ssl-opt.sh: Allow spurious resend in DTLS session resumption test
When a server replies to a cookieless ClientHello with a HelloVerifyRequest,
it is supposed to reset the connection and wait for a subsequent ClientHello
which includes the cookie from the HelloVerifyRequest.
In testing environments, it might happen that the reset of the server
takes longer than for the client to replying to the HelloVerifyRequest
with the ClientHello+Cookie. In this case, the ClientHello gets lost
and the client will need retransmit. This may happen even if the underlying
datagram transport is reliable.
This commit removes a guard in the ssl-opt.sh test
'DTLS fragmenting: proxy MTU, resumed handshake' which made
the test fail in case the log showed a resend from the client.
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 886c44c..9b416fb 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -5171,6 +5171,9 @@
# Since we don't support reading fragmented ClientHello yet,
# up the MTU to 1450 (larger than ClientHello with session ticket,
# but still smaller than client's Certificate to ensure fragmentation).
+#
+# A resend on the client-side might happen if the server is
+# slow to reset, therefore omitting '-C "resend"' below.
not_with_valgrind # spurious resend due to timeout
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
@@ -5187,7 +5190,6 @@
mtu=1450 reconnect=1" \
0 \
-S "resend" \
- -C "resend" \
-s "found fragmented DTLS handshake message" \
-c "found fragmented DTLS handshake message" \
-C "error"