AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tests: Add negative version config tests.

Browse Source 
tls1.3 and tls1.2 can not be enabled at same
time before #4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-08-06 11:22:24 +08:00
parent 60835a88c3
commit c46e9b4091
1 changed files with 34 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
tests/ssl-opt.sh
View File

@ -693,6 +693,11 @@ find_in_both() {
fi fi
} }
SKIP_HANDSHAKE_CHECK="NO"
skip_handshake_stage_check() {
SKIP_HANDSHAKE_CHECK="YES"
}
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
# Options: -s pattern pattern that must be present in server output # Options: -s pattern pattern that must be present in server output
# -c pattern pattern that must be present in client output # -c pattern pattern that must be present in client output
@ -855,21 +860,25 @@ run_test() {
# (useful to avoid tests with only negative assertions and non-zero # (useful to avoid tests with only negative assertions and non-zero
# expected client exit to incorrectly succeed in case of catastrophic # expected client exit to incorrectly succeed in case of catastrophic
# failure) # failure)
if is_polar "$SRV_CMD"; then if [ "X$SKIP_HANDSHAKE_CHECK" != "XYES" ]
if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; then
else if is_polar "$SRV_CMD"; then
fail "server or client failed to reach handshake stage" if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
return else
fail "server or client failed to reach handshake stage"
return
fi
fi fi
fi if is_polar "$CLI_CMD"; then
if is_polar "$CLI_CMD"; then if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; else
else fail "server or client failed to reach handshake stage"
fail "server or client failed to reach handshake stage" return
return fi
fi fi
fi fi
SKIP_HANDSHAKE_CHECK="NO"
# Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
# exit with status 0 when interrupted by a signal, and we don't really # exit with status 0 when interrupted by a signal, and we don't really
# care anyway), in case e.g. the server reports a memory leak. # care anyway), in case e.g. the server reports a memory leak.
@ -8478,6 +8487,20 @@ run_test "export keys functionality" \
-c "EAP-TLS IV is:" \ -c "EAP-TLS IV is:" \
-s "EAP-TLS IV is:" -s "EAP-TLS IV is:"
# TLS1.3 test cases
# TODO: remove or rewrite this test case if #4832 is resolved.
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
skip_handshake_stage_check
run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \
"$P_SRV debug_level=1 min_version=tls1_2 max_version=tls1_3" \
"$P_CLI debug_level=1 min_version=tls1_2 max_version=tls1_3" \
1 \
-s "SSL - The requested feature is not available" \
-c "SSL - The requested feature is not available" \
-s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \
-c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported"
# Test heap memory usage after handshake # Test heap memory usage after handshake
requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_DEBUG
requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C