ECJPAKE: Fix intermittently failing tests
In some tests in ssl-opt.sh the client finishes sooner and the server gets killed before it could reach certain errors. Consequently the the script doesn't find the error it is looking for and the test fails. To resolve this issue, we introduce a per-test option to wait after the client finishes.
This commit is contained in:
parent
327d66520e
commit
74537a69fd
1 changed files with 31 additions and 20 deletions
|
@ -166,10 +166,15 @@ only_with_valgrind() {
|
|||
}
|
||||
|
||||
# multiply the client timeout delay by the given factor for the next test
|
||||
needs_more_time() {
|
||||
client_needs_more_time() {
|
||||
CLI_DELAY_FACTOR=$1
|
||||
}
|
||||
|
||||
# wait for the given seconds after the client finished in the next test
|
||||
server_needs_more_time() {
|
||||
SRV_DELAY_SECONDS=$1
|
||||
}
|
||||
|
||||
# print_name <name>
|
||||
print_name() {
|
||||
TESTS=$(( $TESTS + 1 ))
|
||||
|
@ -307,6 +312,9 @@ wait_client_done() {
|
|||
wait $DOG_PID
|
||||
|
||||
echo "EXIT: $CLI_EXIT" >> $CLI_OUT
|
||||
|
||||
sleep $SRV_DELAY_SECONDS
|
||||
SRV_DELAY_SECONDS=0
|
||||
}
|
||||
|
||||
# check if the given command uses dtls and sets global variable DTLS
|
||||
|
@ -574,6 +582,7 @@ else
|
|||
DOG_DELAY=10
|
||||
fi
|
||||
CLI_DELAY_FACTOR=1
|
||||
SRV_DELAY_SECONDS=0
|
||||
|
||||
# Pick a "unique" server port in the range 10000-19999, and a proxy port
|
||||
PORT_BASE="0000$$"
|
||||
|
@ -2674,6 +2683,7 @@ run_test "ECJPAKE: working, TLS" \
|
|||
-S "None of the common ciphersuites is usable" \
|
||||
-S "SSL - Verification of the message MAC failed"
|
||||
|
||||
server_needs_more_time 1
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
||||
run_test "ECJPAKE: password mismatch, TLS" \
|
||||
"$P_SRV debug_level=3 ecjpake_pw=bla" \
|
||||
|
@ -2701,6 +2711,7 @@ run_test "ECJPAKE: working, DTLS, no cookie" \
|
|||
-C "re-using cached ecjpake parameters" \
|
||||
-S "SSL - Verification of the message MAC failed"
|
||||
|
||||
server_needs_more_time 1
|
||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
||||
run_test "ECJPAKE: password mismatch, DTLS" \
|
||||
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
|
||||
|
@ -3369,7 +3380,7 @@ run_test "DTLS proxy: delay ChangeCipherSpec" \
|
|||
|
||||
# Tests for "randomly unreliable connection": try a variety of flows and peers
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3380,7 +3391,7 @@ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
|
||||
|
@ -3390,7 +3401,7 @@ run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
|
||||
|
@ -3399,7 +3410,7 @@ run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d, FS, client auth" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \
|
||||
|
@ -3408,7 +3419,7 @@ run_test "DTLS proxy: 3d, FS, client auth" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d, FS, ticket" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \
|
||||
|
@ -3417,7 +3428,7 @@ run_test "DTLS proxy: 3d, FS, ticket" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \
|
||||
|
@ -3426,7 +3437,7 @@ run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 2
|
||||
client_needs_more_time 2
|
||||
run_test "DTLS proxy: 3d, max handshake, nbio" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \
|
||||
|
@ -3436,7 +3447,7 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 4
|
||||
client_needs_more_time 4
|
||||
run_test "DTLS proxy: 3d, min handshake, resumption" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3450,7 +3461,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 4
|
||||
client_needs_more_time 4
|
||||
run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3464,7 +3475,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 4
|
||||
client_needs_more_time 4
|
||||
run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3478,7 +3489,7 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 4
|
||||
client_needs_more_time 4
|
||||
run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3492,7 +3503,7 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 4
|
||||
client_needs_more_time 4
|
||||
run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3507,7 +3518,7 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 4
|
||||
client_needs_more_time 4
|
||||
run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||
|
@ -3522,7 +3533,7 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
|
|||
-s "Extra-header:" \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 6
|
||||
client_needs_more_time 6
|
||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||
run_test "DTLS proxy: 3d, openssl server" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
||||
|
@ -3531,7 +3542,7 @@ run_test "DTLS proxy: 3d, openssl server" \
|
|||
0 \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 8
|
||||
client_needs_more_time 8
|
||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||
run_test "DTLS proxy: 3d, openssl server, fragmentation" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
||||
|
@ -3540,7 +3551,7 @@ run_test "DTLS proxy: 3d, openssl server, fragmentation" \
|
|||
0 \
|
||||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
needs_more_time 8
|
||||
client_needs_more_time 8
|
||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||
run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
||||
|
@ -3550,7 +3561,7 @@ run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
|
|||
-c "HTTP/1.0 200 OK"
|
||||
|
||||
requires_gnutls
|
||||
needs_more_time 6
|
||||
client_needs_more_time 6
|
||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||
run_test "DTLS proxy: 3d, gnutls server" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
|
@ -3561,7 +3572,7 @@ run_test "DTLS proxy: 3d, gnutls server" \
|
|||
-c "Extra-header:"
|
||||
|
||||
requires_gnutls
|
||||
needs_more_time 8
|
||||
client_needs_more_time 8
|
||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||
run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
|
@ -3572,7 +3583,7 @@ run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
|
|||
-c "Extra-header:"
|
||||
|
||||
requires_gnutls
|
||||
needs_more_time 8
|
||||
client_needs_more_time 8
|
||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||
run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
|
|
Loading…
Reference in a new issue