diff --git a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegate.java b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegate.java index 569b6c864..0cf45b974 100644 --- a/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegate.java +++ b/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegate.java @@ -49,7 +49,8 @@ public void applyDelegate(Config config) { th = TransportHandlerType.UDP; config.setDefaultLayerConfiguration(StackConfiguration.DTLS); config.setWorkflowExecutorType(WorkflowExecutorType.DTLS); - config.setFinishWithCloseNotify(true); + // Do not override finishWithCloseNotify - respect the configuration value + // whether it comes from XML or defaults config.setIgnoreRetransmittedCssInDtls(true); } diff --git a/TLS-Core/src/test/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegateTest.java b/TLS-Core/src/test/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegateTest.java index 50d5603ef..1ed398305 100644 --- a/TLS-Core/src/test/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegateTest.java +++ b/TLS-Core/src/test/java/de/rub/nds/tlsattacker/core/config/delegate/ProtocolVersionDelegateTest.java @@ -91,4 +91,69 @@ public void testNothingSetNothingChanges() { delegate.applyDelegate(config); assertTrue(EqualsBuilder.reflectionEquals(config, config2, "certificateChainConfig")); } + + @Test + public void testDTLSVersionDoesNotOverrideFinishWithCloseNotify() { + // Test that setting DTLS version does not override finishWithCloseNotify setting + Config config = new Config(); + + // Test with default false value + assertFalse(config.isFinishWithCloseNotify()); + + String[] args = new String[2]; + args[0] = "-version"; + args[1] = "DTLS12"; + jcommander.parse(args); + delegate.applyDelegate(config); + + // Should remain false after applying DTLS version + assertFalse(config.isFinishWithCloseNotify()); + assertSame(ProtocolVersion.DTLS12, config.getHighestProtocolVersion()); + assertSame( + TransportHandlerType.UDP, + config.getDefaultClientConnection().getTransportHandlerType()); + assertSame( + TransportHandlerType.UDP, + config.getDefaultServerConnection().getTransportHandlerType()); + } + + @Test + public void testDTLSVersionPreservesExplicitFinishWithCloseNotify() { + // Test that explicitly set finishWithCloseNotify is preserved + Config config = new Config(); + + // Explicitly set to true + config.setFinishWithCloseNotify(true); + assertTrue(config.isFinishWithCloseNotify()); + + String[] args = new String[2]; + args[0] = "-version"; + args[1] = "DTLS12"; + jcommander.parse(args); + delegate.applyDelegate(config); + + // Should remain true + assertTrue(config.isFinishWithCloseNotify()); + assertSame(ProtocolVersion.DTLS12, config.getHighestProtocolVersion()); + } + + @Test + public void testDTLS10VersionBehavior() { + // Test DTLS 1.0 as well + Config config = new Config(); + config.setFinishWithCloseNotify(false); + + String[] args = new String[2]; + args[0] = "-version"; + args[1] = "DTLS10"; + jcommander.parse(args); + delegate.applyDelegate(config); + + // Should remain false + assertFalse(config.isFinishWithCloseNotify()); + assertSame(ProtocolVersion.DTLS10, config.getHighestProtocolVersion()); + assertSame( + TransportHandlerType.UDP, + config.getDefaultClientConnection().getTransportHandlerType()); + } }