From 74537a69fdca1b304d2b68069193edf6cbc08743 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 2 Sep 2016 13:45:28 +0100
Subject: [PATCH] ECJPAKE: Fix intermittently failing tests

In some tests in ssl-opt.sh the client finishes sooner and the server
gets killed before it could reach certain errors. Consequently the
the script doesn't find the error it is looking for and the test fails.

To resolve this issue, we introduce a per-test option to wait after the
client finishes.
---
 tests/ssl-opt.sh | 51 +++++++++++++++++++++++++++++-------------------
 1 file changed, 31 insertions(+), 20 deletions(-)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 863524200..d9c45cd7a 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -166,10 +166,15 @@ only_with_valgrind() {
 }
 
 # multiply the client timeout delay by the given factor for the next test
-needs_more_time() {
+client_needs_more_time() {
     CLI_DELAY_FACTOR=$1
 }
 
+# wait for the given seconds after the client finished in the next test
+server_needs_more_time() {
+    SRV_DELAY_SECONDS=$1
+}
+
 # print_name <name>
 print_name() {
     TESTS=$(( $TESTS + 1 ))
@@ -307,6 +312,9 @@ wait_client_done() {
     wait $DOG_PID
 
     echo "EXIT: $CLI_EXIT" >> $CLI_OUT
+
+    sleep $SRV_DELAY_SECONDS
+    SRV_DELAY_SECONDS=0
 }
 
 # check if the given command uses dtls and sets global variable DTLS
@@ -574,6 +582,7 @@ else
     DOG_DELAY=10
 fi
 CLI_DELAY_FACTOR=1
+SRV_DELAY_SECONDS=0
 
 # Pick a "unique" server port in the range 10000-19999, and a proxy port
 PORT_BASE="0000$$"
@@ -2674,6 +2683,7 @@ run_test    "ECJPAKE: working, TLS" \
             -S "None of the common ciphersuites is usable" \
             -S "SSL - Verification of the message MAC failed"
 
+server_needs_more_time 1
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
 run_test    "ECJPAKE: password mismatch, TLS" \
             "$P_SRV debug_level=3 ecjpake_pw=bla" \
@@ -2701,6 +2711,7 @@ run_test    "ECJPAKE: working, DTLS, no cookie" \
             -C "re-using cached ecjpake parameters" \
             -S "SSL - Verification of the message MAC failed"
 
+server_needs_more_time 1
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
 run_test    "ECJPAKE: password mismatch, DTLS" \
             "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
@@ -3369,7 +3380,7 @@ run_test    "DTLS proxy: delay ChangeCipherSpec" \
 
 # Tests for "randomly unreliable connection": try a variety of flows and peers
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3380,7 +3391,7 @@ run_test    "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d, \"short\" RSA handshake" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
@@ -3390,7 +3401,7 @@ run_test    "DTLS proxy: 3d, \"short\" RSA handshake" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none" \
@@ -3399,7 +3410,7 @@ run_test    "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d, FS, client auth" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=required" \
@@ -3408,7 +3419,7 @@ run_test    "DTLS proxy: 3d, FS, client auth" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d, FS, ticket" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=none" \
@@ -3417,7 +3428,7 @@ run_test    "DTLS proxy: 3d, FS, ticket" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=1 auth_mode=required" \
@@ -3426,7 +3437,7 @@ run_test    "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 2
+client_needs_more_time 2
 run_test    "DTLS proxy: 3d, max handshake, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 nbio=2 tickets=1 \
@@ -3436,7 +3447,7 @@ run_test    "DTLS proxy: 3d, max handshake, nbio" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 4
+client_needs_more_time 4
 run_test    "DTLS proxy: 3d, min handshake, resumption" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3450,7 +3461,7 @@ run_test    "DTLS proxy: 3d, min handshake, resumption" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 4
+client_needs_more_time 4
 run_test    "DTLS proxy: 3d, min handshake, resumption, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3464,7 +3475,7 @@ run_test    "DTLS proxy: 3d, min handshake, resumption, nbio" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 4
+client_needs_more_time 4
 run_test    "DTLS proxy: 3d, min handshake, client-initiated renego" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3478,7 +3489,7 @@ run_test    "DTLS proxy: 3d, min handshake, client-initiated renego" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 4
+client_needs_more_time 4
 run_test    "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3492,7 +3503,7 @@ run_test    "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 4
+client_needs_more_time 4
 run_test    "DTLS proxy: 3d, min handshake, server-initiated renego" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3507,7 +3518,7 @@ run_test    "DTLS proxy: 3d, min handshake, server-initiated renego" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 4
+client_needs_more_time 4
 run_test    "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 hs_timeout=250-10000 tickets=0 auth_mode=none \
@@ -3522,7 +3533,7 @@ run_test    "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 6
+client_needs_more_time 6
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, openssl server" \
             -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
@@ -3531,7 +3542,7 @@ run_test    "DTLS proxy: 3d, openssl server" \
             0 \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 8
+client_needs_more_time 8
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, openssl server, fragmentation" \
             -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
@@ -3540,7 +3551,7 @@ run_test    "DTLS proxy: 3d, openssl server, fragmentation" \
             0 \
             -c "HTTP/1.0 200 OK"
 
-needs_more_time 8
+client_needs_more_time 8
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
@@ -3550,7 +3561,7 @@ run_test    "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
             -c "HTTP/1.0 200 OK"
 
 requires_gnutls
-needs_more_time 6
+client_needs_more_time 6
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, gnutls server" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
@@ -3561,7 +3572,7 @@ run_test    "DTLS proxy: 3d, gnutls server" \
             -c "Extra-header:"
 
 requires_gnutls
-needs_more_time 8
+client_needs_more_time 8
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, gnutls server, fragmentation" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
@@ -3572,7 +3583,7 @@ run_test    "DTLS proxy: 3d, gnutls server, fragmentation" \
             -c "Extra-header:"
 
 requires_gnutls
-needs_more_time 8
+client_needs_more_time 8
 not_with_valgrind # risk of non-mbedtls peer timing out
 run_test    "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \