From d82cb03debff0180aa705129e8a00e89c3fe8251 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Fri, 16 May 2025 15:05:43 -0400 Subject: [PATCH] crypto/tls: update BoGo SessionID test skip reasons Updates the skip reason for the following BoGo tests: * TLS-ECH-Client-TLS12SessionID * SupportTicketsWithSessionID * ResumeTLS12SessionID-TLS13 The crypto/tls package does not support session ID based resumption at this time, and so any tests that rely on this support need to be skipped. Updates #72006 Updates #25228 Change-Id: I27a2cd231e4b8762b0d9e2dbd3d8ddd5b87fd5d0 Reviewed-on: https://go-review.googlesource.com/c/go/+/673737 TryBot-Bypass: Daniel McCarney Reviewed-by: David Chase Reviewed-by: Filippo Valsorda Reviewed-by: Roland Shoemaker --- src/crypto/tls/bogo_config.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/crypto/tls/bogo_config.json b/src/crypto/tls/bogo_config.json index d46b073029..6d764daa61 100644 --- a/src/crypto/tls/bogo_config.json +++ b/src/crypto/tls/bogo_config.json @@ -8,7 +8,7 @@ "TLS-ECH-Client-Rejected-OverrideName-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled", "TLS-ECH-Client-Reject-TLS12-NoFalseStart": "We won't attempt to negotiate 1.2 if ECH is enabled", "TLS-ECH-Client-TLS12SessionTicket": "We won't attempt to negotiate 1.2 if ECH is enabled", - "TLS-ECH-Client-TLS12SessionID": "We won't attempt to negotiate 1.2 if ECH is enabled", + "TLS-ECH-Client-TLS12SessionID": "We won't attempt to negotiate 1.2 if ECH is enabled, and we don't support session ID resumption", "TLS-ECH-Client-Reject-ResumeInnerSession-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled (we could possibly test this if we had the ability to indicate not to send ECH on resumption?)", @@ -61,7 +61,7 @@ "BadRSAClientKeyExchange-4": "crypto/tls doesn't check the version number in the premaster secret - see processClientKeyExchange comment", "BadRSAClientKeyExchange-5": "crypto/tls doesn't check the version number in the premaster secret - see processClientKeyExchange comment", "CheckLeafCurve": "TODO: first pass, this should be fixed", - "SupportTicketsWithSessionID": "TODO: first pass, this should be fixed", + "SupportTicketsWithSessionID": "We don't support session ID resumption", "KeyUpdate-RequestACK": "TODO: first pass, this should be fixed", "SupportedVersionSelection-TLS12": "TODO: first pass, this should be fixed", "DuplicateExtensionServer-TLS-TLS1": "TODO: first pass, this should be fixed", @@ -159,7 +159,7 @@ "TrailingMessageData-TLS13-ClientCertificate-TLS": "TODO: first pass, this should be fixed", "TrailingMessageData-TLS13-ClientCertificateVerify-TLS": "TODO: first pass, this should be fixed", "TrailingMessageData-TLS13-ServerCertificate-TLS": "TODO: first pass, this should be fixed", - "ResumeTLS12SessionID-TLS13": "TODO: first pass, this should be fixed", + "ResumeTLS12SessionID-TLS13": "We don't support session ID resumption", "SkipEarlyData-TLS13": "TODO: first pass, this should be fixed", "DuplicateKeyShares-TLS13": "TODO: first pass, this should be fixed", "Server-TooLongSessionID-TLS13": "TODO: first pass, this should be fixed", -- 2.50.0