Add tests for session copy without serialisation
This commit is contained in:
parent
b5e4e0a395
commit
a7c3765760
2 changed files with 86 additions and 13 deletions
|
@ -113,6 +113,7 @@ int main( void )
|
||||||
#define DFL_DHMLEN -1
|
#define DFL_DHMLEN -1
|
||||||
#define DFL_RECONNECT 0
|
#define DFL_RECONNECT 0
|
||||||
#define DFL_RECO_DELAY 0
|
#define DFL_RECO_DELAY 0
|
||||||
|
#define DFL_RECO_MODE 1
|
||||||
#define DFL_CID_ENABLED 0
|
#define DFL_CID_ENABLED 0
|
||||||
#define DFL_CID_VALUE ""
|
#define DFL_CID_VALUE ""
|
||||||
#define DFL_CID_ENABLED_RENEGO -1
|
#define DFL_CID_ENABLED_RENEGO -1
|
||||||
|
@ -376,8 +377,11 @@ int main( void )
|
||||||
" allow_legacy=%%d default: (library default: no)\n" \
|
" allow_legacy=%%d default: (library default: no)\n" \
|
||||||
USAGE_RENEGO \
|
USAGE_RENEGO \
|
||||||
" exchanges=%%d default: 1\n" \
|
" exchanges=%%d default: 1\n" \
|
||||||
" reconnect=%%d default: 0 (disabled)\n" \
|
" reconnect=%%d number of reconnections using session resumption\n" \
|
||||||
|
" default: 0 (disabled)\n" \
|
||||||
" reco_delay=%%d default: 0 seconds\n" \
|
" reco_delay=%%d default: 0 seconds\n" \
|
||||||
|
" reco_mode=%%d 0: copy session, 1: serialise session\n" \
|
||||||
|
" default: 1\n" \
|
||||||
" reconnect_hard=%%d default: 0 (disabled)\n" \
|
" reconnect_hard=%%d default: 0 (disabled)\n" \
|
||||||
USAGE_TICKETS \
|
USAGE_TICKETS \
|
||||||
USAGE_EAP_TLS \
|
USAGE_EAP_TLS \
|
||||||
|
@ -458,6 +462,7 @@ struct options
|
||||||
int dhmlen; /* minimum DHM params len in bits */
|
int dhmlen; /* minimum DHM params len in bits */
|
||||||
int reconnect; /* attempt to resume session */
|
int reconnect; /* attempt to resume session */
|
||||||
int reco_delay; /* delay in seconds before resuming session */
|
int reco_delay; /* delay in seconds before resuming session */
|
||||||
|
int reco_mode; /* how to keep the session around */
|
||||||
int reconnect_hard; /* unexpectedly reconnect from the same port */
|
int reconnect_hard; /* unexpectedly reconnect from the same port */
|
||||||
int tickets; /* enable / disable session tickets */
|
int tickets; /* enable / disable session tickets */
|
||||||
const char *curves; /* list of supported elliptic curves */
|
const char *curves; /* list of supported elliptic curves */
|
||||||
|
@ -1166,6 +1171,7 @@ int main( int argc, char *argv[] )
|
||||||
opt.dhmlen = DFL_DHMLEN;
|
opt.dhmlen = DFL_DHMLEN;
|
||||||
opt.reconnect = DFL_RECONNECT;
|
opt.reconnect = DFL_RECONNECT;
|
||||||
opt.reco_delay = DFL_RECO_DELAY;
|
opt.reco_delay = DFL_RECO_DELAY;
|
||||||
|
opt.reco_mode = DFL_RECO_MODE;
|
||||||
opt.reconnect_hard = DFL_RECONNECT_HARD;
|
opt.reconnect_hard = DFL_RECONNECT_HARD;
|
||||||
opt.tickets = DFL_TICKETS;
|
opt.tickets = DFL_TICKETS;
|
||||||
opt.alpn_string = DFL_ALPN_STRING;
|
opt.alpn_string = DFL_ALPN_STRING;
|
||||||
|
@ -1352,6 +1358,12 @@ int main( int argc, char *argv[] )
|
||||||
if( opt.reco_delay < 0 )
|
if( opt.reco_delay < 0 )
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "reco_mode" ) == 0 )
|
||||||
|
{
|
||||||
|
opt.reco_mode = atoi( q );
|
||||||
|
if( opt.reco_mode < 0 )
|
||||||
|
goto usage;
|
||||||
|
}
|
||||||
else if( strcmp( p, "reconnect_hard" ) == 0 )
|
else if( strcmp( p, "reconnect_hard" ) == 0 )
|
||||||
{
|
{
|
||||||
opt.reconnect_hard = atoi( q );
|
opt.reconnect_hard = atoi( q );
|
||||||
|
@ -2442,13 +2454,25 @@ int main( int argc, char *argv[] )
|
||||||
mbedtls_printf(" . Saving session for reuse..." );
|
mbedtls_printf(" . Saving session for reuse..." );
|
||||||
fflush( stdout );
|
fflush( stdout );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
|
if( opt.reco_mode == 1 )
|
||||||
session_data, sizeof( session_data ),
|
|
||||||
&session_data_len ) ) != 0 )
|
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
|
if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
|
||||||
-ret );
|
session_data, sizeof( session_data ),
|
||||||
goto exit;
|
&session_data_len ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
|
||||||
|
-ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n",
|
||||||
|
-ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_printf( " ok\n" );
|
mbedtls_printf( " ok\n" );
|
||||||
|
@ -2890,13 +2914,16 @@ reconnect:
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_session_load( &saved_session,
|
if( opt.reco_mode == 1 )
|
||||||
session_data,
|
|
||||||
session_data_len ) ) != 0 )
|
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n",
|
if( ( ret = mbedtls_ssl_session_load( &saved_session,
|
||||||
-ret );
|
session_data,
|
||||||
goto exit;
|
session_data_len ) ) != 0 )
|
||||||
|
{
|
||||||
|
mbedtls_printf( " failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n",
|
||||||
|
-ret );
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
|
if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
|
||||||
|
|
|
@ -2239,6 +2239,20 @@ run_test "Session resume using tickets: timeout" \
|
||||||
-S "a session has been resumed" \
|
-S "a session has been resumed" \
|
||||||
-C "a session has been resumed"
|
-C "a session has been resumed"
|
||||||
|
|
||||||
|
run_test "Session resume using tickets: session copy" \
|
||||||
|
"$P_SRV debug_level=3 tickets=1 cache_max=0" \
|
||||||
|
"$P_CLI debug_level=3 tickets=1 reconnect=1 reco_mode=0" \
|
||||||
|
0 \
|
||||||
|
-c "client hello, adding session ticket extension" \
|
||||||
|
-s "found session ticket extension" \
|
||||||
|
-s "server hello, adding session ticket extension" \
|
||||||
|
-c "found session_ticket extension" \
|
||||||
|
-c "parse new session ticket" \
|
||||||
|
-S "session successfully restored from cache" \
|
||||||
|
-s "session successfully restored from ticket" \
|
||||||
|
-s "a session has been resumed" \
|
||||||
|
-c "a session has been resumed"
|
||||||
|
|
||||||
run_test "Session resume using tickets: openssl server" \
|
run_test "Session resume using tickets: openssl server" \
|
||||||
"$O_SRV" \
|
"$O_SRV" \
|
||||||
"$P_CLI debug_level=3 tickets=1 reconnect=1" \
|
"$P_CLI debug_level=3 tickets=1 reconnect=1" \
|
||||||
|
@ -2304,6 +2318,20 @@ run_test "Session resume using tickets, DTLS: timeout" \
|
||||||
-S "a session has been resumed" \
|
-S "a session has been resumed" \
|
||||||
-C "a session has been resumed"
|
-C "a session has been resumed"
|
||||||
|
|
||||||
|
run_test "Session resume using tickets, DTLS: session copy" \
|
||||||
|
"$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
|
||||||
|
"$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_mode=0" \
|
||||||
|
0 \
|
||||||
|
-c "client hello, adding session ticket extension" \
|
||||||
|
-s "found session ticket extension" \
|
||||||
|
-s "server hello, adding session ticket extension" \
|
||||||
|
-c "found session_ticket extension" \
|
||||||
|
-c "parse new session ticket" \
|
||||||
|
-S "session successfully restored from cache" \
|
||||||
|
-s "session successfully restored from ticket" \
|
||||||
|
-s "a session has been resumed" \
|
||||||
|
-c "a session has been resumed"
|
||||||
|
|
||||||
run_test "Session resume using tickets, DTLS: openssl server" \
|
run_test "Session resume using tickets, DTLS: openssl server" \
|
||||||
"$O_SRV -dtls1" \
|
"$O_SRV -dtls1" \
|
||||||
"$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
|
"$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
|
||||||
|
@ -2400,6 +2428,15 @@ run_test "Session resume using cache: no timeout" \
|
||||||
-s "a session has been resumed" \
|
-s "a session has been resumed" \
|
||||||
-c "a session has been resumed"
|
-c "a session has been resumed"
|
||||||
|
|
||||||
|
run_test "Session resume using cache: session copy" \
|
||||||
|
"$P_SRV debug_level=3 tickets=0" \
|
||||||
|
"$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
|
||||||
|
0 \
|
||||||
|
-s "session successfully restored from cache" \
|
||||||
|
-S "session successfully restored from ticket" \
|
||||||
|
-s "a session has been resumed" \
|
||||||
|
-c "a session has been resumed"
|
||||||
|
|
||||||
run_test "Session resume using cache: openssl client" \
|
run_test "Session resume using cache: openssl client" \
|
||||||
"$P_SRV debug_level=3 tickets=0" \
|
"$P_SRV debug_level=3 tickets=0" \
|
||||||
"( $O_CLI -sess_out $SESSION; \
|
"( $O_CLI -sess_out $SESSION; \
|
||||||
|
@ -2495,6 +2532,15 @@ run_test "Session resume using cache, DTLS: no timeout" \
|
||||||
-s "a session has been resumed" \
|
-s "a session has been resumed" \
|
||||||
-c "a session has been resumed"
|
-c "a session has been resumed"
|
||||||
|
|
||||||
|
run_test "Session resume using cache, DTLS: session copy" \
|
||||||
|
"$P_SRV dtls=1 debug_level=3 tickets=0" \
|
||||||
|
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
|
||||||
|
0 \
|
||||||
|
-s "session successfully restored from cache" \
|
||||||
|
-S "session successfully restored from ticket" \
|
||||||
|
-s "a session has been resumed" \
|
||||||
|
-c "a session has been resumed"
|
||||||
|
|
||||||
run_test "Session resume using cache, DTLS: openssl client" \
|
run_test "Session resume using cache, DTLS: openssl client" \
|
||||||
"$P_SRV dtls=1 debug_level=3 tickets=0" \
|
"$P_SRV dtls=1 debug_level=3 tickets=0" \
|
||||||
"( $O_CLI -dtls1 -sess_out $SESSION; \
|
"( $O_CLI -dtls1 -sess_out $SESSION; \
|
||||||
|
|
Loading…
Reference in a new issue