Rhys Hiltner (Gerrit)

unread,

1:09 PM (11 hours ago) 1:09 PM

to goph...@pubsubhelper.golang.org, Rhys Hiltner, golang-co...@googlegroups.com

Rhys Hiltner has uploaded the change for review

Commit message

internal/quic/cmd/interop: test ChaCha20 on server

The QUIC interop test suite confirms support for ChaCha20. Go's TLS
implementation doesn't allow configuring ciphersuites for TLS 1.3, so we
cannot force the client hello to offer only ChaCha20 as the test
requires.

When acting as a server, we still cannot control which ciphersuites we
offer, but we can make the binary choice of whether we respond to the
client hello (which includes its offer of ciphersuites).

Use that to implement the server side of the ChaCha20 interop test. This
tells a more complete story of our level of ChaCha20 support: it works
when negotiated.

Fixes golang/go#TBD

Change-Id: I1d8d08e4f4b8eb89bf11e9e4ae1aaa5c0709a530

Change diff

diff --git a/internal/quic/cmd/interop/main.go b/internal/quic/cmd/interop/main.go
index 5b652a2..65142ad 100644
--- a/internal/quic/cmd/interop/main.go
+++ b/internal/quic/cmd/interop/main.go
@@ -84,7 +84,17 @@
 		// "[...] offer only ChaCha20 as a ciphersuite."
 		//
 		// crypto/tls does not support configuring TLS 1.3 ciphersuites,
-		// so we can't support this test.
+		// so we can't support this test on the client.
+		if *listen != "" && len(urls) == 0 {
+			config.TLSConfig.GetConfigForClient = func(hello *tls.ClientHelloInfo) (*tls.Config, error) {
+				if len(hello.CipherSuites) == 1 && hello.CipherSuites[0] == tls.TLS_CHACHA20_POLY1305_SHA256 {
+					return nil, nil
+				}
+				return nil, fmt.Errorf("this test requires the client to offer only ChaCha20")
+			}
+			basicTest(ctx, config, urls)
+			return
+		}
 	case "transfer":
 		// "The client should use small initial flow control windows
 		// for both stream- and connection-level flow control

Change information

Files:

M internal/quic/cmd/interop/main.go

Change size: S

Delta: 1 file changed, 11 insertions(+), 1 deletion(-)

Open in Gerrit

Related details

Attention set is empty

Submit Requirements:

Code-Review
No-Unresolved-Comments
Review-Enforcement
TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

unsatisfied_requirement

satisfied_requirement

open

diffy

Rhys Hiltner (Gerrit)

unread,

1:09 PM (11 hours ago) 1:09 PM

to Rhys Hiltner, goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Rhys Hiltner voted Commit-Queue+1

Commit-Queue

+1

Open in Gerrit

Related details

Attention set is empty

Submit Requirements:

Code-Review
No-Unresolved-Comments
Review-Enforcement
TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

unsatisfied_requirement

satisfied_requirement

open

diffy

Rhys Hiltner (Gerrit)

unread,

1:47 PM (10 hours ago) 1:47 PM

to Rhys Hiltner, goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Attention needed from Damien Neil and Ian Lance Taylor

Rhys Hiltner uploaded new patchset

Rhys Hiltner uploaded patch set #2 to this change.

Open in Gerrit

Related details

Attention is currently required from:

Damien Neil
Ian Lance Taylor

Submit Requirements:

Code-Review
No-Unresolved-Comments
Review-Enforcement

TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

unsatisfied_requirement

satisfied_requirement

open

diffy

Damien Neil (Gerrit)

unread,

3:04 PM (9 hours ago) 3:04 PM

to Rhys Hiltner, goph...@pubsubhelper.golang.org, Ian Lance Taylor, Gopher Robot, Go LUCI, golang-co...@googlegroups.com

Attention needed from Ian Lance Taylor and Rhys Hiltner

Damien Neil voted and added 1 comment

Votes added by Damien Neil

Code-Review

+2

1 comment

Patchset-level comments

File-level comment, Patchset 2 (Latest):

Damien Neil . resolved

Thanks. A bit weird to only support this test with clients other than ourselves, but works.

Open in Gerrit

Related details

Attention is currently required from:

Ian Lance Taylor
Rhys Hiltner

Submit Requirements:

Code-Review

No-Unresolved-Comments
Review-Enforcement
TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Dmitri Shuralyov (Gerrit)

unread,

3:52 PM (8 hours ago) 3:52 PM

to Rhys Hiltner, goph...@pubsubhelper.golang.org, Dmitri Shuralyov, Damien Neil, Ian Lance Taylor, Gopher Robot, Go LUCI, golang-co...@googlegroups.com

Attention needed from Ian Lance Taylor and Rhys Hiltner

Dmitri Shuralyov voted Code-Review+1

Code-Review

+1

Open in Gerrit

Related details

Attention is currently required from:

Ian Lance Taylor
Rhys Hiltner

Submit Requirements:

Code-Review
No-Unresolved-Comments

Review-Enforcement
TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

open

diffy

Damien Neil (Gerrit)

unread,

4:26 PM (7 hours ago) 4:26 PM

to Rhys Hiltner, goph...@pubsubhelper.golang.org, Dmitri Shuralyov, Dmitri Shuralyov, Ian Lance Taylor, Gopher Robot, Go LUCI, golang-co...@googlegroups.com

Attention needed from Ian Lance Taylor and Rhys Hiltner

Damien Neil voted Auto-Submit+1

Auto-Submit

+1

satisfied_requirement

open

diffy

Gopher Robot (Gerrit)

unread,

4:27 PM (7 hours ago) 4:27 PM

to Rhys Hiltner, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Damien Neil, Dmitri Shuralyov, Dmitri Shuralyov, Ian Lance Taylor, Go LUCI, golang-co...@googlegroups.com

Gopher Robot submitted the change

Change information

Commit message:

internal/quic/cmd/interop: test ChaCha20 on server

The QUIC interop test suite confirms support for ChaCha20. Go's TLS
implementation doesn't allow configuring ciphersuites for TLS 1.3, so we
cannot force the client hello to offer only ChaCha20 as the test
requires.

When acting as a server, we still cannot control which ciphersuites we
offer, but we can make the binary choice of whether we respond to the
client hello (which includes its offer of ciphersuites).

Use that to implement the server side of the ChaCha20 interop test. This
tells a more complete story of our level of ChaCha20 support: it works
when negotiated.

Fixes golang/go#75912

Change-Id: I1d8d08e4f4b8eb89bf11e9e4ae1aaa5c0709a530

Reviewed-on: https://go-review.googlesource.com/c/net/+/712120

LUCI-TryBot-Result: Go LUCI <golang...@luci-project-accounts.iam.gserviceaccount.com>

Auto-Submit: Damien Neil <dn...@google.com>

Reviewed-by: Dmitri Shuralyov <dmit...@google.com>

Reviewed-by: Damien Neil <dn...@google.com>

Files:

M internal/quic/cmd/interop/main.go

Change size: S

Delta: 1 file changed, 11 insertions(+), 1 deletion(-)

Branch: refs/heads/master

Submit Requirements:

Code-Review: +2 by Damien Neil, +1 by Dmitri Shuralyov
TryBots-Pass: LUCI-TryBot-Result+1 by Go LUCI

Open in Gerrit

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

open

diffy

satisfied_requirement

Reply all

Reply to author

Forward

[net] internal/quic/cmd/interop: test ChaCha20 on server

Rhys Hiltner (Gerrit)

Rhys Hiltner has uploaded the change for review

Commit message

Change diff

Change information

Related details

Rhys Hiltner (Gerrit)

Rhys Hiltner voted Commit-Queue+1

Related details

Rhys Hiltner (Gerrit)

Rhys Hiltner uploaded new patchset

Related details

Damien Neil (Gerrit)

Damien Neil voted and added 1 comment

Votes added by Damien Neil

1 comment

Related details

Dmitri Shuralyov (Gerrit)

Dmitri Shuralyov voted Code-Review+1

Related details

Damien Neil (Gerrit)

Damien Neil voted Auto-Submit+1

Gopher Robot (Gerrit)

Gopher Robot submitted the change

Change information