Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1411475 - Set the record layer version, r=ekr
This refactors the code so that the cipher specs have a field that includes the
record layer version number.  This is used to cap the ClientHello record
version, as well as set the 1.0/1.2 version as necessary for the two TLS 1.3
versions.

--HG--
branch : NSS_TLS13_DRAFT19_BRANCH
extra : rebase_source : 3b33a6c25c037d23e14270a4e8bf7da2d7f7d0a6
extra : amend_source : 19d43f91a6cd33d4baa16ad04adff5bcb22d86a8
extra : source : f5b94d346fdbad4e611435e37a0ee8090fce439f
  • Loading branch information
martinthomson committed Oct 27, 2017
1 parent d81088d commit 0f52cc4
Show file tree
Hide file tree
Showing 8 changed files with 147 additions and 110 deletions.
17 changes: 14 additions & 3 deletions gtests/ssl_gtest/ssl_alths_unittest.cc
Expand Up @@ -18,7 +18,7 @@
namespace nss_test {

static const uint32_t kServerHelloVersionAlt = SSL_LIBRARY_VERSION_TLS_1_2;
static const uint32_t kServerHelloVersionRegular =
static const uint16_t kServerHelloVersionRegular =
0x7f00 | TLS_1_3_DRAFT_VERSION;

class AltHandshakeTest : public TlsConnectStreamTls13 {
Expand All @@ -27,6 +27,8 @@ class AltHandshakeTest : public TlsConnectStreamTls13 {
TlsConnectStreamTls13::SetUp();
client_ccs_recorder_ =
std::make_shared<TlsRecordRecorder>(kTlsChangeCipherSpecType);
server_handshake_recorder_ =
std::make_shared<TlsRecordRecorder>(kTlsHandshakeType);
server_ccs_recorder_ =
std::make_shared<TlsRecordRecorder>(kTlsChangeCipherSpecType);
server_hello_recorder_ =
Expand All @@ -42,11 +44,17 @@ class AltHandshakeTest : public TlsConnectStreamTls13 {
void InstallFilters() {
client_->SetPacketFilter(client_ccs_recorder_);
auto chain = std::make_shared<ChainedPacketFilter>(ChainedPacketFilterInit(
{server_ccs_recorder_, server_hello_recorder_}));
{server_handshake_recorder_, server_ccs_recorder_,
server_hello_recorder_}));
server_->SetPacketFilter(chain);
}

void CheckServerHelloVersion(uint32_t server_hello_version) {
void CheckServerHelloRecordVersion(uint16_t record_version) {
ASSERT_EQ(record_version,
server_handshake_recorder_->record(0).header.version());
}

void CheckServerHelloVersion(uint16_t server_hello_version) {
uint32_t ver;
ASSERT_TRUE(server_hello_recorder_->buffer().Read(0, 2, &ver));
ASSERT_EQ(server_hello_version, ver);
Expand All @@ -56,15 +64,18 @@ class AltHandshakeTest : public TlsConnectStreamTls13 {
EXPECT_EQ(0U, client_ccs_recorder_->count());
EXPECT_EQ(0U, server_ccs_recorder_->count());
CheckServerHelloVersion(kServerHelloVersionRegular);
CheckServerHelloRecordVersion(SSL_LIBRARY_VERSION_TLS_1_0);
}

void CheckForAltHandshake() {
EXPECT_EQ(1U, client_ccs_recorder_->count());
EXPECT_EQ(1U, server_ccs_recorder_->count());
CheckServerHelloVersion(kServerHelloVersionAlt);
CheckServerHelloRecordVersion(SSL_LIBRARY_VERSION_TLS_1_2);
}

std::shared_ptr<TlsRecordRecorder> client_ccs_recorder_;
std::shared_ptr<TlsRecordRecorder> server_handshake_recorder_;
std::shared_ptr<TlsRecordRecorder> server_ccs_recorder_;
std::shared_ptr<TlsInspectorRecordHandshakeMessage> server_hello_recorder_;
};
Expand Down

0 comments on commit 0f52cc4

Please sign in to comment.