diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 7bcba2438..a3c189d86 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -916,7 +916,7 @@ trap cleanup INT TERM HUP # ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) run_test "Default" \ "$P_SRV debug_level=3" \ - "$P_CLI" \ + "$P_CLI debug_level=3" \ 0 \ -s "Protocol is TLSv1.2" \ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ @@ -2206,6 +2206,8 @@ run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \ # Tests for Session Tickets +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: basic" \ "$P_SRV debug_level=3 tickets=1" \ "$P_CLI debug_level=3 tickets=1 reconnect=1" \ @@ -2220,6 +2222,8 @@ run_test "Session resume using tickets: basic" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: cache disabled" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 tickets=1 reconnect=1" \ @@ -2234,6 +2238,8 @@ run_test "Session resume using tickets: cache disabled" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: timeout" \ "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \ @@ -2248,6 +2254,8 @@ run_test "Session resume using tickets: timeout" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: session copy" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_mode=0" \ @@ -2262,6 +2270,8 @@ run_test "Session resume using tickets: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: openssl server" \ "$O_SRV" \ "$P_CLI debug_level=3 tickets=1 reconnect=1" \ @@ -2271,6 +2281,8 @@ run_test "Session resume using tickets: openssl server" \ -c "parse new session ticket" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: openssl client" \ "$P_SRV debug_level=3 tickets=1" \ "( $O_CLI -sess_out $SESSION; \ @@ -2285,6 +2297,8 @@ run_test "Session resume using tickets: openssl client" \ # Tests for Session Tickets with DTLS +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: basic" \ "$P_SRV debug_level=3 dtls=1 tickets=1" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \ @@ -2299,6 +2313,8 @@ run_test "Session resume using tickets, DTLS: basic" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: cache disabled" \ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \ @@ -2313,6 +2329,8 @@ run_test "Session resume using tickets, DTLS: cache disabled" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: timeout" \ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_delay=2" \ @@ -2327,6 +2345,8 @@ run_test "Session resume using tickets, DTLS: timeout" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: session copy" \ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_mode=0" \ @@ -2341,6 +2361,8 @@ run_test "Session resume using tickets, DTLS: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: openssl server" \ "$O_SRV -dtls1" \ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ @@ -2350,6 +2372,8 @@ run_test "Session resume using tickets, DTLS: openssl server" \ -c "parse new session ticket" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: openssl client" \ "$P_SRV dtls=1 debug_level=3 tickets=1" \ "( $O_CLI -dtls1 -sess_out $SESSION; \ @@ -2364,6 +2388,9 @@ run_test "Session resume using tickets, DTLS: openssl client" \ # Tests for Session Resume based on session-ID and cache +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: tickets enabled on client" \ "$P_SRV debug_level=3 tickets=0" \ "$P_CLI debug_level=3 tickets=1 reconnect=1" \ @@ -2378,6 +2405,9 @@ run_test "Session resume using cache: tickets enabled on client" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: tickets enabled on server" \ "$P_SRV debug_level=3 tickets=1" \ "$P_CLI debug_level=3 tickets=0 reconnect=1" \ @@ -2392,6 +2422,8 @@ run_test "Session resume using cache: tickets enabled on server" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: cache_max=0" \ "$P_SRV debug_level=3 tickets=0 cache_max=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1" \ @@ -2401,6 +2433,8 @@ run_test "Session resume using cache: cache_max=0" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: cache_max=1" \ "$P_SRV debug_level=3 tickets=0 cache_max=1" \ "$P_CLI debug_level=3 tickets=0 reconnect=1" \ @@ -2410,6 +2444,8 @@ run_test "Session resume using cache: cache_max=1" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: timeout > delay" \ "$P_SRV debug_level=3 tickets=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ @@ -2419,6 +2455,8 @@ run_test "Session resume using cache: timeout > delay" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: timeout < delay" \ "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ @@ -2428,6 +2466,8 @@ run_test "Session resume using cache: timeout < delay" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: no timeout" \ "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ @@ -2437,6 +2477,8 @@ run_test "Session resume using cache: no timeout" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: session copy" \ "$P_SRV debug_level=3 tickets=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \ @@ -2446,6 +2488,8 @@ run_test "Session resume using cache: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: openssl client" \ "$P_SRV debug_level=3 tickets=0" \ "( $O_CLI -sess_out $SESSION; \ @@ -2458,6 +2502,8 @@ run_test "Session resume using cache: openssl client" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache: openssl server" \ "$O_SRV" \ "$P_CLI debug_level=3 tickets=0 reconnect=1" \ @@ -2468,6 +2514,9 @@ run_test "Session resume using cache: openssl server" \ # Tests for Session Resume based on session-ID and cache, DTLS +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: tickets enabled on client" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ @@ -2482,6 +2531,9 @@ run_test "Session resume using cache, DTLS: tickets enabled on client" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: tickets enabled on server" \ "$P_SRV dtls=1 debug_level=3 tickets=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ @@ -2496,6 +2548,8 @@ run_test "Session resume using cache, DTLS: tickets enabled on server" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: cache_max=0" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ @@ -2505,6 +2559,8 @@ run_test "Session resume using cache, DTLS: cache_max=0" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: cache_max=1" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ @@ -2514,6 +2570,8 @@ run_test "Session resume using cache, DTLS: cache_max=1" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: timeout > delay" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ @@ -2523,6 +2581,8 @@ run_test "Session resume using cache, DTLS: timeout > delay" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: timeout < delay" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ @@ -2532,6 +2592,8 @@ run_test "Session resume using cache, DTLS: timeout < delay" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: no timeout" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ @@ -2541,6 +2603,8 @@ run_test "Session resume using cache, DTLS: no timeout" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: session copy" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_mode=0" \ @@ -2550,6 +2614,8 @@ run_test "Session resume using cache, DTLS: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: openssl client" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "( $O_CLI -dtls1 -sess_out $SESSION; \ @@ -2562,6 +2628,8 @@ run_test "Session resume using cache, DTLS: openssl client" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "Session resume using cache, DTLS: openssl server" \ "$O_SRV -dtls1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ @@ -8006,6 +8074,9 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \ -c "HTTP/1.0 200 OK" client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "DTLS proxy: 3d, min handshake, resumption" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -8020,6 +8091,9 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \ -c "HTTP/1.0 200 OK" client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_SESSION_RESUMPTION +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SESSION_CACHE run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \