Added buffer_size and response_size options for ssl-server2.
Added appropriate tests.
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 839c77d..ef5aa5b 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3882,10 +3882,10 @@
-S "dumping 'client hello extensions'" \
-S "server hello, total extension length:"
-# Test for large packets
+# Test for large client packets
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Large packet SSLv3 BlockCipher" \
+run_test "Large client packet SSLv3 BlockCipher" \
"$P_SRV min_version=ssl3" \
"$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3894,7 +3894,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Large packet SSLv3 StreamCipher" \
+run_test "Large client packet SSLv3 StreamCipher" \
"$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
@@ -3902,7 +3902,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.0 BlockCipher" \
+run_test "Large client packet TLS 1.0 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3910,7 +3910,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.0 BlockCipher, without EtM" \
+run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3918,7 +3918,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
+run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3927,21 +3927,21 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
0 \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.0 StreamCipher" \
+run_test "Large client packet TLS 1.0 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.0 StreamCipher, without EtM" \
+run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3949,7 +3949,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
+run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3957,7 +3957,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
@@ -3965,7 +3965,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.1 BlockCipher" \
+run_test "Large client packet TLS 1.1 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3973,7 +3973,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.1 BlockCipher, without EtM" \
+run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3981,7 +3981,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
+run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3989,14 +3989,14 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.1 StreamCipher" \
+run_test "Large client packet TLS 1.1 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
@@ -4004,7 +4004,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.1 StreamCipher, without EtM" \
+run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -4013,7 +4013,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
+run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -4021,7 +4021,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
@@ -4029,7 +4029,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 BlockCipher" \
+run_test "Large client packet TLS 1.2 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -4037,14 +4037,14 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 BlockCipher, without EtM" \
+run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 BlockCipher larger MAC" \
+run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
@@ -4053,7 +4053,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
+run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -4061,7 +4061,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
@@ -4069,7 +4069,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 StreamCipher" \
+run_test "Large client packet TLS 1.2 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
@@ -4077,7 +4077,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 StreamCipher, without EtM" \
+run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -4085,7 +4085,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
+run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -4093,7 +4093,7 @@
-s "Read from client: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
@@ -4101,7 +4101,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 AEAD" \
+run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
@@ -4109,7 +4109,7 @@
-c "16384 bytes written in 1 fragments" \
-s "Read from client: 16384 bytes read"
-run_test "Large packet TLS 1.2 AEAD shorter tag" \
+run_test "Large client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
@@ -4167,6 +4167,139 @@
-c "found supported_point_formats extension" \
-s "server hello, supported_point_formats extension"
+# Test for large server packets
+
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Large server packet SSLv3 BlockCipher" \
+ "$P_SRV response_size=16384 min_version=ssl3" \
+ "$P_CLI force_version=ssl3 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Large server packet SSLv3 StreamCipher" \
+ "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=ssl3 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+# Checking next 2 tests logs for 1n-1 split against BEAST too
+run_test "Large server packet TLS 1.0 BlockCipher" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 BlockCipher" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 BlockCipher" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 AEAD" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 AEAD shorter tag" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
# Tests for DTLS HelloVerifyRequest
run_test "DTLS cookie: enabled" \