diff options
Diffstat (limited to 'src/ssl/test/runner/handshake_client.go')
| -rw-r--r-- | src/ssl/test/runner/handshake_client.go | 42 |
1 files changed, 1 insertions, 41 deletions
diff --git a/src/ssl/test/runner/handshake_client.go b/src/ssl/test/runner/handshake_client.go index a3ce686..a950313 100644 --- a/src/ssl/test/runner/handshake_client.go +++ b/src/ssl/test/runner/handshake_client.go @@ -45,7 +45,7 @@ func (c *Conn) clientHandshake() error { nextProtosLength := 0 for _, proto := range c.config.NextProtos { - if l := len(proto); l > 255 { + if l := len(proto); l == 0 || l > 255 { return errors.New("tls: invalid NextProtos value") } else { nextProtosLength += 1 + l @@ -61,7 +61,6 @@ func (c *Conn) clientHandshake() error { compressionMethods: []uint8{compressionNone}, random: make([]byte, 32), ocspStapling: true, - sctListSupported: true, serverName: c.config.ServerName, supportedCurves: c.config.curvePreferences(), supportedPoints: []uint8{pointFormatUncompressed}, @@ -74,7 +73,6 @@ func (c *Conn) clientHandshake() error { extendedMasterSecret: c.config.maxVersion() >= VersionTLS10, srtpProtectionProfiles: c.config.SRTPProtectionProfiles, srtpMasterKeyIdentifier: c.config.Bugs.SRTPMasterKeyIdentifer, - customExtension: c.config.Bugs.CustomExtension, } if c.config.Bugs.SendClientVersion != 0 { @@ -125,10 +123,6 @@ NextCipherSuite: } } - if c.config.Bugs.SendRenegotiationSCSV { - hello.cipherSuites = append(hello.cipherSuites, renegotiationSCSV) - } - if c.config.Bugs.SendFallbackSCSV { hello.cipherSuites = append(hello.cipherSuites, fallbackSCSV) } @@ -278,10 +272,6 @@ NextCipherSuite: return fmt.Errorf("tls: server selected an unsupported cipher suite") } - if c.config.Bugs.RequireRenegotiationInfo && serverHello.secureRenegotiation == nil { - return errors.New("tls: renegotiation extension missing") - } - if len(c.clientVerify) > 0 && !c.config.Bugs.NoRenegotiationInfo { var expectedRenegInfo []byte expectedRenegInfo = append(expectedRenegInfo, c.clientVerify...) @@ -292,12 +282,6 @@ NextCipherSuite: } } - if expected := c.config.Bugs.ExpectedCustomExtension; expected != nil { - if serverHello.customExtension != *expected { - return fmt.Errorf("tls: bad custom extension contents %q", serverHello.customExtension) - } - } - hs := &clientHandshakeState{ c: c, serverHello: serverHello, @@ -372,7 +356,6 @@ NextCipherSuite: copy(c.clientRandom[:], hs.hello.random) copy(c.serverRandom[:], hs.serverHello.random) copy(c.masterSecret[:], hs.masterSecret) - return nil } @@ -624,9 +607,6 @@ func (hs *clientHandshakeState) doFullHandshake() error { c.sendAlert(alertInternalError) return err } - if c.config.Bugs.InvalidCertVerifySignature { - digest[0] ^= 0x80 - } switch key := c.config.Certificates[0].PrivateKey.(type) { case *ecdsa.PrivateKey: @@ -750,28 +730,13 @@ func (hs *clientHandshakeState) processServerHello() (bool, error) { return false, errors.New("tls: server resumed session on renegotiation") } - if hs.serverHello.sctList != nil { - return false, errors.New("tls: server sent SCT extension on session resumption") - } - - if hs.serverHello.ocspStapling { - return false, errors.New("tls: server sent OCSP extension on session resumption") - } - // Restore masterSecret and peerCerts from previous state hs.masterSecret = hs.session.masterSecret c.peerCertificates = hs.session.serverCertificates c.extendedMasterSecret = hs.session.extendedMasterSecret - c.sctList = hs.session.sctList - c.ocspResponse = hs.session.ocspResponse hs.finishedHash.discardHandshakeBuffer() return true, nil } - - if hs.serverHello.sctList != nil { - c.sctList = hs.serverHello.sctList - } - return false, nil } @@ -818,14 +783,9 @@ func (hs *clientHandshakeState) readSessionTicket() error { masterSecret: hs.masterSecret, handshakeHash: hs.finishedHash.server.Sum(nil), serverCertificates: c.peerCertificates, - sctList: c.sctList, - ocspResponse: c.ocspResponse, } if !hs.serverHello.ticketSupported { - if c.config.Bugs.ExpectNewTicket { - return errors.New("tls: expected new ticket") - } if hs.session == nil && len(hs.serverHello.sessionId) > 0 { session.sessionId = hs.serverHello.sessionId hs.session = session |