diff options
Diffstat (limited to 'gtests/nss_bogo_shim')
-rw-r--r-- | gtests/nss_bogo_shim/config.json | 2 | ||||
-rw-r--r-- | gtests/nss_bogo_shim/nss_bogo_shim.cc | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/gtests/nss_bogo_shim/config.json b/gtests/nss_bogo_shim/config.json index 220d3394a..4223cff42 100644 --- a/gtests/nss_bogo_shim/config.json +++ b/gtests/nss_bogo_shim/config.json @@ -43,8 +43,8 @@ "*ECH*SkipInvalidPublicName*":"NSS allows hostnames to include underscores in contrary to the spec. Bug 1136616", "*ECH*CompressSupportedVersions":"NSS never compresses supported versions, Bogo does if CHOuter is TLS 1.3 only (equal to CHInner).", "*ECH*NoSupportedConfigs*":"NSS throws error if unsupported but well formed retry configs could not be set on client, Bogo just does not offer ECH.", - "*ECH*ServerName*":"TODO", "*ECH*RandomHRRExtension*":"TODO", + "*ECH*ServerName*":"TODO", "####################":"####################", "### TLS1/11 failures due to unsupported signature algorithms":"", diff --git a/gtests/nss_bogo_shim/nss_bogo_shim.cc b/gtests/nss_bogo_shim/nss_bogo_shim.cc index 8871c2c8f..e23b3c4f1 100644 --- a/gtests/nss_bogo_shim/nss_bogo_shim.cc +++ b/gtests/nss_bogo_shim/nss_bogo_shim.cc @@ -590,6 +590,17 @@ class TestAgent { } } + if (cfg_.get<bool>("expect-hrr")) { + sslSocket* ss = ssl_FindSocket(ssl_fd_.get()); + if (!ss) { + return SECFailure; + } + if (!ss->ssl3.hs.helloRetry) { + std::cerr << "Expected HRR" << std::endl; + return SECFailure; + } + } + return SECSuccess; } @@ -631,6 +642,7 @@ std::unique_ptr<const Config> ReadConfig(int argc, char** argv) { cfg->AddEntry<std::string>("host-name", ""); cfg->AddEntry<std::string>("ech-config-list", ""); cfg->AddEntry<bool>("expect-ech-accept", false); + cfg->AddEntry<bool>("expect-hrr", false); cfg->AddEntry<bool>("enable-ech-grease", false); auto rv = cfg->ParseArgs(argc, argv); |