commit 4c22c5fad19b2a554bcb056ca25ca4cc2ef6a45c
author Robert Sloan <varomodt@google.com> Fri Mar 01 15:53:37 2019 -0800
committer Robert Sloan <varomodt@google.com> Fri Mar 01 16:02:19 2019 -0800
tree fb0dc666dadcc955218e7a701ea482a9270d1a53
parent b6b07c32187eec60f4c9f27e0959c58d145f87ef

external/boringssl: Sync to c3889634a1aa52575c5d26497696238208fbd0f5.

This includes the following changes:

https://boringssl.googlesource.com/boringssl/+log/41c10e2b5f37edce8b9f292f7f3bacb7e30e25c4..c3889634a1aa52575c5d26497696238208fbd0f5

Test: atest CtsLibcoreTestCases
Change-Id: Ia1c2941ccf58a9e0d736b3409a2d13c21603a205

src/ssl/test/runner/handshake_server.go

diff --git a/src/ssl/test/runner/handshake_server.go b/src/ssl/test/runner/handshake_server.go
index 5486342..d2ef9b4 100644
--- a/src/ssl/test/runner/handshake_server.go
+++ b/src/ssl/test/runner/handshake_server.go
@@ -881,10 +881,10 @@
 					data: certData,
 				}
 				if i == 0 {
-					if hs.clientHello.ocspStapling {
+					if hs.clientHello.ocspStapling && !c.config.Bugs.NoOCSPStapling {
 						cert.ocspResponse = hs.cert.OCSPStaple
 					}
-					if hs.clientHello.sctListSupported {
+					if hs.clientHello.sctListSupported && !c.config.Bugs.NoSignedCertificateTimestamps {
 						cert.sctList = hs.cert.SignedCertificateTimestampList
 					}
 					cert.duplicateExtensions = config.Bugs.SendDuplicateCertExtensions
@@ -1577,11 +1577,11 @@
 	c := hs.c
 
 	isPSK := hs.suite.flags&suitePSK != 0
-	if !isPSK && hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 {
+	if !isPSK && hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 && !c.config.Bugs.NoOCSPStapling {
 		hs.hello.extensions.ocspStapling = true
 	}
 
-	if hs.clientHello.sctListSupported && len(hs.cert.SignedCertificateTimestampList) > 0 {
+	if hs.clientHello.sctListSupported && len(hs.cert.SignedCertificateTimestampList) > 0 && !c.config.Bugs.NoSignedCertificateTimestamps {
 		hs.hello.extensions.sctList = hs.cert.SignedCertificateTimestampList
 	}