test: Add test cases for separately reduced inward/outward buffer sizes
This commit is contained in:
parent
d8213d00db
commit
c4dd07369f
2 changed files with 142 additions and 77 deletions
|
@ -520,6 +520,28 @@ tests/ssl-opt.sh -f RSA
|
||||||
msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
|
msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
|
||||||
tests/compat.sh -t RSA
|
tests/compat.sh -t RSA
|
||||||
|
|
||||||
|
msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
|
||||||
|
cleanup
|
||||||
|
cp "$CONFIG_H" "$CONFIG_BAK"
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment\|Large packet"
|
||||||
|
|
||||||
|
msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
|
||||||
|
cleanup
|
||||||
|
cp "$CONFIG_H" "$CONFIG_BAK"
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 4096
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment"
|
||||||
|
|
||||||
msg "build: cmake, full config, clang" # ~ 50s
|
msg "build: cmake, full config, clang" # ~ 50s
|
||||||
cleanup
|
cleanup
|
||||||
cp "$CONFIG_H" "$CONFIG_BAK"
|
cp "$CONFIG_H" "$CONFIG_BAK"
|
||||||
|
@ -616,6 +638,7 @@ scripts/config.pl unset MBEDTLS_NET_C # getaddrinfo() undeclared, etc.
|
||||||
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
|
scripts/config.pl set MBEDTLS_NO_PLATFORM_ENTROPY # uses syscall() on GNU/Linux
|
||||||
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
|
make CC=gcc CFLAGS='-Werror -Wall -Wextra -O0 -std=c99 -pedantic' lib
|
||||||
|
|
||||||
|
# Run max fragment length tests with MFL disabled
|
||||||
msg "build: default config except MFL extension (ASan build)" # ~ 30s
|
msg "build: default config except MFL extension (ASan build)" # ~ 30s
|
||||||
cleanup
|
cleanup
|
||||||
cp "$CONFIG_H" "$CONFIG_BAK"
|
cp "$CONFIG_H" "$CONFIG_BAK"
|
||||||
|
@ -626,6 +649,18 @@ make
|
||||||
msg "test: ssl-opt.sh, MFL-related tests"
|
msg "test: ssl-opt.sh, MFL-related tests"
|
||||||
if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment length"
|
||||||
|
|
||||||
|
msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
|
||||||
|
cleanup
|
||||||
|
cp "$CONFIG_H" "$CONFIG_BAK"
|
||||||
|
scripts/config.pl unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_IN_CONTENT_LEN 16384
|
||||||
|
scripts/config.pl set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
msg "test: MFL tests (disabled MFL extension case) & large packet tests"
|
||||||
|
if_build_succeeded tests/ssl-opt.sh -f "Max fragment length\|Large buffer"
|
||||||
|
|
||||||
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
|
msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)"
|
||||||
cleanup
|
cleanup
|
||||||
cp "$CONFIG_H" "$CONFIG_BAK"
|
cp "$CONFIG_H" "$CONFIG_BAK"
|
||||||
|
|
184
tests/ssl-opt.sh
184
tests/ssl-opt.sh
|
@ -21,6 +21,11 @@
|
||||||
|
|
||||||
set -u
|
set -u
|
||||||
|
|
||||||
|
if cd $( dirname $0 ); then :; else
|
||||||
|
echo "cd $( dirname $0 ) failed" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# default values, can be overriden by the environment
|
# default values, can be overriden by the environment
|
||||||
: ${P_SRV:=../programs/ssl/ssl_server2}
|
: ${P_SRV:=../programs/ssl/ssl_server2}
|
||||||
: ${P_CLI:=../programs/ssl/ssl_client2}
|
: ${P_CLI:=../programs/ssl/ssl_client2}
|
||||||
|
@ -178,6 +183,25 @@ requires_ipv6() {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Calculate the input & output maximum content lengths set in the config
|
||||||
|
MAX_CONTENT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384")
|
||||||
|
MAX_IN_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
|
||||||
|
MAX_OUT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
|
||||||
|
|
||||||
|
if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
|
||||||
|
MAX_CONTENT_LEN="$MAX_IN_LEN"
|
||||||
|
fi
|
||||||
|
if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
|
||||||
|
MAX_CONTENT_LEN="$MAX_OUT_LEN"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# skip the next test if the SSL output buffer is less than 16KB
|
||||||
|
requires_full_size_output_buffer() {
|
||||||
|
if [ "$MAX_OUT_LEN" -ne 16384 ]; then
|
||||||
|
SKIP_NEXT="YES"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
# skip the next test if valgrind is in use
|
# skip the next test if valgrind is in use
|
||||||
not_with_valgrind() {
|
not_with_valgrind() {
|
||||||
if [ "$MEMCHECK" -gt 0 ]; then
|
if [ "$MEMCHECK" -gt 0 ]; then
|
||||||
|
@ -626,11 +650,6 @@ cleanup() {
|
||||||
# MAIN
|
# MAIN
|
||||||
#
|
#
|
||||||
|
|
||||||
if cd $( dirname $0 ); then :; else
|
|
||||||
echo "cd $( dirname $0 ) failed" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
get_options "$@"
|
get_options "$@"
|
||||||
|
|
||||||
# sanity checks, avoid an avalanche of errors
|
# sanity checks, avoid an avalanche of errors
|
||||||
|
@ -1416,28 +1435,22 @@ run_test "Session resume using cache: openssl server" \
|
||||||
|
|
||||||
# Tests for Max Fragment Length extension
|
# Tests for Max Fragment Length extension
|
||||||
|
|
||||||
MAX_CONTENT_LEN_EXPECT='16384'
|
if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
|
||||||
MAX_CONTENT_LEN_CONFIG=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN)
|
printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n"
|
||||||
|
|
||||||
if [ -n "$MAX_CONTENT_LEN_CONFIG" ] && [ "$MAX_CONTENT_LEN_CONFIG" -ne "$MAX_CONTENT_LEN_EXPECT" ]; then
|
|
||||||
printf "The ${CONFIG_H} file contains a value for the configuration of\n"
|
|
||||||
printf "MBEDTLS_SSL_MAX_CONTENT_LEN that is different from the script’s\n"
|
|
||||||
printf "test value of ${MAX_CONTENT_LEN_EXPECT}. \n"
|
|
||||||
printf "\n"
|
|
||||||
printf "The tests assume this value and if it changes, the tests in this\n"
|
|
||||||
printf "script should also be adjusted.\n"
|
|
||||||
printf "\n"
|
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ $MAX_CONTENT_LEN -ne 16384 ]; then
|
||||||
|
printf "Using non-default maximum content length $MAX_CONTENT_LEN\n"
|
||||||
|
fi
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
run_test "Max fragment length: enabled, default" \
|
run_test "Max fragment length: enabled, default" \
|
||||||
"$P_SRV debug_level=3" \
|
"$P_SRV debug_level=3" \
|
||||||
"$P_CLI debug_level=3" \
|
"$P_CLI debug_level=3" \
|
||||||
0 \
|
0 \
|
||||||
-c "Maximum fragment length is 16384" \
|
-c "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-s "Maximum fragment length is 16384" \
|
-s "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-C "client hello, adding max_fragment_length extension" \
|
-C "client hello, adding max_fragment_length extension" \
|
||||||
-S "found max fragment length extension" \
|
-S "found max fragment length extension" \
|
||||||
-S "server hello, max_fragment_length extension" \
|
-S "server hello, max_fragment_length extension" \
|
||||||
|
@ -1446,46 +1459,50 @@ run_test "Max fragment length: enabled, default" \
|
||||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
run_test "Max fragment length: enabled, default, larger message" \
|
run_test "Max fragment length: enabled, default, larger message" \
|
||||||
"$P_SRV debug_level=3" \
|
"$P_SRV debug_level=3" \
|
||||||
"$P_CLI debug_level=3 request_size=16385" \
|
"$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||||
0 \
|
0 \
|
||||||
-c "Maximum fragment length is 16384" \
|
-c "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-s "Maximum fragment length is 16384" \
|
-s "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-C "client hello, adding max_fragment_length extension" \
|
-C "client hello, adding max_fragment_length extension" \
|
||||||
-S "found max fragment length extension" \
|
-S "found max fragment length extension" \
|
||||||
-S "server hello, max_fragment_length extension" \
|
-S "server hello, max_fragment_length extension" \
|
||||||
-C "found max_fragment_length extension" \
|
-C "found max_fragment_length extension" \
|
||||||
-c "16385 bytes written in 2 fragments" \
|
-c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
|
||||||
-s "16384 bytes read" \
|
-s "$MAX_CONTENT_LEN bytes read" \
|
||||||
-s "1 bytes read"
|
-s "1 bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
run_test "Max fragment length, DTLS: enabled, default, larger message" \
|
run_test "Max fragment length, DTLS: enabled, default, larger message" \
|
||||||
"$P_SRV debug_level=3 dtls=1" \
|
"$P_SRV debug_level=3 dtls=1" \
|
||||||
"$P_CLI debug_level=3 dtls=1 request_size=16385" \
|
"$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||||
1 \
|
1 \
|
||||||
-c "Maximum fragment length is 16384" \
|
-c "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-s "Maximum fragment length is 16384" \
|
-s "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-C "client hello, adding max_fragment_length extension" \
|
-C "client hello, adding max_fragment_length extension" \
|
||||||
-S "found max fragment length extension" \
|
-S "found max fragment length extension" \
|
||||||
-S "server hello, max_fragment_length extension" \
|
-S "server hello, max_fragment_length extension" \
|
||||||
-C "found max_fragment_length extension" \
|
-C "found max_fragment_length extension" \
|
||||||
-c "fragment larger than.*maximum "
|
-c "fragment larger than.*maximum "
|
||||||
|
|
||||||
|
# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled
|
||||||
|
# (session fragment length will be 16384 regardless of mbedtls
|
||||||
|
# content length configuration.)
|
||||||
|
|
||||||
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
run_test "Max fragment length: disabled, larger message" \
|
run_test "Max fragment length: disabled, larger message" \
|
||||||
"$P_SRV debug_level=3" \
|
"$P_SRV debug_level=3" \
|
||||||
"$P_CLI debug_level=3 request_size=16385" \
|
"$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||||
0 \
|
0 \
|
||||||
-C "Maximum fragment length is 16384" \
|
-C "Maximum fragment length is 16384" \
|
||||||
-S "Maximum fragment length is 16384" \
|
-S "Maximum fragment length is 16384" \
|
||||||
-c "16385 bytes written in 2 fragments" \
|
-c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
|
||||||
-s "16384 bytes read" \
|
-s "$MAX_CONTENT_LEN bytes read" \
|
||||||
-s "1 bytes read"
|
-s "1 bytes read"
|
||||||
|
|
||||||
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
|
||||||
run_test "Max fragment length DTLS: disabled, larger message" \
|
run_test "Max fragment length DTLS: disabled, larger message" \
|
||||||
"$P_SRV debug_level=3 dtls=1" \
|
"$P_SRV debug_level=3 dtls=1" \
|
||||||
"$P_CLI debug_level=3 dtls=1 request_size=16385" \
|
"$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
|
||||||
1 \
|
1 \
|
||||||
-C "Maximum fragment length is 16384" \
|
-C "Maximum fragment length is 16384" \
|
||||||
-S "Maximum fragment length is 16384" \
|
-S "Maximum fragment length is 16384" \
|
||||||
|
@ -1508,7 +1525,7 @@ run_test "Max fragment length: used by server" \
|
||||||
"$P_SRV debug_level=3 max_frag_len=4096" \
|
"$P_SRV debug_level=3 max_frag_len=4096" \
|
||||||
"$P_CLI debug_level=3" \
|
"$P_CLI debug_level=3" \
|
||||||
0 \
|
0 \
|
||||||
-c "Maximum fragment length is 16384" \
|
-c "Maximum fragment length is $MAX_CONTENT_LEN" \
|
||||||
-s "Maximum fragment length is 4096" \
|
-s "Maximum fragment length is 4096" \
|
||||||
-C "client hello, adding max_fragment_length extension" \
|
-C "client hello, adding max_fragment_length extension" \
|
||||||
-S "found max fragment length extension" \
|
-S "found max fragment length extension" \
|
||||||
|
@ -2376,6 +2393,7 @@ if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: server max_int chain, client default" \
|
run_test "Authentication: server max_int chain, client default" \
|
||||||
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
|
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
|
||||||
key_file=data_files/dir-maxpath/09.key" \
|
key_file=data_files/dir-maxpath/09.key" \
|
||||||
|
@ -2383,6 +2401,7 @@ run_test "Authentication: server max_int chain, client default" \
|
||||||
0 \
|
0 \
|
||||||
-C "X509 - A fatal error occured"
|
-C "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: server max_int+1 chain, client default" \
|
run_test "Authentication: server max_int+1 chain, client default" \
|
||||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||||
key_file=data_files/dir-maxpath/10.key" \
|
key_file=data_files/dir-maxpath/10.key" \
|
||||||
|
@ -2390,6 +2409,7 @@ run_test "Authentication: server max_int+1 chain, client default" \
|
||||||
1 \
|
1 \
|
||||||
-c "X509 - A fatal error occured"
|
-c "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: server max_int+1 chain, client optional" \
|
run_test "Authentication: server max_int+1 chain, client optional" \
|
||||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||||
key_file=data_files/dir-maxpath/10.key" \
|
key_file=data_files/dir-maxpath/10.key" \
|
||||||
|
@ -2398,6 +2418,7 @@ run_test "Authentication: server max_int+1 chain, client optional" \
|
||||||
1 \
|
1 \
|
||||||
-c "X509 - A fatal error occured"
|
-c "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: server max_int+1 chain, client none" \
|
run_test "Authentication: server max_int+1 chain, client none" \
|
||||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||||
key_file=data_files/dir-maxpath/10.key" \
|
key_file=data_files/dir-maxpath/10.key" \
|
||||||
|
@ -2406,6 +2427,7 @@ run_test "Authentication: server max_int+1 chain, client none" \
|
||||||
0 \
|
0 \
|
||||||
-C "X509 - A fatal error occured"
|
-C "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: client max_int+1 chain, server default" \
|
run_test "Authentication: client max_int+1 chain, server default" \
|
||||||
"$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
|
"$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
|
||||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||||
|
@ -2413,6 +2435,7 @@ run_test "Authentication: client max_int+1 chain, server default" \
|
||||||
0 \
|
0 \
|
||||||
-S "X509 - A fatal error occured"
|
-S "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: client max_int+1 chain, server optional" \
|
run_test "Authentication: client max_int+1 chain, server optional" \
|
||||||
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
|
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
|
||||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||||
|
@ -2420,6 +2443,7 @@ run_test "Authentication: client max_int+1 chain, server optional" \
|
||||||
1 \
|
1 \
|
||||||
-s "X509 - A fatal error occured"
|
-s "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: client max_int+1 chain, server required" \
|
run_test "Authentication: client max_int+1 chain, server required" \
|
||||||
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
|
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
|
||||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||||
|
@ -2427,6 +2451,7 @@ run_test "Authentication: client max_int+1 chain, server required" \
|
||||||
1 \
|
1 \
|
||||||
-s "X509 - A fatal error occured"
|
-s "X509 - A fatal error occured"
|
||||||
|
|
||||||
|
requires_full_size_output_buffer
|
||||||
run_test "Authentication: client max_int chain, server required" \
|
run_test "Authentication: client max_int chain, server required" \
|
||||||
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
|
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
|
||||||
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
|
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
|
||||||
|
@ -3970,14 +3995,19 @@ run_test "SSLv3 with extensions, server side" \
|
||||||
|
|
||||||
# Test for large packets
|
# Test for large packets
|
||||||
|
|
||||||
|
# How many fragments do we expect to write $1 bytes?
|
||||||
|
fragments_for_write() {
|
||||||
|
echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
|
||||||
|
}
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
|
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
|
||||||
run_test "Large packet SSLv3 BlockCipher" \
|
run_test "Large packet SSLv3 BlockCipher" \
|
||||||
"$P_SRV min_version=ssl3" \
|
"$P_SRV min_version=ssl3" \
|
||||||
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
|
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
|
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
|
||||||
run_test "Large packet SSLv3 StreamCipher" \
|
run_test "Large packet SSLv3 StreamCipher" \
|
||||||
|
@ -3985,23 +4015,23 @@ run_test "Large packet SSLv3 StreamCipher" \
|
||||||
"$P_CLI request_size=16384 force_version=ssl3 \
|
"$P_CLI request_size=16384 force_version=ssl3 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.0 BlockCipher" \
|
run_test "Large packet TLS 1.0 BlockCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
|
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.0 BlockCipher, without EtM" \
|
run_test "Large packet TLS 1.0 BlockCipher, without EtM" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
|
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
|
run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
|
||||||
|
@ -4009,8 +4039,8 @@ run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
|
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
|
run_test "Large packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
|
||||||
|
@ -4018,21 +4048,21 @@ run_test "Large packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
|
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.0 StreamCipher" \
|
run_test "Large packet TLS 1.0 StreamCipher" \
|
||||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 \
|
"$P_CLI request_size=16384 force_version=tls1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.0 StreamCipher, without EtM" \
|
run_test "Large packet TLS 1.0 StreamCipher, without EtM" \
|
||||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 \
|
"$P_CLI request_size=16384 force_version=tls1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
|
run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
|
||||||
|
@ -4040,7 +4070,7 @@ run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 \
|
"$P_CLI request_size=16384 force_version=tls1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
|
run_test "Large packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
|
||||||
|
@ -4048,23 +4078,23 @@ run_test "Large packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1 \
|
"$P_CLI request_size=16384 force_version=tls1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.1 BlockCipher" \
|
run_test "Large packet TLS 1.1 BlockCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.1 BlockCipher, without EtM" \
|
run_test "Large packet TLS 1.1 BlockCipher, without EtM" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
|
"$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
|
run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
|
||||||
|
@ -4072,7 +4102,7 @@ run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
|
run_test "Large packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
|
||||||
|
@ -4080,23 +4110,23 @@ run_test "Large packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.1 StreamCipher" \
|
run_test "Large packet TLS 1.1 StreamCipher" \
|
||||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.1 StreamCipher, without EtM" \
|
run_test "Large packet TLS 1.1 StreamCipher, without EtM" \
|
||||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
|
run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
|
||||||
|
@ -4104,7 +4134,7 @@ run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
|
run_test "Large packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
|
||||||
|
@ -4112,31 +4142,31 @@ run_test "Large packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_1 \
|
"$P_CLI request_size=16384 force_version=tls1_1 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 BlockCipher" \
|
run_test "Large packet TLS 1.2 BlockCipher" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 BlockCipher, without EtM" \
|
run_test "Large packet TLS 1.2 BlockCipher, without EtM" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
|
"$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 BlockCipher larger MAC" \
|
run_test "Large packet TLS 1.2 BlockCipher larger MAC" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
|
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
|
run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
|
||||||
|
@ -4144,7 +4174,7 @@ run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
|
run_test "Large packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
|
||||||
|
@ -4152,23 +4182,23 @@ run_test "Large packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 StreamCipher" \
|
run_test "Large packet TLS 1.2 StreamCipher" \
|
||||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 StreamCipher, without EtM" \
|
run_test "Large packet TLS 1.2 StreamCipher, without EtM" \
|
||||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
|
run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
|
||||||
|
@ -4176,7 +4206,7 @@ run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
|
||||||
0 \
|
0 \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
run_test "Large packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
|
run_test "Large packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
|
||||||
|
@ -4184,24 +4214,24 @@ run_test "Large packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
|
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 AEAD" \
|
run_test "Large packet TLS 1.2 AEAD" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
run_test "Large packet TLS 1.2 AEAD shorter tag" \
|
run_test "Large packet TLS 1.2 AEAD shorter tag" \
|
||||||
"$P_SRV" \
|
"$P_SRV" \
|
||||||
"$P_CLI request_size=16384 force_version=tls1_2 \
|
"$P_CLI request_size=16384 force_version=tls1_2 \
|
||||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
|
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
|
||||||
0 \
|
0 \
|
||||||
-c "16384 bytes written in 1 fragments" \
|
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
|
||||||
-s "Read from client: 16384 bytes read"
|
-s "Read from client: $MAX_CONTENT_LEN bytes read"
|
||||||
|
|
||||||
# Tests of asynchronous private key support in SSL
|
# Tests of asynchronous private key support in SSL
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue