From 511fbc60d4b6ab5b4ab3a7ad79be6abe898189da Mon Sep 17 00:00:00 2001 From: Benjamin Kaduk Date: Thu, 7 Sep 2017 13:21:56 -0500 Subject: [PATCH] Fix test_client_hello with no-tls1_2_method The extensions not sent when TLS 1.2 is not used caused the message length to be 109, which is less than the 127 threshold needed to activate the F5 workaround. Add another 20 bytes of dummy ALPN data do push it over the threshold. Also, fix the definition of the (unused) local macro indicating the threshold. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/4346) --- test/clienthellotest.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/test/clienthellotest.c b/test/clienthellotest.c index ee2d0ba274..acd27d4a2b 100644 --- a/test/clienthellotest.c +++ b/test/clienthellotest.c @@ -40,14 +40,15 @@ */ #define TEST_ADD_PADDING_AND_PSK 3 -#define F5_WORKAROUND_MIN_MSG_LEN 0xff +#define F5_WORKAROUND_MIN_MSG_LEN 0x7f #define F5_WORKAROUND_MAX_MSG_LEN 0x200 static const char *sessionfile = NULL; /* Dummy ALPN protocols used to pad out the size of the ClientHello */ static const char alpn_prots[] = "0123456789012345678901234567890123456789012345678901234567890123456789" - "0123456789012345678901234567890123456789012345678901234567890123456789"; + "0123456789012345678901234567890123456789012345678901234567890123456789" + "01234567890123456789"; static int test_client_hello(int currtest) { -- 2.25.1