diff options
author | Steven Valdez <svaldez@chromium.org> | 2017-11-11 21:38:15 -0500 |
---|---|---|
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | 2017-11-12 03:26:05 +0000 |
commit | ba8f1864c15ec938ce0851f416663511c89f454a (patch) | |
tree | a82c295875e9a9eda6b6aad9c81360674cc9c676 | |
parent | 4ddbc7bd0d540672a57d5c9d4eb7d2d977553571 (diff) | |
download | boringssl-ba8f1864c15ec938ce0851f416663511c89f454a.zip boringssl-ba8f1864c15ec938ce0851f416663511c89f454a.tar.gz boringssl-ba8f1864c15ec938ce0851f416663511c89f454a.tar.bz2 |
Disable 'draft 22' by default.
Change-Id: I1a0f264cbfa0eb5d4adac96d0fc24fa342f2b6a3
Reviewed-on: https://boringssl-review.googlesource.com/22946
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
-rw-r--r-- | ssl/ssl_versions.cc | 12 | ||||
-rw-r--r-- | ssl/test/runner/runner.go | 2 |
2 files changed, 8 insertions, 6 deletions
diff --git a/ssl/ssl_versions.cc b/ssl/ssl_versions.cc index a356ed1..15b0294 100644 --- a/ssl/ssl_versions.cc +++ b/ssl/ssl_versions.cc @@ -338,13 +338,15 @@ bool ssl_supports_version(SSL_HANDSHAKE *hs, uint16_t version) { // The server, when not configured at |tls13_default|, should additionally // enable all variants, except draft-21 which is implemented solely for QUIC - // interop testing and will not be deployed. Currently, this is to implement - // the draft-18 vs. experiments field trials. In the future, this will be to - // transition cleanly to a future draft-22 which hopefully includes the - // deployability fixes. + // interop testing and will not be deployed, and draft-22 which will be + // enabled once the draft is finalized and ready to be deployed in Chrome. + // Currently, this is to implement the draft-18 vs. experiments field trials. + // In the future, this will be to transition cleanly to a final draft-22 + // which hopefully includes the deployability fixes. if (ssl->server && ssl->tls13_variant != tls13_default && - version != TLS1_3_DRAFT21_VERSION) { + version != TLS1_3_DRAFT21_VERSION && + version != TLS1_3_DRAFT22_VERSION) { return true; } diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go index b6aa4a1..57bc20c 100644 --- a/ssl/test/runner/runner.go +++ b/ssl/test/runner/runner.go @@ -5215,7 +5215,7 @@ func addVersionNegotiationTests() { if expectedVersion == VersionTLS13 && runnerVers.tls13Variant != shimVers.tls13Variant { expectedClientVersion = VersionTLS12 expectedServerVersion = VersionTLS12 - if shimVers.tls13Variant != TLS13Default && runnerVers.tls13Variant != TLS13Draft21 { + if shimVers.tls13Variant != TLS13Default && runnerVers.tls13Variant != TLS13Draft21 && runnerVers.tls13Variant != TLS13Draft22 { expectedServerVersion = VersionTLS13 } } |