: I20541e6eb5cfd48e53de5950bce312aae9801a54
Reviewed-on: https://boringssl-review.googlesource.com/6451
Reviewed-by: Adam Langley <agl@google.com>
-rw-r--r-- | ssl/test/runner/handshake_server.go | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go index 9647715d..568f836e 100644 --- a/ssl/test/runner/handshake_server.go +++ b/ssl/test/runner/handshake_server.go @@ -203,6 +203,15 @@ func (hs *serverHandshakeState) readClientHello() (isResume bool, err error) { hs.clientHello.signatureAndHashes = config.signatureAndHashesForServer() } + // Check the client cipher list is consistent with the version. + if hs.clientHello.vers < VersionTLS12 { + for _, id := range hs.clientHello.cipherSuites { + if isTLS12Cipher(id) { + return false, fmt.Errorf("tls: client offered TLS 1.2 cipher before TLS 1.2") + } + } + } + c.vers, ok = config.mutualVersion(hs.clientHello.vers) if !ok { c.sendAlert(alertProtocolVersion) @@ -1053,3 +1062,14 @@ func (c *Conn) tryCipherSuite(id uint16, supportedCipherSuites []uint16, version return nil } + +func isTLS12Cipher(id uint16) bool { + for _, cipher := range cipherSuites { + if cipher.id != id { + continue + } + return cipher.flags&suiteTLS12 != 0 + } + // Unknown cipher. + return false +} |