Add multi-session tickets test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu
parent
d4e7500a07
commit
7a51305478
3 changed files with 33 additions and 10 deletions
|
|
@ -1139,7 +1139,7 @@ int main( int argc, char *argv[] )
|
||||||
else if( strcmp( p, "tickets" ) == 0 )
|
else if( strcmp( p, "tickets" ) == 0 )
|
||||||
{
|
{
|
||||||
opt.tickets = atoi( q );
|
opt.tickets = atoi( q );
|
||||||
if( opt.tickets < 0 || opt.tickets > 2 )
|
if( opt.tickets < 0 )
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
else if( strcmp( p, "alpn" ) == 0 )
|
else if( strcmp( p, "alpn" ) == 0 )
|
||||||
|
|
@ -2668,6 +2668,9 @@ send_request:
|
||||||
*/
|
*/
|
||||||
if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
|
if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM )
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||||
|
int ticket_id = 0;
|
||||||
|
#endif
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
len = sizeof( buf ) - 1;
|
len = sizeof( buf ) - 1;
|
||||||
|
|
@ -2715,7 +2718,8 @@ send_request:
|
||||||
case MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET:
|
case MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET:
|
||||||
/* We were waiting for application data but got
|
/* We were waiting for application data but got
|
||||||
* a NewSessionTicket instead. */
|
* a NewSessionTicket instead. */
|
||||||
mbedtls_printf( " got new session ticket.\n" );
|
mbedtls_printf( " got new session ticket ( %d ).\n",
|
||||||
|
ticket_id++ );
|
||||||
if( opt.reconnect != 0 )
|
if( opt.reconnect != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf(" . Saving session for reuse..." );
|
mbedtls_printf(" . Saving session for reuse..." );
|
||||||
|
|
@ -2749,7 +2753,6 @@ send_request:
|
||||||
(unsigned) session_data_len );
|
(unsigned) session_data_len );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
continue;
|
continue;
|
||||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1997,7 +1997,7 @@ int main( int argc, char *argv[] )
|
||||||
else if( strcmp( p, "tickets" ) == 0 )
|
else if( strcmp( p, "tickets" ) == 0 )
|
||||||
{
|
{
|
||||||
opt.tickets = atoi( q );
|
opt.tickets = atoi( q );
|
||||||
if( opt.tickets < 0 || opt.tickets > 1 )
|
if( opt.tickets < 0 )
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
else if( strcmp( p, "ticket_rotate" ) == 0 )
|
else if( strcmp( p, "ticket_rotate" ) == 0 )
|
||||||
|
|
@ -2915,7 +2915,7 @@ int main( int argc, char *argv[] )
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||||
if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED )
|
if( opt.tickets != MBEDTLS_SSL_SESSION_TICKETS_DISABLED )
|
||||||
{
|
{
|
||||||
if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
|
if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx,
|
||||||
rng_get, &rng,
|
rng_get, &rng,
|
||||||
|
|
@ -2930,7 +2930,9 @@ int main( int argc, char *argv[] )
|
||||||
mbedtls_ssl_ticket_write,
|
mbedtls_ssl_ticket_write,
|
||||||
mbedtls_ssl_ticket_parse,
|
mbedtls_ssl_ticket_parse,
|
||||||
&ticket_ctx );
|
&ticket_ctx );
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||||
|
mbedtls_ssl_conf_new_session_tickets( &conf, opt.tickets );
|
||||||
|
#endif
|
||||||
/* exercise manual ticket rotation (not required for typical use)
|
/* exercise manual ticket rotation (not required for typical use)
|
||||||
* (used for external synchronization of session ticket encryption keys)
|
* (used for external synchronization of session ticket encryption keys)
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -12781,14 +12781,32 @@ run_test "TLS 1.3: NewSessionTicket: Basic check, m->G" \
|
||||||
-c "HTTP/1.0 200 OK" \
|
-c "HTTP/1.0 200 OK" \
|
||||||
-s "This is a resumed session"
|
-s "This is a resumed session"
|
||||||
|
|
||||||
|
requires_openssl_tls1_3
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
|
||||||
|
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||||
|
# https://github.com/openssl/openssl/issues/10714
|
||||||
|
# Until now, OpenSSL client does not support reconnect.
|
||||||
|
skip_next_test
|
||||||
|
run_test "TLS 1.3: NewSessionTicket: Basic check, O->m" \
|
||||||
|
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \
|
||||||
|
"$O_NEXT_CLI -msg -debug -tls1_3 -reconnect" \
|
||||||
|
0 \
|
||||||
|
-s "=> write NewSessionTicket msg" \
|
||||||
|
-s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET" \
|
||||||
|
-s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET_FLUSH"
|
||||||
|
|
||||||
requires_gnutls_tls1_3
|
requires_gnutls_tls1_3
|
||||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
|
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
|
||||||
requires_config_enabled MBEDTLS_SSL_SRV_C
|
requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||||
requires_config_enabled MBEDTLS_DEBUG_C
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||||
run_test "TLS 1.3: NewSessionTicket: Basic check, G->m" \
|
run_test "TLS 1.3: NewSessionTicket: Basic check, G->m" \
|
||||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=1" \
|
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \
|
||||||
"$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%DISABLE_TLS13_COMPAT_MODE -V -r" \
|
"$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -r" \
|
||||||
0 \
|
0 \
|
||||||
-c "Connecting again- trying to resume previous session" \
|
-c "Connecting again- trying to resume previous session" \
|
||||||
-c "NEW SESSION TICKET (4) was received" \
|
-c "NEW SESSION TICKET (4) was received" \
|
||||||
|
|
@ -12805,11 +12823,11 @@ requires_config_enabled MBEDTLS_SSL_SRV_C
|
||||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
requires_config_enabled MBEDTLS_DEBUG_C
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
run_test "TLS 1.3: NewSessionTicket: Basic check, m->m" \
|
run_test "TLS 1.3: NewSessionTicket: Basic check, m->m" \
|
||||||
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=1" \
|
"$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \
|
||||||
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
"$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
|
||||||
0 \
|
0 \
|
||||||
-c "Protocol is TLSv1.3" \
|
-c "Protocol is TLSv1.3" \
|
||||||
-c "got new session ticket." \
|
-c "got new session ticket ( 3 )" \
|
||||||
-c "Saving session for reuse... ok" \
|
-c "Saving session for reuse... ok" \
|
||||||
-c "Reconnecting with saved session" \
|
-c "Reconnecting with saved session" \
|
||||||
-c "HTTP/1.0 200 OK" \
|
-c "HTTP/1.0 200 OK" \
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue