ECJPAKE: Fix intermittently failing tests

In some tests in ssl-opt.sh the client finishes sooner and the server
gets killed before it could reach certain errors. Consequently the
the script doesn't find the error it is looking for and the test fails.

To resolve this issue, we introduce a per-test option to wait after the
client finishes.
This commit is contained in:
Janos Follath 2016-09-02 13:45:28 +01:00 committed by Simon Butcher
parent 327d66520e
commit 74537a69fd

View File

@ -166,10 +166,15 @@ only_with_valgrind() {
} }
# multiply the client timeout delay by the given factor for the next test # multiply the client timeout delay by the given factor for the next test
needs_more_time() { client_needs_more_time() {
CLI_DELAY_FACTOR=$1 CLI_DELAY_FACTOR=$1
} }
# wait for the given seconds after the client finished in the next test
server_needs_more_time() {
SRV_DELAY_SECONDS=$1
}
# print_name <name> # print_name <name>
print_name() { print_name() {
TESTS=$(( $TESTS + 1 )) TESTS=$(( $TESTS + 1 ))
@ -307,6 +312,9 @@ wait_client_done() {
wait $DOG_PID wait $DOG_PID
echo "EXIT: $CLI_EXIT" >> $CLI_OUT echo "EXIT: $CLI_EXIT" >> $CLI_OUT
sleep $SRV_DELAY_SECONDS
SRV_DELAY_SECONDS=0
} }
# check if the given command uses dtls and sets global variable DTLS # check if the given command uses dtls and sets global variable DTLS
@ -574,6 +582,7 @@ else
DOG_DELAY=10 DOG_DELAY=10
fi fi
CLI_DELAY_FACTOR=1 CLI_DELAY_FACTOR=1
SRV_DELAY_SECONDS=0
# Pick a "unique" server port in the range 10000-19999, and a proxy port # Pick a "unique" server port in the range 10000-19999, and a proxy port
PORT_BASE="0000$$" PORT_BASE="0000$$"
@ -2674,6 +2683,7 @@ run_test "ECJPAKE: working, TLS" \
-S "None of the common ciphersuites is usable" \ -S "None of the common ciphersuites is usable" \
-S "SSL - Verification of the message MAC failed" -S "SSL - Verification of the message MAC failed"
server_needs_more_time 1
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
run_test "ECJPAKE: password mismatch, TLS" \ run_test "ECJPAKE: password mismatch, TLS" \
"$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \
@ -2701,6 +2711,7 @@ run_test "ECJPAKE: working, DTLS, no cookie" \
-C "re-using cached ecjpake parameters" \ -C "re-using cached ecjpake parameters" \
-S "SSL - Verification of the message MAC failed" -S "SSL - Verification of the message MAC failed"
server_needs_more_time 1
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
run_test "ECJPAKE: password mismatch, DTLS" \ run_test "ECJPAKE: password mismatch, DTLS" \
"$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
@ -3369,7 +3380,7 @@ run_test "DTLS proxy: delay ChangeCipherSpec" \
# Tests for "randomly unreliable connection": try a variety of flows and peers # Tests for "randomly unreliable connection": try a variety of flows and peers
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3380,7 +3391,7 @@ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
@ -3390,7 +3401,7 @@ run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \ run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
@ -3399,7 +3410,7 @@ run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d, FS, client auth" \ run_test "DTLS proxy: 3d, FS, client auth" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \
@ -3408,7 +3419,7 @@ run_test "DTLS proxy: 3d, FS, client auth" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d, FS, ticket" \ run_test "DTLS proxy: 3d, FS, ticket" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \
@ -3417,7 +3428,7 @@ run_test "DTLS proxy: 3d, FS, ticket" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \
@ -3426,7 +3437,7 @@ run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d, max handshake, nbio" \ run_test "DTLS proxy: 3d, max handshake, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \ "$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \
@ -3436,7 +3447,7 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 4 client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, resumption" \ run_test "DTLS proxy: 3d, min handshake, resumption" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3450,7 +3461,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 4 client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3464,7 +3475,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 4 client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3478,7 +3489,7 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 4 client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3492,7 +3503,7 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 4 client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3507,7 +3518,7 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 4 client_needs_more_time 4
run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@ -3522,7 +3533,7 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 6 client_needs_more_time 6
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, openssl server" \ run_test "DTLS proxy: 3d, openssl server" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
@ -3531,7 +3542,7 @@ run_test "DTLS proxy: 3d, openssl server" \
0 \ 0 \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 8 client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, openssl server, fragmentation" \ run_test "DTLS proxy: 3d, openssl server, fragmentation" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
@ -3540,7 +3551,7 @@ run_test "DTLS proxy: 3d, openssl server, fragmentation" \
0 \ 0 \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
needs_more_time 8 client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
@ -3550,7 +3561,7 @@ run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
requires_gnutls requires_gnutls
needs_more_time 6 client_needs_more_time 6
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, gnutls server" \ run_test "DTLS proxy: 3d, gnutls server" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
@ -3561,7 +3572,7 @@ run_test "DTLS proxy: 3d, gnutls server" \
-c "Extra-header:" -c "Extra-header:"
requires_gnutls requires_gnutls
needs_more_time 8 client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
@ -3572,7 +3583,7 @@ run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
-c "Extra-header:" -c "Extra-header:"
requires_gnutls requires_gnutls
needs_more_time 8 client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \