summaryrefslogtreecommitdiffstats
path: root/src/ssl/test/runner/handshake_client.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/test/runner/handshake_client.go')
-rw-r--r--src/ssl/test/runner/handshake_client.go42
1 files changed, 1 insertions, 41 deletions
diff --git a/src/ssl/test/runner/handshake_client.go b/src/ssl/test/runner/handshake_client.go
index a3ce686..a950313 100644
--- a/src/ssl/test/runner/handshake_client.go
+++ b/src/ssl/test/runner/handshake_client.go
@@ -45,7 +45,7 @@ func (c *Conn) clientHandshake() error {
nextProtosLength := 0
for _, proto := range c.config.NextProtos {
- if l := len(proto); l > 255 {
+ if l := len(proto); l == 0 || l > 255 {
return errors.New("tls: invalid NextProtos value")
} else {
nextProtosLength += 1 + l
@@ -61,7 +61,6 @@ func (c *Conn) clientHandshake() error {
compressionMethods: []uint8{compressionNone},
random: make([]byte, 32),
ocspStapling: true,
- sctListSupported: true,
serverName: c.config.ServerName,
supportedCurves: c.config.curvePreferences(),
supportedPoints: []uint8{pointFormatUncompressed},
@@ -74,7 +73,6 @@ func (c *Conn) clientHandshake() error {
extendedMasterSecret: c.config.maxVersion() >= VersionTLS10,
srtpProtectionProfiles: c.config.SRTPProtectionProfiles,
srtpMasterKeyIdentifier: c.config.Bugs.SRTPMasterKeyIdentifer,
- customExtension: c.config.Bugs.CustomExtension,
}
if c.config.Bugs.SendClientVersion != 0 {
@@ -125,10 +123,6 @@ NextCipherSuite:
}
}
- if c.config.Bugs.SendRenegotiationSCSV {
- hello.cipherSuites = append(hello.cipherSuites, renegotiationSCSV)
- }
-
if c.config.Bugs.SendFallbackSCSV {
hello.cipherSuites = append(hello.cipherSuites, fallbackSCSV)
}
@@ -278,10 +272,6 @@ NextCipherSuite:
return fmt.Errorf("tls: server selected an unsupported cipher suite")
}
- if c.config.Bugs.RequireRenegotiationInfo && serverHello.secureRenegotiation == nil {
- return errors.New("tls: renegotiation extension missing")
- }
-
if len(c.clientVerify) > 0 && !c.config.Bugs.NoRenegotiationInfo {
var expectedRenegInfo []byte
expectedRenegInfo = append(expectedRenegInfo, c.clientVerify...)
@@ -292,12 +282,6 @@ NextCipherSuite:
}
}
- if expected := c.config.Bugs.ExpectedCustomExtension; expected != nil {
- if serverHello.customExtension != *expected {
- return fmt.Errorf("tls: bad custom extension contents %q", serverHello.customExtension)
- }
- }
-
hs := &clientHandshakeState{
c: c,
serverHello: serverHello,
@@ -372,7 +356,6 @@ NextCipherSuite:
copy(c.clientRandom[:], hs.hello.random)
copy(c.serverRandom[:], hs.serverHello.random)
copy(c.masterSecret[:], hs.masterSecret)
-
return nil
}
@@ -624,9 +607,6 @@ func (hs *clientHandshakeState) doFullHandshake() error {
c.sendAlert(alertInternalError)
return err
}
- if c.config.Bugs.InvalidCertVerifySignature {
- digest[0] ^= 0x80
- }
switch key := c.config.Certificates[0].PrivateKey.(type) {
case *ecdsa.PrivateKey:
@@ -750,28 +730,13 @@ func (hs *clientHandshakeState) processServerHello() (bool, error) {
return false, errors.New("tls: server resumed session on renegotiation")
}
- if hs.serverHello.sctList != nil {
- return false, errors.New("tls: server sent SCT extension on session resumption")
- }
-
- if hs.serverHello.ocspStapling {
- return false, errors.New("tls: server sent OCSP extension on session resumption")
- }
-
// Restore masterSecret and peerCerts from previous state
hs.masterSecret = hs.session.masterSecret
c.peerCertificates = hs.session.serverCertificates
c.extendedMasterSecret = hs.session.extendedMasterSecret
- c.sctList = hs.session.sctList
- c.ocspResponse = hs.session.ocspResponse
hs.finishedHash.discardHandshakeBuffer()
return true, nil
}
-
- if hs.serverHello.sctList != nil {
- c.sctList = hs.serverHello.sctList
- }
-
return false, nil
}
@@ -818,14 +783,9 @@ func (hs *clientHandshakeState) readSessionTicket() error {
masterSecret: hs.masterSecret,
handshakeHash: hs.finishedHash.server.Sum(nil),
serverCertificates: c.peerCertificates,
- sctList: c.sctList,
- ocspResponse: c.ocspResponse,
}
if !hs.serverHello.ticketSupported {
- if c.config.Bugs.ExpectNewTicket {
- return errors.New("tls: expected new ticket")
- }
if hs.session == nil && len(hs.serverHello.sessionId) > 0 {
session.sessionId = hs.serverHello.sessionId
hs.session = session