diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ad38f5d26..bb31a3cde 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -9003,14 +9003,11 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl -C "dumping 'received mki' (8 bytes)" \ -C "error" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP all profiles supported. gnutls client." \ - "$P_SRV dtls=1 use_srtp=1 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ + "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -s "found srtp profile" \ @@ -9018,14 +9015,11 @@ run_test "DTLS-SRTP all profiles supported. gnutls client." \ -s "server hello, adding use_srtp extension" \ -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls client." \ - "$P_SRV dtls=1 use_srtp=1 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32" \ + "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -s "found srtp profile" \ @@ -9033,14 +9027,11 @@ run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, -s "server hello, adding use_srtp extension" \ -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \ - "$P_SRV dtls=1 use_srtp=1 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ + "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -s "found srtp profile: MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32" \ @@ -9048,14 +9039,11 @@ run_test "DTLS-SRTP server supports all profiles. Client supports one profile. -s "server hello, adding use_srtp extension" \ -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \ - "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=4 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ + "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=4 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -s "found srtp profile" \ @@ -9063,14 +9051,11 @@ run_test "DTLS-SRTP server supports one profile. Client supports all profiles. -s "server hello, adding use_srtp extension" \ -c "SRTP profile: SRTP_NULL_SHA1_32" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \ - "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ + "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -s "found srtp profile" \ @@ -9078,14 +9063,11 @@ run_test "DTLS-SRTP server and Client support only one matching profile. gnutls -s "server hello, adding use_srtp extension" \ -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \ - "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ + "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -s "found srtp profile" \ @@ -9093,20 +9075,18 @@ run_test "DTLS-SRTP server and Client support only one different profile. gnutl -S "server hello, adding use_srtp extension" \ -C "SRTP profile:" -# gnutls-cli resolves localhost as an IPv6 address, when enabled, -# and fails to send messagges over UDP, causing DTLS negotiation to fail. -# Force server to bind to IPv6 address -requires_ipv6 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \ - "$P_SRV dtls=1 debug_level=3 server_addr=::1" \ - "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ + "$P_SRV dtls=1 debug_level=3" \ + "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \ 0 \ -s "found use_srtp extension" \ -S "server hello, adding use_srtp extension" \ -C "SRTP profile:" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP all profiles supported. gnutls server" \ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ @@ -9118,6 +9098,7 @@ run_test "DTLS-SRTP all profiles supported. gnutls server" \ -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls server." \ "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ @@ -9129,6 +9110,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \ "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ @@ -9140,6 +9122,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports one profile. -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \ "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \ "$P_CLI dtls=1 use_srtp=30 debug_level=3" \ @@ -9151,6 +9134,7 @@ run_test "DTLS-SRTP server supports one profile. Client supports all profiles. -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ @@ -9162,6 +9146,7 @@ run_test "DTLS-SRTP server and Client support only one matching profile. gnutls -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=4 debug_level=3" \ @@ -9173,6 +9158,7 @@ run_test "DTLS-SRTP server and Client support only one different profile. gnutl -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \ "$G_SRV -u" \ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ @@ -9184,6 +9170,7 @@ run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \ -C "error" requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +requires_gnutls run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \