mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-18 19:27:41 +00:00
ECJPAKE: Fix intermittently failing tests
In some tests in ssl-opt.sh the client finishes sooner and the server gets killed before it could reach certain errors. Consequently the the script doesn't find the error it is looking for and the test fails. To resolve this issue, we introduce a per-test option to wait after the client finishes.
This commit is contained in:
parent
327d66520e
commit
74537a69fd
@ -166,10 +166,15 @@ only_with_valgrind() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# multiply the client timeout delay by the given factor for the next test
|
# multiply the client timeout delay by the given factor for the next test
|
||||||
needs_more_time() {
|
client_needs_more_time() {
|
||||||
CLI_DELAY_FACTOR=$1
|
CLI_DELAY_FACTOR=$1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# wait for the given seconds after the client finished in the next test
|
||||||
|
server_needs_more_time() {
|
||||||
|
SRV_DELAY_SECONDS=$1
|
||||||
|
}
|
||||||
|
|
||||||
# print_name <name>
|
# print_name <name>
|
||||||
print_name() {
|
print_name() {
|
||||||
TESTS=$(( $TESTS + 1 ))
|
TESTS=$(( $TESTS + 1 ))
|
||||||
@ -307,6 +312,9 @@ wait_client_done() {
|
|||||||
wait $DOG_PID
|
wait $DOG_PID
|
||||||
|
|
||||||
echo "EXIT: $CLI_EXIT" >> $CLI_OUT
|
echo "EXIT: $CLI_EXIT" >> $CLI_OUT
|
||||||
|
|
||||||
|
sleep $SRV_DELAY_SECONDS
|
||||||
|
SRV_DELAY_SECONDS=0
|
||||||
}
|
}
|
||||||
|
|
||||||
# check if the given command uses dtls and sets global variable DTLS
|
# check if the given command uses dtls and sets global variable DTLS
|
||||||
@ -574,6 +582,7 @@ else
|
|||||||
DOG_DELAY=10
|
DOG_DELAY=10
|
||||||
fi
|
fi
|
||||||
CLI_DELAY_FACTOR=1
|
CLI_DELAY_FACTOR=1
|
||||||
|
SRV_DELAY_SECONDS=0
|
||||||
|
|
||||||
# Pick a "unique" server port in the range 10000-19999, and a proxy port
|
# Pick a "unique" server port in the range 10000-19999, and a proxy port
|
||||||
PORT_BASE="0000$$"
|
PORT_BASE="0000$$"
|
||||||
@ -2674,6 +2683,7 @@ run_test "ECJPAKE: working, TLS" \
|
|||||||
-S "None of the common ciphersuites is usable" \
|
-S "None of the common ciphersuites is usable" \
|
||||||
-S "SSL - Verification of the message MAC failed"
|
-S "SSL - Verification of the message MAC failed"
|
||||||
|
|
||||||
|
server_needs_more_time 1
|
||||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
||||||
run_test "ECJPAKE: password mismatch, TLS" \
|
run_test "ECJPAKE: password mismatch, TLS" \
|
||||||
"$P_SRV debug_level=3 ecjpake_pw=bla" \
|
"$P_SRV debug_level=3 ecjpake_pw=bla" \
|
||||||
@ -2701,6 +2711,7 @@ run_test "ECJPAKE: working, DTLS, no cookie" \
|
|||||||
-C "re-using cached ecjpake parameters" \
|
-C "re-using cached ecjpake parameters" \
|
||||||
-S "SSL - Verification of the message MAC failed"
|
-S "SSL - Verification of the message MAC failed"
|
||||||
|
|
||||||
|
server_needs_more_time 1
|
||||||
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
|
||||||
run_test "ECJPAKE: password mismatch, DTLS" \
|
run_test "ECJPAKE: password mismatch, DTLS" \
|
||||||
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
|
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
|
||||||
@ -3369,7 +3380,7 @@ run_test "DTLS proxy: delay ChangeCipherSpec" \
|
|||||||
|
|
||||||
# Tests for "randomly unreliable connection": try a variety of flows and peers
|
# Tests for "randomly unreliable connection": try a variety of flows and peers
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
|
run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3380,7 +3391,7 @@ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
|
run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
|
||||||
@ -3390,7 +3401,7 @@ run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
|
run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
|
||||||
@ -3399,7 +3410,7 @@ run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d, FS, client auth" \
|
run_test "DTLS proxy: 3d, FS, client auth" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \
|
||||||
@ -3408,7 +3419,7 @@ run_test "DTLS proxy: 3d, FS, client auth" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d, FS, ticket" \
|
run_test "DTLS proxy: 3d, FS, ticket" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \
|
||||||
@ -3417,7 +3428,7 @@ run_test "DTLS proxy: 3d, FS, ticket" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
|
run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \
|
||||||
@ -3426,7 +3437,7 @@ run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 2
|
client_needs_more_time 2
|
||||||
run_test "DTLS proxy: 3d, max handshake, nbio" \
|
run_test "DTLS proxy: 3d, max handshake, nbio" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \
|
"$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \
|
||||||
@ -3436,7 +3447,7 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 4
|
client_needs_more_time 4
|
||||||
run_test "DTLS proxy: 3d, min handshake, resumption" \
|
run_test "DTLS proxy: 3d, min handshake, resumption" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3450,7 +3461,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 4
|
client_needs_more_time 4
|
||||||
run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
|
run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3464,7 +3475,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 4
|
client_needs_more_time 4
|
||||||
run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
|
run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3478,7 +3489,7 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 4
|
client_needs_more_time 4
|
||||||
run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
|
run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3492,7 +3503,7 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 4
|
client_needs_more_time 4
|
||||||
run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
|
run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3507,7 +3518,7 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 4
|
client_needs_more_time 4
|
||||||
run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
|
run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
|
||||||
@ -3522,7 +3533,7 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
|
|||||||
-s "Extra-header:" \
|
-s "Extra-header:" \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 6
|
client_needs_more_time 6
|
||||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||||
run_test "DTLS proxy: 3d, openssl server" \
|
run_test "DTLS proxy: 3d, openssl server" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
||||||
@ -3531,7 +3542,7 @@ run_test "DTLS proxy: 3d, openssl server" \
|
|||||||
0 \
|
0 \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 8
|
client_needs_more_time 8
|
||||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||||
run_test "DTLS proxy: 3d, openssl server, fragmentation" \
|
run_test "DTLS proxy: 3d, openssl server, fragmentation" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
||||||
@ -3540,7 +3551,7 @@ run_test "DTLS proxy: 3d, openssl server, fragmentation" \
|
|||||||
0 \
|
0 \
|
||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
needs_more_time 8
|
client_needs_more_time 8
|
||||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||||
run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
|
run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
|
||||||
@ -3550,7 +3561,7 @@ run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
|
|||||||
-c "HTTP/1.0 200 OK"
|
-c "HTTP/1.0 200 OK"
|
||||||
|
|
||||||
requires_gnutls
|
requires_gnutls
|
||||||
needs_more_time 6
|
client_needs_more_time 6
|
||||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||||
run_test "DTLS proxy: 3d, gnutls server" \
|
run_test "DTLS proxy: 3d, gnutls server" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
@ -3561,7 +3572,7 @@ run_test "DTLS proxy: 3d, gnutls server" \
|
|||||||
-c "Extra-header:"
|
-c "Extra-header:"
|
||||||
|
|
||||||
requires_gnutls
|
requires_gnutls
|
||||||
needs_more_time 8
|
client_needs_more_time 8
|
||||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||||
run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
|
run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
@ -3572,7 +3583,7 @@ run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
|
|||||||
-c "Extra-header:"
|
-c "Extra-header:"
|
||||||
|
|
||||||
requires_gnutls
|
requires_gnutls
|
||||||
needs_more_time 8
|
client_needs_more_time 8
|
||||||
not_with_valgrind # risk of non-mbedtls peer timing out
|
not_with_valgrind # risk of non-mbedtls peer timing out
|
||||||
run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
|
run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
|
||||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||||
|
Loading…
x
Reference in New Issue
Block a user