Allow client-side resend in proxy MTU tests

From Hanno:
When a server replies to a cookieless ClientHello with a HelloVerifyRequest,
it is supposed to reset the connection and wait for a subsequent ClientHello
which includes the cookie from the HelloVerifyRequest.
In testing environments, it might happen that the reset of the server
takes longer than for the client to replying to the HelloVerifyRequest
with the ClientHello+Cookie. In this case, the ClientHello gets lost
and the client will need retransmit. This may happen even if the underlying
datagram transport is reliable.
This commit is contained in:
Manuel Pégourié-Gonnard 2018-08-22 09:56:22 +02:00
parent 2f2d9020cd
commit 3d183cefb5

View file

@ -5112,6 +5112,8 @@ run_test "DTLS fragmenting: both (MTU)" \
-C "error" -C "error"
# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend # the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
# OTOH the client might resend if the server is to slow to reset after sending
# a HelloVerifyRequest, so only check for no retransmission server-side
not_with_valgrind # spurious resend due to timeout not_with_valgrind # spurious resend due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_RSA_C
@ -5128,7 +5130,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake" \
mtu=512" \ mtu=512" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"
@ -5157,7 +5158,6 @@ run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
mtu=1450 reconnect=1 reco_delay=1" \ mtu=1450 reconnect=1 reco_delay=1" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"
@ -5185,7 +5185,6 @@ run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
mtu=512" \ mtu=512" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"
@ -5214,7 +5213,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
mtu=512" \ mtu=512" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"
@ -5243,7 +5241,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
mtu=512" \ mtu=512" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"
@ -5273,7 +5270,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
mtu=512" \ mtu=512" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"
@ -5302,7 +5298,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
mtu=512" \ mtu=512" \
0 \ 0 \
-S "resend" \ -S "resend" \
-C "resend" \
-s "found fragmented DTLS handshake message" \ -s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \ -c "found fragmented DTLS handshake message" \
-C "error" -C "error"