cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-30 17:09:41 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5985 from zhangsenWang/development

Browse Source 
Re-enable four tests disabled because of an old OpenSSL bug
This commit is contained in:
Dave Rodgman 2022-08-16 09:56:58 +01:00 committed by GitHub
commit 8c9a0aebb3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
tests/ssl-opt.sh
View File

@ -9732,12 +9732,9 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
0 \ 0 \
-s "fragmenting handshake message" -s "fragmenting handshake message"
## Interop test with OpenSSL might trigger a bug in recent versions (including ## The test below requires 1.1.1a or higher version of openssl, otherwise
## all versions installed on the CI machines), reported here: ## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902)
## Bug report: https://github.com/openssl/openssl/issues/6902 requires_openssl_next
## They should be re-enabled once a fixed version of OpenSSL is available
## (this should happen in some 1.1.1_ release according to the ticket).
skip_next_test
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_ECDSA_C
@ -9745,7 +9742,7 @@ client_needs_more_time 4
requires_max_content_len 2048 requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \
"$O_SRV -dtls1_2 -verify 10" \ "$O_NEXT_SRV -dtls1_2 -verify 10" \
"$P_CLI dtls=1 debug_level=2 \ "$P_CLI dtls=1 debug_level=2 \
crt_file=data_files/server8_int-ca2.crt \ crt_file=data_files/server8_int-ca2.crt \
key_file=data_files/server8.key \ key_file=data_files/server8.key \
@ -9754,6 +9751,8 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
-c "fragmenting handshake message" \ -c "fragmenting handshake message" \
-C "error" -C "error"
## the test below will time out with certain seed.
## The cause is an openssl bug (https://github.com/openssl/openssl/issues/18887)
skip_next_test skip_next_test
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
@ -10831,40 +10830,38 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
-s "Extra-header:" \ -s "Extra-header:" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
## Interop tests with OpenSSL might trigger a bug in recent versions (including ## The three tests below require 1.1.1a or higher version of openssl, otherwise
## all versions installed on the CI machines), reported here: ## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902)
## Bug report: https://github.com/openssl/openssl/issues/6902 ## Besides, openssl should use dtls1_2 or dtls, otherwise it will cause "SSL alert number 70" error
## They should be re-enabled once a fixed version of OpenSSL is available requires_openssl_next
## (this should happen in some 1.1.1_ release according to the ticket).
skip_next_test
client_needs_more_time 6 client_needs_more_time 6
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS proxy: 3d, openssl server" \ run_test "DTLS proxy: 3d, openssl server" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
"$O_SRV -dtls1 -mtu 2048" \ "$O_NEXT_SRV -dtls1_2 -mtu 2048" \
"$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
0 \ 0 \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
skip_next_test # see above requires_openssl_next
client_needs_more_time 8 client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS proxy: 3d, openssl server, fragmentation" \ run_test "DTLS proxy: 3d, openssl server, fragmentation" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
"$O_SRV -dtls1 -mtu 768" \ "$O_NEXT_SRV -dtls1_2 -mtu 768" \
"$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
0 \ 0 \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
skip_next_test # see above requires_openssl_next
client_needs_more_time 8 client_needs_more_time 8
not_with_valgrind # risk of non-mbedtls peer timing out not_with_valgrind # risk of non-mbedtls peer timing out
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
"$O_SRV -dtls1 -mtu 768" \ "$O_NEXT_SRV -dtls1_2 -mtu 768" \
"$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
0 \ 0 \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"