Fix test_client_hello with no-tls1_2_method

The extensions not sent when TLS 1.2 is not used caused the message length to be 109, which is less than the 127 threshold needed to activate the F5 workaround. Add another 20 bytes of dummy ALPN data do push it over the threshold. Also, fix the definition of the (unused) local macro indicating the threshold. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4346)

Fix test_client_hello with no-tls1_2_method
The extensions not sent when TLS 1.2 is not used caused the message length to be 109, which is less than the 127 threshold needed to activate the F5 workaround. Add another 20 bytes of dummy ALPN data do push it over the threshold. Also, fix the definition of the (unused) local macro indicating the threshold. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4346)
511fbc60 · Benjamin Kaduk · 1c259bb5 · 511fbc60
隐藏空白更改
内联并排

Showing with 3 addition and 2 deletion

test/clienthellotest.c test/clienthellotest.c +3 -2

未找到文件。
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -40,14 +40,15 @@
 */
 #define TEST_ADD_PADDING_AND_PSK                3

-#define F5_WORKAROUND_MIN_MSG_LEN   0xff
+#define F5_WORKAROUND_MIN_MSG_LEN   0x7f
 #define F5_WORKAROUND_MAX_MSG_LEN   0x200

 static const char *sessionfile = NULL;
 /* Dummy ALPN protocols used to pad out the size of the ClientHello */
 static const char alpn_prots[] =
    "0123456789012345678901234567890123456789012345678901234567890123456789"
-    "0123456789012345678901234567890123456789012345678901234567890123456789";
+    "0123456789012345678901234567890123456789012345678901234567890123456789"
+    "01234567890123456789";

 static int test_client_hello(int currtest)
 {