From 5bcf2b081f4ba0ec395478611d19e03f0793c7b6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 21 Aug 2018 14:25:40 +0100 Subject: [PATCH] ssl-opt.sh: Allow spurious resend in DTLS session resumption test When a server replies to a cookieless ClientHello with a HelloVerifyRequest, it is supposed to reset the connection and wait for a subsequent ClientHello which includes the cookie from the HelloVerifyRequest. In testing environments, it might happen that the reset of the server takes longer than for the client to replying to the HelloVerifyRequest with the ClientHello+Cookie. In this case, the ClientHello gets lost and the client will need retransmit. This may happen even if the underlying datagram transport is reliable. This commit removes a guard in the ssl-opt.sh test 'DTLS fragmenting: proxy MTU, resumed handshake' which made the test fail in case the log showed a resend from the client. --- tests/ssl-opt.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 886c44cfa..9b416fbb2 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5171,6 +5171,9 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake" \ # Since we don't support reading fragmented ClientHello yet, # up the MTU to 1450 (larger than ClientHello with session ticket, # but still smaller than client's Certificate to ensure fragmentation). +# +# A resend on the client-side might happen if the server is +# slow to reset, therefore omitting '-C "resend"' below. not_with_valgrind # spurious resend due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C @@ -5187,7 +5190,6 @@ run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ mtu=1450 reconnect=1" \ 0 \ -S "resend" \ - -C "resend" \ -s "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \ -C "error"