diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c19f7463b..60879b566 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1131,7 +1131,8 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ -S "server hello, adding CID extension" \ -C "found CID extension" \ -S "Copy CIDs into SSL transform" \ - -C "Copy CIDs into SSL transform" + -C "Copy CIDs into SSL transform" \ + -c "Use of Connection ID was rejected by the server" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ @@ -1145,7 +1146,8 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ -S "server hello, adding CID extension" \ -C "found CID extension" \ -S "Copy CIDs into SSL transform" \ - -C "Copy CIDs into SSL transform" + -C "Copy CIDs into SSL transform" \ + -s "Use of Connection ID was not offered by the client" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ @@ -1161,7 +1163,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1177,7 +1183,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 4 Bytes): de ad be ef" \ + -s "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1193,7 +1203,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -s "Peer CID (length 4 Bytes): de ad be ef" \ + -c "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1209,7 +1223,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -S "Use of Connection ID has been negotiated" \ + -C "Use of Connection ID has been negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1225,7 +1241,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1241,7 +1261,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 4 Bytes): de ad be ef" \ + -s "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1257,7 +1281,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -s "Peer CID (length 4 Bytes): de ad be ef" \ + -c "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1273,7 +1301,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -S "Use of Connection ID has been negotiated" \ + -C "Use of Connection ID has been negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1289,7 +1319,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1305,7 +1339,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 4 Bytes): de ad be ef" \ + -s "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1321,7 +1359,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -s "Peer CID (length 4 Bytes): de ad be ef" \ + -c "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1337,7 +1379,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -S "Use of Connection ID has been negotiated" \ + -C "Use of Connection ID has been negotiated" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1354,7 +1398,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" # Tests for Encrypt-then-MAC extension