Fix the tests following the state machine changes for TLSv1.3

Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-11-11 16:22:19 +0000
committer: Matt Caswell <matt@openssl.org> 2016-11-23 15:31:21 +0000
commit: 9970290e1d984bf8cc1dce7093bca915062cfdd7 (patch)
tree: a904625ae6a0fa9fdbfc87aa3d02bc1fde32f203 /test/asynciotest.c
parent: 6484776f177b38dd668618a75bee58674ca42578 (diff)
1 files changed, 20 insertions, 4 deletions
diff --git a/test/asynciotest.c b/test/asynciotest.c
index a4f43f8127..d7b1dd3860 100644
--- a/test/asynciotest.c
+++ b/test/asynciotest.c
@@ -142,8 +142,9 @@ static int async_write(BIO *bio, const char *in, int inl)
                 abort();
 
             while (PACKET_remaining(&pkt) > 0) {
-                PACKET payload;
+                PACKET payload, wholebody;
                 unsigned int contenttype, versionhi, versionlo, data;
+                unsigned int msgtype = 0, negversion;
 
                 if (   !PACKET_get_1(&pkt, &contenttype)
                     || !PACKET_get_1(&pkt, &versionhi)
@@ -154,6 +155,17 @@ static int async_write(BIO *bio, const char *in, int inl)
                 /* Pretend we wrote out the record header */
                 written += SSL3_RT_HEADER_LENGTH;
 
+                wholebody = payload;
+                if (contenttype == SSL3_RT_HANDSHAKE
+                        && !PACKET_get_1(&wholebody, &msgtype))
+                    abort();
+
+                if (msgtype == SSL3_MT_SERVER_HELLO
+                        && (!PACKET_forward(&wholebody,
+                                            SSL3_HM_HEADER_LENGTH - 1)
+                            || !PACKET_get_net_2(&wholebody, &negversion)))
+                    abort();
+
                 while (PACKET_get_1(&payload, &data)) {
                     /* Create a new one byte long record for each byte in the
                      * record in the input buffer
@@ -177,10 +189,14 @@ static int async_write(BIO *bio, const char *in, int inl)
                     written++;
                 }
                 /*
-                 * We can't fragment anything after the CCS, otherwise we
-                 * get a bad record MAC
+                 * We can't fragment anything after the ServerHello (or CCS <=
+                 * TLS1.2), otherwise we get a bad record MAC
+                 * TODO(TLS1.3): Change TLS1_3_VERSION_DRAFT to TLS1_3_VERSION
+                 * before release
                  */
-                if (contenttype == SSL3_RT_CHANGE_CIPHER_SPEC) {
+                if (contenttype == SSL3_RT_CHANGE_CIPHER_SPEC
+                        || (negversion == TLS1_3_VERSION_DRAFT
+                            && msgtype == SSL3_MT_SERVER_HELLO)) {
                     fragment = 0;
                     break;
                 }
author	Matt Caswell <matt@openssl.org>	2016-11-11 16:22:19 +0000
committer	Matt Caswell <matt@openssl.org>	2016-11-23 15:31:21 +0000
commit	9970290e1d984bf8cc1dce7093bca915062cfdd7 (patch)
tree	a904625ae6a0fa9fdbfc87aa3d02bc1fde32f203 /test/asynciotest.c
parent	6484776f177b38dd668618a75bee58674ca42578 (diff)