mbed TLS Build
Dependents: Encypting_Funcional
Diff: tests/ssl-opt.sh
- Revision:
- 0:cdf462088d13
diff -r 000000000000 -r cdf462088d13 tests/ssl-opt.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/ssl-opt.sh Thu Jan 05 00:18:44 2017 +0000 @@ -0,0 +1,3661 @@ +#!/bin/sh + +# ssl-opt.sh +# +# This file is part of mbed TLS (https://tls.mbed.org) +# +# Copyright (c) 2016, ARM Limited, All Rights Reserved +# +# Purpose +# +# Executes tests to prove various TLS/SSL options and extensions. +# +# The goal is not to cover every ciphersuite/version, but instead to cover +# specific options (max fragment length, truncated hmac, etc) or procedures +# (session resumption from cache or ticket, renego, etc). +# +# The tests assume a build with default options, with exceptions expressed +# with a dependency. The tests focus on functionality and do not consider +# performance. +# + +set -u + +# default values, can be overriden by the environment +: ${P_SRV:=../programs/ssl/ssl_server2} +: ${P_CLI:=../programs/ssl/ssl_client2} +: ${P_PXY:=../programs/test/udp_proxy} +: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system +: ${GNUTLS_CLI:=gnutls-cli} +: ${GNUTLS_SERV:=gnutls-serv} + +O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key" +O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client" +G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" +G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt" + +TESTS=0 +FAILS=0 +SKIPS=0 + +CONFIG_H='../include/mbedtls/config.h' + +MEMCHECK=0 +FILTER='.*' +EXCLUDE='^$' + +SHOW_TEST_NUMBER=0 +RUN_TEST_NUMBER='' + +PRESERVE_LOGS=0 + +print_usage() { + echo "Usage: $0 [options]" + printf " -h|--help\tPrint this help.\n" + printf " -m|--memcheck\tCheck memory leaks and errors.\n" + printf " -f|--filter\tOnly matching tests are executed (default: '$FILTER')\n" + printf " -e|--exclude\tMatching tests are excluded (default: '$EXCLUDE')\n" + printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" + printf " -s|--show-numbers\tShow test numbers in front of test names\n" + printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" + printf " --seed\tInteger seed value to use for this test run\n" +} + +get_options() { + while [ $# -gt 0 ]; do + case "$1" in + -f|--filter) + shift; FILTER=$1 + ;; + -e|--exclude) + shift; EXCLUDE=$1 + ;; + -m|--memcheck) + MEMCHECK=1 + ;; + -n|--number) + shift; RUN_TEST_NUMBER=$1 + ;; + -s|--show-numbers) + SHOW_TEST_NUMBER=1 + ;; + -p|--preserve-logs) + PRESERVE_LOGS=1 + ;; + --seed) + shift; SEED="$1" + ;; + -h|--help) + print_usage + exit 0 + ;; + *) + echo "Unknown argument: '$1'" + print_usage + exit 1 + ;; + esac + shift + done +} + +# skip next test if the flag is not enabled in config.h +requires_config_enabled() { + if grep "^#define $1" $CONFIG_H > /dev/null; then :; else + SKIP_NEXT="YES" + fi +} + +# skip next test if OpenSSL doesn't support FALLBACK_SCSV +requires_openssl_with_fallback_scsv() { + if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then + if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null + then + OPENSSL_HAS_FBSCSV="YES" + else + OPENSSL_HAS_FBSCSV="NO" + fi + fi + if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if GnuTLS isn't available +requires_gnutls() { + if [ -z "${GNUTLS_AVAILABLE:-}" ]; then + if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then + GNUTLS_AVAILABLE="YES" + else + GNUTLS_AVAILABLE="NO" + fi + fi + if [ "$GNUTLS_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if IPv6 isn't available on this host +requires_ipv6() { + if [ -z "${HAS_IPV6:-}" ]; then + $P_SRV server_addr='::1' > $SRV_OUT 2>&1 & + SRV_PID=$! + sleep 1 + kill $SRV_PID >/dev/null 2>&1 + if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then + HAS_IPV6="NO" + else + HAS_IPV6="YES" + fi + rm -r $SRV_OUT + fi + + if [ "$HAS_IPV6" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip the next test if valgrind is in use +not_with_valgrind() { + if [ "$MEMCHECK" -gt 0 ]; then + SKIP_NEXT="YES" + fi +} + +# skip the next test if valgrind is NOT in use +only_with_valgrind() { + if [ "$MEMCHECK" -eq 0 ]; then + SKIP_NEXT="YES" + fi +} + +# multiply the client timeout delay by the given factor for the next test +client_needs_more_time() { + CLI_DELAY_FACTOR=$1 +} + +# wait for the given seconds after the client finished in the next test +server_needs_more_time() { + SRV_DELAY_SECONDS=$1 +} + +# print_name <name> +print_name() { + TESTS=$(( $TESTS + 1 )) + LINE="" + + if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then + LINE="$TESTS " + fi + + LINE="$LINE$1" + printf "$LINE " + LEN=$(( 72 - `echo "$LINE" | wc -c` )) + for i in `seq 1 $LEN`; do printf '.'; done + printf ' ' + +} + +# fail <message> +fail() { + echo "FAIL" + echo " ! $1" + + mv $SRV_OUT o-srv-${TESTS}.log + mv $CLI_OUT o-cli-${TESTS}.log + if [ -n "$PXY_CMD" ]; then + mv $PXY_OUT o-pxy-${TESTS}.log + fi + echo " ! outputs saved to o-XXX-${TESTS}.log" + + if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot ]; then + echo " ! server output:" + cat o-srv-${TESTS}.log + echo " ! ========================================================" + echo " ! client output:" + cat o-cli-${TESTS}.log + if [ -n "$PXY_CMD" ]; then + echo " ! ========================================================" + echo " ! proxy output:" + cat o-pxy-${TESTS}.log + fi + echo "" + fi + + FAILS=$(( $FAILS + 1 )) +} + +# is_polar <cmd_line> +is_polar() { + echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null +} + +# openssl s_server doesn't have -www with DTLS +check_osrv_dtls() { + if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then + NEEDS_INPUT=1 + SRV_CMD="$( echo $SRV_CMD | sed s/-www// )" + else + NEEDS_INPUT=0 + fi +} + +# provide input to commands that need it +provide_input() { + if [ $NEEDS_INPUT -eq 0 ]; then + return + fi + + while true; do + echo "HTTP/1.0 200 OK" + sleep 1 + done +} + +# has_mem_err <log_file_name> +has_mem_err() { + if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && + grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null + then + return 1 # false: does not have errors + else + return 0 # true: has errors + fi +} + +# wait for server to start: two versions depending on lsof availability +wait_server_start() { + if which lsof >/dev/null 2>&1; then + START_TIME=$( date +%s ) + DONE=0 + + # make a tight loop, server usually takes less than 1 sec to start + if [ "$DTLS" -eq 1 ]; then + while [ $DONE -eq 0 ]; do + if lsof -nbi UDP:"$SRV_PORT" 2>/dev/null | grep UDP >/dev/null + then + DONE=1 + elif [ $(( $( date +%s ) - $START_TIME )) -gt $DOG_DELAY ]; then + echo "SERVERSTART TIMEOUT" + echo "SERVERSTART TIMEOUT" >> $SRV_OUT + DONE=1 + fi + done + else + while [ $DONE -eq 0 ]; do + if lsof -nbi TCP:"$SRV_PORT" 2>/dev/null | grep LISTEN >/dev/null + then + DONE=1 + elif [ $(( $( date +%s ) - $START_TIME )) -gt $DOG_DELAY ]; then + echo "SERVERSTART TIMEOUT" + echo "SERVERSTART TIMEOUT" >> $SRV_OUT + DONE=1 + fi + done + fi + else + sleep "$START_DELAY" + fi +} + +# wait for client to terminate and set CLI_EXIT +# must be called right after starting the client +wait_client_done() { + CLI_PID=$! + + CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR )) + CLI_DELAY_FACTOR=1 + + ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) & + DOG_PID=$! + + wait $CLI_PID + CLI_EXIT=$? + + kill $DOG_PID >/dev/null 2>&1 + wait $DOG_PID + + echo "EXIT: $CLI_EXIT" >> $CLI_OUT + + sleep $SRV_DELAY_SECONDS + SRV_DELAY_SECONDS=0 +} + +# check if the given command uses dtls and sets global variable DTLS +detect_dtls() { + if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then + DTLS=1 + else + DTLS=0 + fi +} + +# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] +# Options: -s pattern pattern that must be present in server output +# -c pattern pattern that must be present in client output +# -u pattern lines after pattern must be unique in client output +# -S pattern pattern that must be absent in server output +# -C pattern pattern that must be absent in client output +# -U pattern lines after pattern must be unique in server output +run_test() { + NAME="$1" + shift 1 + + if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then : + else + SKIP_NEXT="NO" + return + fi + + print_name "$NAME" + + # Do we only run numbered tests? + if [ "X$RUN_TEST_NUMBER" = "X" ]; then : + elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then : + else + SKIP_NEXT="YES" + fi + + # should we skip? + if [ "X$SKIP_NEXT" = "XYES" ]; then + SKIP_NEXT="NO" + echo "SKIP" + SKIPS=$(( $SKIPS + 1 )) + return + fi + + # does this test use a proxy? + if [ "X$1" = "X-p" ]; then + PXY_CMD="$2" + shift 2 + else + PXY_CMD="" + fi + + # get commands and client output + SRV_CMD="$1" + CLI_CMD="$2" + CLI_EXPECT="$3" + shift 3 + + # fix client port + if [ -n "$PXY_CMD" ]; then + CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g ) + else + CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g ) + fi + + # update DTLS variable + detect_dtls "$SRV_CMD" + + # prepend valgrind to our commands if active + if [ "$MEMCHECK" -gt 0 ]; then + if is_polar "$SRV_CMD"; then + SRV_CMD="valgrind --leak-check=full $SRV_CMD" + fi + if is_polar "$CLI_CMD"; then + CLI_CMD="valgrind --leak-check=full $CLI_CMD" + fi + fi + + TIMES_LEFT=2 + while [ $TIMES_LEFT -gt 0 ]; do + TIMES_LEFT=$(( $TIMES_LEFT - 1 )) + + # run the commands + if [ -n "$PXY_CMD" ]; then + echo "$PXY_CMD" > $PXY_OUT + $PXY_CMD >> $PXY_OUT 2>&1 & + PXY_PID=$! + # assume proxy starts faster than server + fi + + check_osrv_dtls + echo "$SRV_CMD" > $SRV_OUT + provide_input | $SRV_CMD >> $SRV_OUT 2>&1 & + SRV_PID=$! + wait_server_start + + echo "$CLI_CMD" > $CLI_OUT + eval "$CLI_CMD" >> $CLI_OUT 2>&1 & + wait_client_done + + # terminate the server (and the proxy) + kill $SRV_PID + wait $SRV_PID + if [ -n "$PXY_CMD" ]; then + kill $PXY_PID >/dev/null 2>&1 + wait $PXY_PID + fi + + # retry only on timeouts + if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then + printf "RETRY " + else + TIMES_LEFT=0 + fi + done + + # check if the client and server went at least to the handshake stage + # (useful to avoid tests with only negative assertions and non-zero + # expected client exit to incorrectly succeed in case of catastrophic + # failure) + if is_polar "$SRV_CMD"; then + if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi + fi + if is_polar "$CLI_CMD"; then + if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; + else + fail "server or client failed to reach handshake stage" + return + fi + fi + + # check server exit code + if [ $? != 0 ]; then + fail "server fail" + return + fi + + # check client exit code + if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \ + \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ] + then + fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)" + return + fi + + # check other assertions + # lines beginning with == are added by valgrind, ignore them + # lines with 'Serious error when reading debug info', are valgrind issues as well + while [ $# -gt 0 ] + do + case $1 in + "-s") + if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else + fail "pattern '$2' MUST be present in the Server output" + return + fi + ;; + + "-c") + if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else + fail "pattern '$2' MUST be present in the Client output" + return + fi + ;; + + "-S") + if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then + fail "pattern '$2' MUST NOT be present in the Server output" + return + fi + ;; + + "-C") + if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then + fail "pattern '$2' MUST NOT be present in the Client output" + return + fi + ;; + + # The filtering in the following two options (-u and -U) do the following + # - ignore valgrind output + # - filter out everything but lines right after the pattern occurances + # - keep one of each non-unique line + # - count how many lines remain + # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1 + # if there were no duplicates. + "-U") + if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then + fail "lines following pattern '$2' must be unique in Server output" + return + fi + ;; + + "-u") + if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then + fail "lines following pattern '$2' must be unique in Client output" + return + fi + ;; + + *) + echo "Unknown test: $1" >&2 + exit 1 + esac + shift 2 + done + + # check valgrind's results + if [ "$MEMCHECK" -gt 0 ]; then + if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then + fail "Server has memory errors" + return + fi + if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then + fail "Client has memory errors" + return + fi + fi + + # if we're here, everything is ok + echo "PASS" + if [ "$PRESERVE_LOGS" -gt 0 ]; then + mv $SRV_OUT o-srv-${TESTS}.log + mv $CLI_OUT o-cli-${TESTS}.log + fi + + rm -f $SRV_OUT $CLI_OUT $PXY_OUT +} + +cleanup() { + rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION + test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1 + test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1 + test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1 + test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1 + exit 1 +} + +# +# MAIN +# + +if cd $( dirname $0 ); then :; else + echo "cd $( dirname $0 ) failed" >&2 + exit 1 +fi + +get_options "$@" + +# sanity checks, avoid an avalanche of errors +if [ ! -x "$P_SRV" ]; then + echo "Command '$P_SRV' is not an executable file" + exit 1 +fi +if [ ! -x "$P_CLI" ]; then + echo "Command '$P_CLI' is not an executable file" + exit 1 +fi +if [ ! -x "$P_PXY" ]; then + echo "Command '$P_PXY' is not an executable file" + exit 1 +fi +if [ "$MEMCHECK" -gt 0 ]; then + if which valgrind >/dev/null 2>&1; then :; else + echo "Memcheck not possible. Valgrind not found" + exit 1 + fi +fi +if which $OPENSSL_CMD >/dev/null 2>&1; then :; else + echo "Command '$OPENSSL_CMD' not found" + exit 1 +fi + +# used by watchdog +MAIN_PID="$$" + +# be more patient with valgrind +if [ "$MEMCHECK" -gt 0 ]; then + START_DELAY=3 + DOG_DELAY=30 +else + START_DELAY=1 + DOG_DELAY=10 +fi +CLI_DELAY_FACTOR=1 +SRV_DELAY_SECONDS=0 + +# Pick a "unique" server port in the range 10000-19999, and a proxy port +PORT_BASE="0000$$" +PORT_BASE="$( printf $PORT_BASE | tail -c 4 )" +SRV_PORT="1$PORT_BASE" +PXY_PORT="2$PORT_BASE" +unset PORT_BASE + +# fix commands to use this port, force IPv4 while at it +# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later +P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" +P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" +P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" +O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" +O_CLI="$O_CLI -connect localhost:+SRV_PORT" +G_SRV="$G_SRV -p $SRV_PORT" +G_CLI="$G_CLI -p +SRV_PORT localhost" + +# Also pick a unique name for intermediate files +SRV_OUT="srv_out.$$" +CLI_OUT="cli_out.$$" +PXY_OUT="pxy_out.$$" +SESSION="session.$$" + +SKIP_NEXT="NO" + +trap cleanup INT TERM HUP + +# Basic test + +# Checks that: +# - things work with all ciphersuites active (used with config-full in all.sh) +# - the expected (highest security) parameters are selected +# ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) +run_test "Default" \ + "$P_SRV debug_level=3" \ + "$P_CLI" \ + 0 \ + -s "Protocol is TLSv1.2" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ + -s "client hello v3, signature_algorithm ext: 6" \ + -s "ECDHE curve: secp521r1" \ + -S "error" \ + -C "error" + +run_test "Default, DTLS" \ + "$P_SRV dtls=1" \ + "$P_CLI dtls=1" \ + 0 \ + -s "Protocol is DTLSv1.2" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" + +# Test for uniqueness of IVs in AEAD ciphersuites +run_test "Unique IV in GCM" \ + "$P_SRV exchanges=20 debug_level=4" \ + "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ + 0 \ + -u "IV used" \ + -U "IV used" + +# Tests for rc4 option + +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES +run_test "RC4: server disabled, client enabled" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 1 \ + -s "SSL - The server has no ciphersuites in common" + +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES +run_test "RC4: server half, client enabled" \ + "$P_SRV arc4=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 1 \ + -s "SSL - The server has no ciphersuites in common" + +run_test "RC4: server enabled, client disabled" \ + "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI" \ + 1 \ + -s "SSL - The server has no ciphersuites in common" + +run_test "RC4: both enabled" \ + "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The server has no ciphersuites in common" + +# Tests for Truncated HMAC extension + +run_test "Truncated HMAC: client default, server default" \ + "$P_SRV debug_level=4" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "dumping 'computed mac' (20 bytes)" \ + -S "dumping 'computed mac' (10 bytes)" + +run_test "Truncated HMAC: client disabled, server default" \ + "$P_SRV debug_level=4" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + trunc_hmac=0" \ + 0 \ + -s "dumping 'computed mac' (20 bytes)" \ + -S "dumping 'computed mac' (10 bytes)" + +run_test "Truncated HMAC: client enabled, server default" \ + "$P_SRV debug_level=4" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "dumping 'computed mac' (20 bytes)" \ + -S "dumping 'computed mac' (10 bytes)" + +run_test "Truncated HMAC: client enabled, server disabled" \ + "$P_SRV debug_level=4 trunc_hmac=0" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "dumping 'computed mac' (20 bytes)" \ + -S "dumping 'computed mac' (10 bytes)" + +run_test "Truncated HMAC: client enabled, server enabled" \ + "$P_SRV debug_level=4 trunc_hmac=1" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -S "dumping 'computed mac' (20 bytes)" \ + -s "dumping 'computed mac' (10 bytes)" + +# Tests for Encrypt-then-MAC extension + +run_test "Encrypt then MAC: default" \ + "$P_SRV debug_level=3 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -s "server hello, adding encrypt then mac extension" \ + -c "found encrypt_then_mac extension" \ + -c "using encrypt then mac" \ + -s "using encrypt then mac" + +run_test "Encrypt then MAC: client enabled, server disabled" \ + "$P_SRV debug_level=3 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 etm=1" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +run_test "Encrypt then MAC: client enabled, aead cipher" \ + "$P_SRV debug_level=3 etm=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI debug_level=3 etm=1" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +run_test "Encrypt then MAC: client enabled, stream cipher" \ + "$P_SRV debug_level=3 etm=1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -s "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +run_test "Encrypt then MAC: client disabled, server enabled" \ + "$P_SRV debug_level=3 etm=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 etm=0" \ + 0 \ + -C "client hello, adding encrypt_then_mac extension" \ + -S "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Encrypt then MAC: client SSLv3, server enabled" \ + "$P_SRV debug_level=3 min_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 force_version=ssl3" \ + 0 \ + -C "client hello, adding encrypt_then_mac extension" \ + -S "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Encrypt then MAC: client enabled, server SSLv3" \ + "$P_SRV debug_level=3 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=3 min_version=ssl3" \ + 0 \ + -c "client hello, adding encrypt_then_mac extension" \ + -S "found encrypt then mac extension" \ + -S "server hello, adding encrypt then mac extension" \ + -C "found encrypt_then_mac extension" \ + -C "using encrypt then mac" \ + -S "using encrypt then mac" + +# Tests for Extended Master Secret extension + +run_test "Extended Master Secret: default" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "client hello, adding extended_master_secret extension" \ + -s "found extended master secret extension" \ + -s "server hello, adding extended master secret extension" \ + -c "found extended_master_secret extension" \ + -c "using extended master secret" \ + -s "using extended master secret" + +run_test "Extended Master Secret: client enabled, server disabled" \ + "$P_SRV debug_level=3 extended_ms=0" \ + "$P_CLI debug_level=3 extended_ms=1" \ + 0 \ + -c "client hello, adding extended_master_secret extension" \ + -s "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +run_test "Extended Master Secret: client disabled, server enabled" \ + "$P_SRV debug_level=3 extended_ms=1" \ + "$P_CLI debug_level=3 extended_ms=0" \ + 0 \ + -C "client hello, adding extended_master_secret extension" \ + -S "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Extended Master Secret: client SSLv3, server enabled" \ + "$P_SRV debug_level=3 min_version=ssl3" \ + "$P_CLI debug_level=3 force_version=ssl3" \ + 0 \ + -C "client hello, adding extended_master_secret extension" \ + -S "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Extended Master Secret: client enabled, server SSLv3" \ + "$P_SRV debug_level=3 force_version=ssl3" \ + "$P_CLI debug_level=3 min_version=ssl3" \ + 0 \ + -c "client hello, adding extended_master_secret extension" \ + -S "found extended master secret extension" \ + -S "server hello, adding extended master secret extension" \ + -C "found extended_master_secret extension" \ + -C "using extended master secret" \ + -S "using extended master secret" + +# Tests for FALLBACK_SCSV + +run_test "Fallback SCSV: default" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 force_version=tls1_1" \ + 0 \ + -C "adding FALLBACK_SCSV" \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" \ + -C "is a fatal alert message (msg 86)" + +run_test "Fallback SCSV: explicitly disabled" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ + 0 \ + -C "adding FALLBACK_SCSV" \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" \ + -C "is a fatal alert message (msg 86)" + +run_test "Fallback SCSV: enabled" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ + 1 \ + -c "adding FALLBACK_SCSV" \ + -s "received FALLBACK_SCSV" \ + -s "inapropriate fallback" \ + -c "is a fatal alert message (msg 86)" + +run_test "Fallback SCSV: enabled, max version" \ + "$P_SRV debug_level=2" \ + "$P_CLI debug_level=3 fallback=1" \ + 0 \ + -c "adding FALLBACK_SCSV" \ + -s "received FALLBACK_SCSV" \ + -S "inapropriate fallback" \ + -C "is a fatal alert message (msg 86)" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: default, openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ + 0 \ + -C "adding FALLBACK_SCSV" \ + -C "is a fatal alert message (msg 86)" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: enabled, openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ + 1 \ + -c "adding FALLBACK_SCSV" \ + -c "is a fatal alert message (msg 86)" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: disabled, openssl client" \ + "$P_SRV debug_level=2" \ + "$O_CLI -tls1_1" \ + 0 \ + -S "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: enabled, openssl client" \ + "$P_SRV debug_level=2" \ + "$O_CLI -tls1_1 -fallback_scsv" \ + 1 \ + -s "received FALLBACK_SCSV" \ + -s "inapropriate fallback" + +requires_openssl_with_fallback_scsv +run_test "Fallback SCSV: enabled, max version, openssl client" \ + "$P_SRV debug_level=2" \ + "$O_CLI -fallback_scsv" \ + 0 \ + -s "received FALLBACK_SCSV" \ + -S "inapropriate fallback" + +# Tests for CBC 1/n-1 record splitting + +run_test "CBC Record splitting: TLS 1.2, no splitting" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1_2" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.1, no splitting" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1_1" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0, splitting" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1" \ + 0 \ + -S "Read from client: 123 bytes read" \ + -s "Read from client: 1 bytes read" \ + -s "122 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "CBC Record splitting: SSLv3, splitting" \ + "$P_SRV min_version=ssl3" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=ssl3" \ + 0 \ + -S "Read from client: 123 bytes read" \ + -s "Read from client: 1 bytes read" \ + -s "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + request_size=123 force_version=tls1" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0, splitting disabled" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1 recsplit=0" \ + 0 \ + -s "Read from client: 123 bytes read" \ + -S "Read from client: 1 bytes read" \ + -S "122 bytes read" + +run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \ + "$P_SRV nbio=2" \ + "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ + request_size=123 force_version=tls1" \ + 0 \ + -S "Read from client: 123 bytes read" \ + -s "Read from client: 1 bytes read" \ + -s "122 bytes read" + +# Tests for Session Tickets + +run_test "Session resume using tickets: basic" \ + "$P_SRV debug_level=3 tickets=1" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using tickets: cache disabled" \ + "$P_SRV debug_level=3 tickets=1 cache_max=0" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using tickets: timeout" \ + "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using tickets: openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -c "a session has been resumed" + +run_test "Session resume using tickets: openssl client" \ + "$P_SRV debug_level=3 tickets=1" \ + "( $O_CLI -sess_out $SESSION; \ + $O_CLI -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" + +# Tests for Session Resume based on session-ID and cache + +run_test "Session resume using cache: tickets enabled on client" \ + "$P_SRV debug_level=3 tickets=0" \ + "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: tickets enabled on server" \ + "$P_SRV debug_level=3 tickets=1" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "client hello, adding session ticket extension" \ + -S "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: cache_max=0" \ + "$P_SRV debug_level=3 tickets=0 cache_max=0" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using cache: cache_max=1" \ + "$P_SRV debug_level=3 tickets=0 cache_max=1" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: timeout > delay" \ + "$P_SRV debug_level=3 tickets=0" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: timeout < delay" \ + "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ + 0 \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + +run_test "Session resume using cache: no timeout" \ + "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ + 0 \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" \ + -c "a session has been resumed" + +run_test "Session resume using cache: openssl client" \ + "$P_SRV debug_level=3 tickets=0" \ + "( $O_CLI -sess_out $SESSION; \ + $O_CLI -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" + +run_test "Session resume using cache: openssl server" \ + "$O_SRV" \ + "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -c "a session has been resumed" + +# Tests for Max Fragment Length extension + +run_test "Max fragment length: not used, reference" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "Maximum fragment length is 16384" \ + -s "Maximum fragment length is 16384" \ + -C "client hello, adding max_fragment_length extension" \ + -S "found max fragment length extension" \ + -S "server hello, max_fragment_length extension" \ + -C "found max_fragment_length extension" + +run_test "Max fragment length: used by client" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 max_frag_len=4096" \ + 0 \ + -c "Maximum fragment length is 4096" \ + -s "Maximum fragment length is 4096" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" + +run_test "Max fragment length: used by server" \ + "$P_SRV debug_level=3 max_frag_len=4096" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "Maximum fragment length is 16384" \ + -s "Maximum fragment length is 4096" \ + -C "client hello, adding max_fragment_length extension" \ + -S "found max fragment length extension" \ + -S "server hello, max_fragment_length extension" \ + -C "found max_fragment_length extension" + +requires_gnutls +run_test "Max fragment length: gnutls server" \ + "$G_SRV" \ + "$P_CLI debug_level=3 max_frag_len=4096" \ + 0 \ + -c "Maximum fragment length is 4096" \ + -c "client hello, adding max_fragment_length extension" \ + -c "found max_fragment_length extension" + +run_test "Max fragment length: client, message just fits" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \ + 0 \ + -c "Maximum fragment length is 2048" \ + -s "Maximum fragment length is 2048" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" \ + -c "2048 bytes written in 1 fragments" \ + -s "2048 bytes read" + +run_test "Max fragment length: client, larger message" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \ + 0 \ + -c "Maximum fragment length is 2048" \ + -s "Maximum fragment length is 2048" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" \ + -c "2345 bytes written in 2 fragments" \ + -s "2048 bytes read" \ + -s "297 bytes read" + +run_test "Max fragment length: DTLS client, larger message" \ + "$P_SRV debug_level=3 dtls=1" \ + "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \ + 1 \ + -c "Maximum fragment length is 2048" \ + -s "Maximum fragment length is 2048" \ + -c "client hello, adding max_fragment_length extension" \ + -s "found max fragment length extension" \ + -s "server hello, max_fragment_length extension" \ + -c "found max_fragment_length extension" \ + -c "fragment larger than.*maximum" + +# Tests for renegotiation + +run_test "Renegotiation: none, for reference" \ + "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" + +run_test "Renegotiation: client-initiated" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" + +run_test "Renegotiation: server-initiated" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +run_test "Renegotiation: double" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +run_test "Renegotiation: client-initiated, server-rejected" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + 1 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" \ + -c "SSL - Unexpected message at ServerHello in renegotiation" \ + -c "failed" + +run_test "Renegotiation: server-initiated, client-rejected, default" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=-1 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +# delay 2 for 1 alert record + 1 application data record +run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=2 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=0 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -s "write hello request" \ + -s "SSL - An unexpected message was received from our peer" + +run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ + "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + renego_delay=0 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +run_test "Renegotiation: periodic, just below period" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -S "record counter limit reached: renegotiate" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +# one extra exchange to be able to complete renego +run_test "Renegotiation: periodic, just above period" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -s "record counter limit reached: renegotiate" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +run_test "Renegotiation: periodic, two times period" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -s "record counter limit reached: renegotiate" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +run_test "Renegotiation: periodic, above period, disabled" \ + "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ + "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ + 0 \ + -C "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -S "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -S "record counter limit reached: renegotiate" \ + -C "=> renegotiate" \ + -S "=> renegotiate" \ + -S "write hello request" \ + -S "SSL - An unexpected message was received from our peer" \ + -S "failed" + +run_test "Renegotiation: nbio, client-initiated" \ + "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \ + "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" + +run_test "Renegotiation: nbio, server-initiated" \ + "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ + "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +run_test "Renegotiation: openssl server, client-initiated" \ + "$O_SRV -www" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "ssl_hanshake() returned" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renegotiation: gnutls server strict, client-initiated" \ + "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "ssl_hanshake() returned" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renegotiation: gnutls server unsafe, client-initiated default" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + 1 \ + -c "client hello, adding renegotiation extension" \ + -C "found renegotiation extension" \ + -c "=> renegotiate" \ + -c "mbedtls_ssl_handshake() returned" \ + -c "error" \ + -C "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ + allow_legacy=0" \ + 1 \ + -c "client hello, adding renegotiation extension" \ + -C "found renegotiation extension" \ + -c "=> renegotiate" \ + -c "mbedtls_ssl_handshake() returned" \ + -c "error" \ + -C "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ + allow_legacy=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -C "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "ssl_hanshake() returned" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +run_test "Renegotiation: DTLS, client-initiated" \ + "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \ + "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -S "write hello request" + +run_test "Renegotiation: DTLS, server-initiated" \ + "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \ + read_timeout=1000 max_resend=2" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ + -s "found renegotiation extension" \ + -s "server hello, secure renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "write hello request" + +requires_gnutls +run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ + "$G_SRV -u --mtu 4096" \ + "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "mbedtls_ssl_handshake returned" \ + -C "error" \ + -s "Extra-header:" + +# Test for the "secure renegotation" extension only (no actual renegotiation) + +requires_gnutls +run_test "Renego ext: gnutls server strict, client default" \ + "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3" \ + 0 \ + -c "found renegotiation extension" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renego ext: gnutls server unsafe, client default" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "found renegotiation extension" \ + -C "error" \ + -c "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renego ext: gnutls server unsafe, client break legacy" \ + "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 allow_legacy=-1" \ + 1 \ + -C "found renegotiation extension" \ + -c "error" \ + -C "HTTP/1.0 200 [Oo][Kk]" + +requires_gnutls +run_test "Renego ext: gnutls client strict, server default" \ + "$P_SRV debug_level=3" \ + "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION" \ + 0 \ + -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ + -s "server hello, secure renegotiation extension" + +requires_gnutls +run_test "Renego ext: gnutls client unsafe, server default" \ + "$P_SRV debug_level=3" \ + "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + 0 \ + -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ + -S "server hello, secure renegotiation extension" + +requires_gnutls +run_test "Renego ext: gnutls client unsafe, server break legacy" \ + "$P_SRV debug_level=3 allow_legacy=-1" \ + "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \ + 1 \ + -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ + -S "server hello, secure renegotiation extension" + +# Tests for silently dropping trailing extra bytes in .der certificates + +requires_gnutls +run_test "DER format: no trailing bytes" \ + "$P_SRV crt_file=data_files/server5-der0.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with a trailing zero byte" \ + "$P_SRV crt_file=data_files/server5-der1a.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with a trailing random byte" \ + "$P_SRV crt_file=data_files/server5-der1b.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 2 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der2.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 4 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der4.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 8 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der8.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +requires_gnutls +run_test "DER format: with 9 trailing random bytes" \ + "$P_SRV crt_file=data_files/server5-der9.crt \ + key_file=data_files/server5.key" \ + "$G_CLI " \ + 0 \ + -c "Handshake was completed" \ + +# Tests for auth_mode + +run_test "Authentication: server badcert, client required" \ + "$P_SRV crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI debug_level=1 auth_mode=required" \ + 1 \ + -c "x509_verify_cert() returned" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -c "! mbedtls_ssl_handshake returned" \ + -c "X509 - Certificate verification failed" + +run_test "Authentication: server badcert, client optional" \ + "$P_SRV crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI debug_level=1 auth_mode=optional" \ + 0 \ + -c "x509_verify_cert() returned" \ + -c "! The certificate is not correctly signed by the trusted CA" \ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" + +run_test "Authentication: server badcert, client none" \ + "$P_SRV crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + "$P_CLI debug_level=1 auth_mode=none" \ + 0 \ + -C "x509_verify_cert() returned" \ + -C "! The certificate is not correctly signed by the trusted CA" \ + -C "! mbedtls_ssl_handshake returned" \ + -C "X509 - Certificate verification failed" + +run_test "Authentication: client SHA256, server required" \ + "$P_SRV auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ + key_file=data_files/server6.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ + 0 \ + -c "Supported Signature Algorithm found: 4," \ + -c "Supported Signature Algorithm found: 5," + +run_test "Authentication: client SHA384, server required" \ + "$P_SRV auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server6.crt \ + key_file=data_files/server6.key \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ + 0 \ + -c "Supported Signature Algorithm found: 4," \ + -c "Supported Signature Algorithm found: 5," + +run_test "Authentication: client badcert, server required" \ + "$P_SRV debug_level=3 auth_mode=required" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -s "! mbedtls_ssl_handshake returned" \ + -c "! mbedtls_ssl_handshake returned" \ + -s "X509 - Certificate verification failed" + +run_test "Authentication: client badcert, server optional" \ + "$P_SRV debug_level=3 auth_mode=optional" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: client badcert, server none" \ + "$P_SRV debug_level=3 auth_mode=none" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ + key_file=data_files/server5.key" \ + 0 \ + -s "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got no certificate request" \ + -c "skip write certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" \ + -S "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: client no cert, server optional" \ + "$P_SRV debug_level=3 auth_mode=optional" \ + "$P_CLI debug_level=3 crt_file=none key_file=none" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -C "got no certificate to send" \ + -S "SSLv3 client has no certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" \ + -s "! Certificate was missing" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: openssl client no cert, server optional" \ + "$P_SRV debug_level=3 auth_mode=optional" \ + "$O_CLI" \ + 0 \ + -S "skip write certificate request" \ + -s "skip parse certificate verify" \ + -s "! Certificate was missing" \ + -S "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +run_test "Authentication: client no cert, openssl server optional" \ + "$O_SRV -verify 10" \ + "$P_CLI debug_level=3 crt_file=none key_file=none" \ + 0 \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -c "skip write certificate verify" \ + -C "! mbedtls_ssl_handshake returned" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Authentication: client no cert, ssl3" \ + "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \ + "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate$" \ + -c "skip write certificate verify" \ + -c "got no certificate to send" \ + -s "SSLv3 client has no certificate" \ + -s "skip parse certificate verify" \ + -s "! Certificate was missing" \ + -S "! mbedtls_ssl_handshake returned" \ + -C "! mbedtls_ssl_handshake returned" \ + -S "X509 - Certificate verification failed" + +# Tests for certificate selection based on SHA verson + +run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server5-sha1.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1_2" \ + 0 \ + -c "signed using.*ECDSA with SHA256" \ + -C "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server5-sha1.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -C "signed using.*ECDSA with SHA256" \ + -c "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server5-sha1.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1" \ + 0 \ + -C "signed using.*ECDSA with SHA256" \ + -c "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ + "$P_SRV crt_file=data_files/server5.crt \ + key_file=data_files/server5.key \ + crt_file2=data_files/server6.crt \ + key_file2=data_files/server6.key" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -c "serial number.*09" \ + -c "signed using.*ECDSA with SHA256" \ + -C "signed using.*ECDSA with SHA1" + +run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ + "$P_SRV crt_file=data_files/server6.crt \ + key_file=data_files/server6.key \ + crt_file2=data_files/server5.crt \ + key_file2=data_files/server5.key" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -c "serial number.*0A" \ + -c "signed using.*ECDSA with SHA256" \ + -C "signed using.*ECDSA with SHA1" + +# tests for SNI + +run_test "SNI: no SNI callback" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$P_CLI server_name=localhost" \ + 0 \ + -S "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=localhost" + +run_test "SNI: matching cert 1" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=localhost" \ + 0 \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=localhost" + +run_test "SNI: matching cert 2" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=polarssl.example" \ + 0 \ + -s "parse ServerName extension" \ + -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ + -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" + +run_test "SNI: no matching cert" \ + "$P_SRV debug_level=3 \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ + "$P_CLI server_name=nonesuch.example" \ + 1 \ + -s "parse ServerName extension" \ + -s "ssl_sni_wrapper() returned" \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -c "SSL - A fatal alert message was received from our peer" + +run_test "SNI: client auth no override: optional" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \ + "$P_CLI debug_level=3 server_name=localhost" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" + +run_test "SNI: client auth override: none -> optional" \ + "$P_SRV debug_level=3 auth_mode=none \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \ + "$P_CLI debug_level=3 server_name=localhost" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" + +run_test "SNI: client auth override: optional -> none" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \ + "$P_CLI debug_level=3 server_name=localhost" \ + 0 \ + -s "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got no certificate request" \ + -c "skip write certificate" \ + -c "skip write certificate verify" \ + -s "skip parse certificate verify" + +run_test "SNI: CA no override" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \ + "$P_CLI debug_level=3 server_name=localhost \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -s "! The certificate is not correctly signed by the trusted CA" \ + -S "The certificate has been revoked (is on a CRL)" + +run_test "SNI: CA override" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \ + "$P_CLI debug_level=3 server_name=localhost \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -S "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -S "The certificate has been revoked (is on a CRL)" + +run_test "SNI: CA override with CRL" \ + "$P_SRV debug_level=3 auth_mode=optional \ + crt_file=data_files/server5.crt key_file=data_files/server5.key \ + ca_file=data_files/test-ca.crt \ + sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \ + "$P_CLI debug_level=3 server_name=localhost \ + crt_file=data_files/server6.crt key_file=data_files/server6.key" \ + 1 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -s "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed by the trusted CA" \ + -s "The certificate has been revoked (is on a CRL)" + +# Tests for non-blocking I/O: exercise a variety of handshake flows + +run_test "Non-blocking I/O: basic handshake" \ + "$P_SRV nbio=2 tickets=0 auth_mode=none" \ + "$P_CLI nbio=2 tickets=0" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: client auth" \ + "$P_SRV nbio=2 tickets=0 auth_mode=required" \ + "$P_CLI nbio=2 tickets=0" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket" \ + "$P_SRV nbio=2 tickets=1 auth_mode=none" \ + "$P_CLI nbio=2 tickets=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket + client auth" \ + "$P_SRV nbio=2 tickets=1 auth_mode=required" \ + "$P_CLI nbio=2 tickets=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket + client auth + resume" \ + "$P_SRV nbio=2 tickets=1 auth_mode=required" \ + "$P_CLI nbio=2 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: ticket + resume" \ + "$P_SRV nbio=2 tickets=1 auth_mode=none" \ + "$P_CLI nbio=2 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +run_test "Non-blocking I/O: session-id resume" \ + "$P_SRV nbio=2 tickets=0 auth_mode=none" \ + "$P_CLI nbio=2 tickets=0 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +# Tests for version negotiation + +run_test "Version check: all -> 1.2" \ + "$P_SRV" \ + "$P_CLI" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.2" \ + -c "Protocol is TLSv1.2" + +run_test "Version check: cli max 1.1 -> 1.1" \ + "$P_SRV" \ + "$P_CLI max_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: srv max 1.1 -> 1.1" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli+srv max 1.1 -> 1.1" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI max_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ + "$P_SRV min_version=tls1_1" \ + "$P_CLI max_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI min_version=tls1_1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -s "Protocol is TLSv1.1" \ + -c "Protocol is TLSv1.1" + +run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ + "$P_SRV max_version=tls1_1" \ + "$P_CLI min_version=tls1_2" \ + 1 \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -c "SSL - Handshake protocol not within min/max boundaries" + +run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ + "$P_SRV min_version=tls1_2" \ + "$P_CLI max_version=tls1_1" \ + 1 \ + -s "mbedtls_ssl_handshake returned" \ + -c "mbedtls_ssl_handshake returned" \ + -s "SSL - Handshake protocol not within min/max boundaries" + +# Tests for ALPN extension + +run_test "ALPN: none" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "client hello, adding alpn extension" \ + -S "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension " \ + -C "Application Layer Protocol is" \ + -S "Application Layer Protocol is" + +run_test "ALPN: client only" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 alpn=abc,1234" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension " \ + -c "Application Layer Protocol is (none)" \ + -S "Application Layer Protocol is" + +run_test "ALPN: server only" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "client hello, adding alpn extension" \ + -S "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension " \ + -C "Application Layer Protocol is" \ + -s "Application Layer Protocol is (none)" + +run_test "ALPN: both, common cli1-srv1" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3 alpn=abc,1234" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -s "server hello, adding alpn extension" \ + -c "found alpn extension" \ + -c "Application Layer Protocol is abc" \ + -s "Application Layer Protocol is abc" + +run_test "ALPN: both, common cli2-srv1" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3 alpn=1234,abc" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -s "server hello, adding alpn extension" \ + -c "found alpn extension" \ + -c "Application Layer Protocol is abc" \ + -s "Application Layer Protocol is abc" + +run_test "ALPN: both, common cli1-srv2" \ + "$P_SRV debug_level=3 alpn=abc,1234" \ + "$P_CLI debug_level=3 alpn=1234,abcde" \ + 0 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -C "got an alert message, type: \\[2:120]" \ + -s "server hello, adding alpn extension" \ + -c "found alpn extension" \ + -c "Application Layer Protocol is 1234" \ + -s "Application Layer Protocol is 1234" + +run_test "ALPN: both, no common" \ + "$P_SRV debug_level=3 alpn=abc,123" \ + "$P_CLI debug_level=3 alpn=1234,abcde" \ + 1 \ + -c "client hello, adding alpn extension" \ + -s "found alpn extension" \ + -c "got an alert message, type: \\[2:120]" \ + -S "server hello, adding alpn extension" \ + -C "found alpn extension" \ + -C "Application Layer Protocol is 1234" \ + -S "Application Layer Protocol is 1234" + + +# Tests for keyUsage in leaf certificates, part 1: +# server-side certificate/suite selection + +run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \ + "$P_SRV key_file=data_files/server2.key \ + crt_file=data_files/server2.ku-ds.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" + + +run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \ + "$P_SRV key_file=data_files/server2.key \ + crt_file=data_files/server2.ku-ke.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-" + +run_test "keyUsage srv: RSA, keyAgreement -> fail" \ + "$P_SRV key_file=data_files/server2.key \ + crt_file=data_files/server2.ku-ka.crt" \ + "$P_CLI" \ + 1 \ + -C "Ciphersuite is " + +run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ds.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-" + + +run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ka.crt" \ + "$P_CLI" \ + 0 \ + -c "Ciphersuite is TLS-ECDH-" + +run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.ku-ke.crt" \ + "$P_CLI" \ + 1 \ + -C "Ciphersuite is " + +# Tests for keyUsage in leaf certificates, part 2: +# client-side checking of server cert + +run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds_ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds_ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: KeyEncipherment, RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is TLS-" + +run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + "$P_CLI debug_level=1 auth_mode=optional \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -c "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" \ + -c "! Usage does not match the keyUsage extension" + +run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "keyUsage cli: DigitalSignature, RSA: fail" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + "$P_CLI debug_level=1 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is TLS-" + +run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ + "$O_SRV -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + "$P_CLI debug_level=1 auth_mode=optional \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -c "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" \ + -c "! Usage does not match the keyUsage extension" + +# Tests for keyUsage in leaf certificates, part 3: +# server-side checking of client cert + +run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server2.key \ + -cert data_files/server2.ku-ds.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \ + "$P_SRV debug_level=1 auth_mode=required" \ + "$O_CLI -key data_files/server2.key \ + -cert data_files/server2.ku-ke.crt" \ + 1 \ + -s "bad certificate (usage extensions)" \ + -s "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.ku-ds.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.ku-ka.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection + +run_test "extKeyUsage srv: serverAuth -> OK" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-srv.crt" \ + "$P_CLI" \ + 0 + +run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-srv.crt" \ + "$P_CLI" \ + 0 + +run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-cs_any.crt" \ + "$P_CLI" \ + 0 + +run_test "extKeyUsage srv: codeSign -> fail" \ + "$P_SRV key_file=data_files/server5.key \ + crt_file=data_files/server5.eku-cli.crt" \ + "$P_CLI" \ + 1 + +# Tests for extendedKeyUsage, part 2: client-side checking of server cert + +run_test "extKeyUsage cli: serverAuth -> OK" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-srv.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-srv_cli.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-cs_any.crt" \ + "$P_CLI debug_level=1" \ + 0 \ + -C "bad certificate (usage extensions)" \ + -C "Processing of the Certificate handshake message failed" \ + -c "Ciphersuite is TLS-" + +run_test "extKeyUsage cli: codeSign -> fail" \ + "$O_SRV -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + "$P_CLI debug_level=1" \ + 1 \ + -c "bad certificate (usage extensions)" \ + -c "Processing of the Certificate handshake message failed" \ + -C "Ciphersuite is TLS-" + +# Tests for extendedKeyUsage, part 3: server-side checking of client cert + +run_test "extKeyUsage cli-auth: clientAuth -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cli.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-srv_cli.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cs_any.crt" \ + 0 \ + -S "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \ + "$P_SRV debug_level=1 auth_mode=optional" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + 0 \ + -s "bad certificate (usage extensions)" \ + -S "Processing of the Certificate handshake message failed" + +run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \ + "$P_SRV debug_level=1 auth_mode=required" \ + "$O_CLI -key data_files/server5.key \ + -cert data_files/server5.eku-cs.crt" \ + 1 \ + -s "bad certificate (usage extensions)" \ + -s "Processing of the Certificate handshake message failed" + +# Tests for DHM parameters loading + +run_test "DHM parameters: reference" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=3" \ + 0 \ + -c "value of 'DHM: P ' (2048 bits)" \ + -c "value of 'DHM: G ' (2048 bits)" + +run_test "DHM parameters: other parameters" \ + "$P_SRV dhm_file=data_files/dhparams.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=3" \ + 0 \ + -c "value of 'DHM: P ' (1024 bits)" \ + -c "value of 'DHM: G ' (2 bits)" + +# Tests for DHM client-side size checking + +run_test "DHM size: server default, client default, OK" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server default, client 2048, OK" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=2048" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server 1024, client default, OK" \ + "$P_SRV dhm_file=data_files/dhparams.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1" \ + 0 \ + -C "DHM prime too short:" + +run_test "DHM size: server 1000, client default, rejected" \ + "$P_SRV dhm_file=data_files/dh.1000.pem" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1" \ + 1 \ + -c "DHM prime too short:" + +run_test "DHM size: server default, client 2049, rejected" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ + debug_level=1 dhmlen=2049" \ + 1 \ + -c "DHM prime too short:" + +# Tests for PSK callback + +run_test "PSK callback: psk, no callback" \ + "$P_SRV psk=abc123 psk_identity=foo" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: no psk, no callback" \ + "$P_SRV" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 1 \ + -s "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: callback overrides other settings" \ + "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=foo psk=abc123" \ + 1 \ + -S "SSL - None of the common ciphersuites is usable" \ + -s "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: first id matches" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=abc psk=dead" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: second id matches" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=def psk=beef" \ + 0 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: no match" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=ghi psk=beef" \ + 1 \ + -S "SSL - None of the common ciphersuites is usable" \ + -s "SSL - Unknown identity received" \ + -S "SSL - Verification of the message MAC failed" + +run_test "PSK callback: wrong key" \ + "$P_SRV psk_list=abc,dead,def,beef" \ + "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ + psk_identity=abc psk=beef" \ + 1 \ + -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - Unknown identity received" \ + -s "SSL - Verification of the message MAC failed" + +# Tests for EC J-PAKE + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: client not configured" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3" \ + 0 \ + -C "add ciphersuite: c0ff" \ + -C "adding ecjpake_kkpp extension" \ + -S "found ecjpake kkpp extension" \ + -S "skip ecjpake kkpp extension" \ + -S "ciphersuite mismatch: ecjpake not configured" \ + -S "server hello, ecjpake kkpp extension" \ + -C "found ecjpake_kkpp extension" \ + -S "None of the common ciphersuites is usable" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: server not configured" \ + "$P_SRV debug_level=3" \ + "$P_CLI debug_level=3 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 1 \ + -c "add ciphersuite: c0ff" \ + -c "adding ecjpake_kkpp extension" \ + -s "found ecjpake kkpp extension" \ + -s "skip ecjpake kkpp extension" \ + -s "ciphersuite mismatch: ecjpake not configured" \ + -S "server hello, ecjpake kkpp extension" \ + -C "found ecjpake_kkpp extension" \ + -s "None of the common ciphersuites is usable" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, TLS" \ + "$P_SRV debug_level=3 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 \ + -c "add ciphersuite: c0ff" \ + -c "adding ecjpake_kkpp extension" \ + -C "re-using cached ecjpake parameters" \ + -s "found ecjpake kkpp extension" \ + -S "skip ecjpake kkpp extension" \ + -S "ciphersuite mismatch: ecjpake not configured" \ + -s "server hello, ecjpake kkpp extension" \ + -c "found ecjpake_kkpp extension" \ + -S "None of the common ciphersuites is usable" \ + -S "SSL - Verification of the message MAC failed" + +server_needs_more_time 1 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: password mismatch, TLS" \ + "$P_SRV debug_level=3 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 ecjpake_pw=bad \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 1 \ + -C "re-using cached ecjpake parameters" \ + -s "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, DTLS" \ + "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 \ + -c "re-using cached ecjpake parameters" \ + -S "SSL - Verification of the message MAC failed" + +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, DTLS, no cookie" \ + "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ + "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 \ + -C "re-using cached ecjpake parameters" \ + -S "SSL - Verification of the message MAC failed" + +server_needs_more_time 1 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: password mismatch, DTLS" \ + "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ + "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 1 \ + -c "re-using cached ecjpake parameters" \ + -s "SSL - Verification of the message MAC failed" + +# for tests with configs/config-thread.h +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +run_test "ECJPAKE: working, DTLS, nolog" \ + "$P_SRV dtls=1 ecjpake_pw=bla" \ + "$P_CLI dtls=1 ecjpake_pw=bla \ + force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ + 0 + +# Tests for ciphersuites per version + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Per-version suites: SSL3" \ + "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=ssl3" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-3DES-EDE-CBC-SHA" + +run_test "Per-version suites: TLS 1.0" \ + "$P_SRV arc4=1 version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=tls1 arc4=1" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA" + +run_test "Per-version suites: TLS 1.1" \ + "$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=tls1_1" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA" + +run_test "Per-version suites: TLS 1.2" \ + "$P_SRV version_suites=TLS-RSA-WITH-3DES-EDE-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ + "$P_CLI force_version=tls1_2" \ + 0 \ + -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256" + +# Test for ClientHello without extensions + +requires_gnutls +run_test "ClientHello without extensions" \ + "$P_SRV debug_level=3" \ + "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION" \ + 0 \ + -s "dumping 'client hello extensions' (0 bytes)" + +# Tests for mbedtls_ssl_get_bytes_avail() + +run_test "mbedtls_ssl_get_bytes_avail: no extra data" \ + "$P_SRV" \ + "$P_CLI request_size=100" \ + 0 \ + -s "Read from client: 100 bytes read$" + +run_test "mbedtls_ssl_get_bytes_avail: extra data" \ + "$P_SRV" \ + "$P_CLI request_size=500" \ + 0 \ + -s "Read from client: 500 bytes read (.*+.*)" + +# Tests for small packets + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Small packet SSLv3 BlockCipher" \ + "$P_SRV min_version=ssl3" \ + "$P_CLI request_size=1 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Small packet SSLv3 StreamCipher" \ + "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.0 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.0 BlockCipher without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.0 BlockCipher truncated MAC" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.1 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.1 BlockCipher without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_1 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.1 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.1 BlockCipher truncated MAC" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.1 StreamCipher truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 BlockCipher without EtM" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 etm=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 BlockCipher larger MAC" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 BlockCipher truncated MAC" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 AEAD" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + 0 \ + -s "Read from client: 1 bytes read" + +run_test "Small packet TLS 1.2 AEAD shorter tag" \ + "$P_SRV" \ + "$P_CLI request_size=1 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + 0 \ + -s "Read from client: 1 bytes read" + +# A test for extensions in SSLv3 + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "SSLv3 with extensions, server side" \ + "$P_SRV min_version=ssl3 debug_level=3" \ + "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \ + 0 \ + -S "dumping 'client hello extensions'" \ + -S "server hello, total extension length:" + +# Test for large packets + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Large packet SSLv3 BlockCipher" \ + "$P_SRV min_version=ssl3" \ + "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 +run_test "Large packet SSLv3 StreamCipher" \ + "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=ssl3 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.0 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.0 BlockCipher truncated MAC" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.0 StreamCipher truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.1 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.1 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.1 BlockCipher truncated MAC" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.1 StreamCipher truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_1 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 BlockCipher" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 BlockCipher larger MAC" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 BlockCipher truncated MAC" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 StreamCipher" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 StreamCipher truncated MAC" \ + "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \ + trunc_hmac=1" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 AEAD" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ + 0 \ + -s "Read from client: 16384 bytes read" + +run_test "Large packet TLS 1.2 AEAD shorter tag" \ + "$P_SRV" \ + "$P_CLI request_size=16384 force_version=tls1_2 \ + force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ + 0 \ + -s "Read from client: 16384 bytes read" + +# Tests for DTLS HelloVerifyRequest + +run_test "DTLS cookie: enabled" \ + "$P_SRV dtls=1 debug_level=2" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -s "cookie verification failed" \ + -s "cookie verification passed" \ + -S "cookie verification skipped" \ + -c "received hello verify request" \ + -s "hello verification requested" \ + -S "SSL - The requested feature is not available" + +run_test "DTLS cookie: disabled" \ + "$P_SRV dtls=1 debug_level=2 cookies=0" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -S "cookie verification failed" \ + -S "cookie verification passed" \ + -s "cookie verification skipped" \ + -C "received hello verify request" \ + -S "hello verification requested" \ + -S "SSL - The requested feature is not available" + +run_test "DTLS cookie: default (failing)" \ + "$P_SRV dtls=1 debug_level=2 cookies=-1" \ + "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \ + 1 \ + -s "cookie verification failed" \ + -S "cookie verification passed" \ + -S "cookie verification skipped" \ + -C "received hello verify request" \ + -S "hello verification requested" \ + -s "SSL - The requested feature is not available" + +requires_ipv6 +run_test "DTLS cookie: enabled, IPv6" \ + "$P_SRV dtls=1 debug_level=2 server_addr=::1" \ + "$P_CLI dtls=1 debug_level=2 server_addr=::1" \ + 0 \ + -s "cookie verification failed" \ + -s "cookie verification passed" \ + -S "cookie verification skipped" \ + -c "received hello verify request" \ + -s "hello verification requested" \ + -S "SSL - The requested feature is not available" + +run_test "DTLS cookie: enabled, nbio" \ + "$P_SRV dtls=1 nbio=2 debug_level=2" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -s "cookie verification failed" \ + -s "cookie verification passed" \ + -S "cookie verification skipped" \ + -c "received hello verify request" \ + -s "hello verification requested" \ + -S "SSL - The requested feature is not available" + +# Tests for client reconnecting from the same port with DTLS + +not_with_valgrind # spurious resend +run_test "DTLS client reconnect from same port: reference" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000" \ + 0 \ + -C "resend" \ + -S "The operation timed out" \ + -S "Client initiated reconnection from same port" + +not_with_valgrind # spurious resend +run_test "DTLS client reconnect from same port: reconnect" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ + 0 \ + -C "resend" \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + +not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts) +run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ + 0 \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + +only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout +run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \ + 0 \ + -S "The operation timed out" \ + -s "Client initiated reconnection from same port" + +run_test "DTLS client reconnect from same port: no cookies" \ + "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \ + "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \ + 0 \ + -s "The operation timed out" \ + -S "Client initiated reconnection from same port" + +# Tests for various cases of client authentication with DTLS +# (focused on handshake flows and message parsing) + +run_test "DTLS client auth: required" \ + "$P_SRV dtls=1 auth_mode=required" \ + "$P_CLI dtls=1" \ + 0 \ + -s "Verifying peer X.509 certificate... ok" + +run_test "DTLS client auth: optional, client has no cert" \ + "$P_SRV dtls=1 auth_mode=optional" \ + "$P_CLI dtls=1 crt_file=none key_file=none" \ + 0 \ + -s "! Certificate was missing" + +run_test "DTLS client auth: none, client has no cert" \ + "$P_SRV dtls=1 auth_mode=none" \ + "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \ + 0 \ + -c "skip write certificate$" \ + -s "! Certificate verification was skipped" + +run_test "DTLS wrong PSK: badmac alert" \ + "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \ + "$P_CLI dtls=1 psk=abc124" \ + 1 \ + -s "SSL - Verification of the message MAC failed" \ + -c "SSL - A fatal alert message was received from our peer" + +# Tests for receiving fragmented handshake messages with DTLS + +requires_gnutls +run_test "DTLS reassembly: no fragmentation (gnutls server)" \ + "$G_SRV -u --mtu 2048 -a" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: some fragmentation (gnutls server)" \ + "$G_SRV -u --mtu 512" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: more fragmentation (gnutls server)" \ + "$G_SRV -u --mtu 128" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ + "$G_SRV -u --mtu 128" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +requires_gnutls +run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ + "$G_SRV -u --mtu 256" \ + "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "mbedtls_ssl_handshake returned" \ + -C "error" \ + -s "Extra-header:" + +requires_gnutls +run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ + "$G_SRV -u --mtu 256" \ + "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -c "client hello, adding renegotiation extension" \ + -c "found renegotiation extension" \ + -c "=> renegotiate" \ + -C "mbedtls_ssl_handshake returned" \ + -C "error" \ + -s "Extra-header:" + +run_test "DTLS reassembly: no fragmentation (openssl server)" \ + "$O_SRV -dtls1 -mtu 2048" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: some fragmentation (openssl server)" \ + "$O_SRV -dtls1 -mtu 768" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: more fragmentation (openssl server)" \ + "$O_SRV -dtls1 -mtu 256" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ + "$O_SRV -dtls1 -mtu 256" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +# Tests for specific things with "unreliable" UDP connection + +not_with_valgrind # spurious resend due to timeout +run_test "DTLS proxy: reference" \ + -p "$P_PXY" \ + "$P_SRV dtls=1 debug_level=2" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "replayed record" \ + -S "replayed record" \ + -C "record from another epoch" \ + -S "record from another epoch" \ + -C "discarding invalid record" \ + -S "discarding invalid record" \ + -S "resend" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +not_with_valgrind # spurious resend due to timeout +run_test "DTLS proxy: duplicate every packet" \ + -p "$P_PXY duplicate=1" \ + "$P_SRV dtls=1 debug_level=2" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "replayed record" \ + -s "replayed record" \ + -c "discarding invalid record" \ + -s "discarding invalid record" \ + -S "resend" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +run_test "DTLS proxy: duplicate every packet, server anti-replay off" \ + -p "$P_PXY duplicate=1" \ + "$P_SRV dtls=1 debug_level=2 anti_replay=0" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "replayed record" \ + -S "replayed record" \ + -c "discarding invalid record" \ + -s "discarding invalid record" \ + -c "resend" \ + -s "resend" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 debug_level=1" \ + "$P_CLI dtls=1 debug_level=1 read_timeout=100" \ + 0 \ + -c "discarding invalid record (mac)" \ + -s "discarding invalid record (mac)" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" \ + -S "too many records with bad MAC" \ + -S "Verification of the message MAC failed" + +run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 debug_level=1 badmac_limit=1" \ + "$P_CLI dtls=1 debug_level=1 read_timeout=100" \ + 1 \ + -C "discarding invalid record (mac)" \ + -S "discarding invalid record (mac)" \ + -S "Extra-header:" \ + -C "HTTP/1.0 200 OK" \ + -s "too many records with bad MAC" \ + -s "Verification of the message MAC failed" + +run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 debug_level=1 badmac_limit=2" \ + "$P_CLI dtls=1 debug_level=1 read_timeout=100" \ + 0 \ + -c "discarding invalid record (mac)" \ + -s "discarding invalid record (mac)" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" \ + -S "too many records with bad MAC" \ + -S "Verification of the message MAC failed" + +run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\ + -p "$P_PXY bad_ad=1" \ + "$P_SRV dtls=1 debug_level=1 badmac_limit=2 exchanges=2" \ + "$P_CLI dtls=1 debug_level=1 read_timeout=100 exchanges=2" \ + 1 \ + -c "discarding invalid record (mac)" \ + -s "discarding invalid record (mac)" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" \ + -s "too many records with bad MAC" \ + -s "Verification of the message MAC failed" + +run_test "DTLS proxy: delay ChangeCipherSpec" \ + -p "$P_PXY delay_ccs=1" \ + "$P_SRV dtls=1 debug_level=1" \ + "$P_CLI dtls=1 debug_level=1" \ + 0 \ + -c "record from another epoch" \ + -s "record from another epoch" \ + -c "discarding invalid record" \ + -s "discarding invalid record" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +# Tests for "randomly unreliable connection": try a variety of flows and peers + +client_needs_more_time 2 +run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 \ + force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, FS, client auth" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, FS, ticket" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=1" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=1" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 2 +run_test "DTLS proxy: 3d, max handshake, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \ + auth_mode=required" \ + "$P_CLI dtls=1 hs_timeout=250-10000 nbio=2 tickets=1" \ + 0 \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, resumption" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123 debug_level=3" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -s "a session has been resumed" \ + -c "a session has been resumed" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123 debug_level=3 nbio=2" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \ + 0 \ + -s "a session has been resumed" \ + -c "a session has been resumed" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiation=1 debug_level=2" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + renegotiate=1 debug_level=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiation=1 debug_level=2" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + renegotiate=1 debug_level=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ + debug_level=2" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + renegotiation=1 exchanges=4 debug_level=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 4 +run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ + psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \ + debug_level=2 nbio=2" \ + "$P_CLI dtls=1 hs_timeout=250-10000 tickets=0 psk=abc123 \ + renegotiation=1 exchanges=4 debug_level=2 nbio=2 \ + force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ + 0 \ + -c "=> renegotiate" \ + -s "=> renegotiate" \ + -s "Extra-header:" \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 6 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, openssl server" \ + -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ + "$O_SRV -dtls1 -mtu 2048" \ + "$P_CLI dtls=1 hs_timeout=250-60000 tickets=0" \ + 0 \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, openssl server, fragmentation" \ + -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ + "$O_SRV -dtls1 -mtu 768" \ + "$P_CLI dtls=1 hs_timeout=250-60000 tickets=0" \ + 0 \ + -c "HTTP/1.0 200 OK" + +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ + "$O_SRV -dtls1 -mtu 768" \ + "$P_CLI dtls=1 hs_timeout=250-60000 nbio=2 tickets=0" \ + 0 \ + -c "HTTP/1.0 200 OK" + +requires_gnutls +client_needs_more_time 6 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, gnutls server" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$G_SRV -u --mtu 2048 -a" \ + "$P_CLI dtls=1 hs_timeout=250-60000" \ + 0 \ + -s "Extra-header:" \ + -c "Extra-header:" + +requires_gnutls +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$G_SRV -u --mtu 512" \ + "$P_CLI dtls=1 hs_timeout=250-60000" \ + 0 \ + -s "Extra-header:" \ + -c "Extra-header:" + +requires_gnutls +client_needs_more_time 8 +not_with_valgrind # risk of non-mbedtls peer timing out +run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ + -p "$P_PXY drop=5 delay=5 duplicate=5" \ + "$G_SRV -u --mtu 512" \ + "$P_CLI dtls=1 hs_timeout=250-60000 nbio=2" \ + 0 \ + -s "Extra-header:" \ + -c "Extra-header:" + +# Final report + +echo "------------------------------------------------------------------------" + +if [ $FAILS = 0 ]; then + printf "PASSED" +else + printf "FAILED" +fi +PASSES=$(( $TESTS - $FAILS )) +echo " ($PASSES / $TESTS tests ($SKIPS skipped))" + +exit $FAILS