commit d0fd1daa6ba541dcb6d85e065fe412abb8083562
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Sep 25 17:00:27 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:32:38 2014 +0200
tree 7fb2c8619e05e52ad1bb7228a742af0d7b03650a
parent 1b753f1e27368103ce60555fa9cc47c194717a39

Add test with proxy and openssl server

programs/test/udp_proxy.c

diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c
index ad05b48..5d5a02a 100644
--- a/programs/test/udp_proxy.c
+++ b/programs/test/udp_proxy.c
@@ -79,21 +79,22 @@
 #define USAGE                                                               \
     "\n usage: udp_proxy param=<>...\n"                                     \
     "\n acceptable parameters:\n"                                           \
-    "    server_addr=%%d      default: localhost\n"                         \
+    "    server_addr=%%s      default: localhost\n"                         \
     "    server_port=%%d      default: 4433\n"                              \
-    "    listen_addr=%%d      default: localhost\n"                         \
+    "    listen_addr=%%s      default: localhost\n"                         \
     "    listen_port=%%d      default: 4433\n"                              \
     "\n"                                                                    \
     "    duplicate=%%d        default: 0 (no duplication)\n"                \
     "                        duplicate about 1:N packets randomly\n"        \
     "    delay=%%d            default: 0 (no delayed packets)\n"            \
     "                        delay about 1:N packets randomly\n"            \
-    "    delay_ccs=%%d        default: 0 (don't delay ChangeCipherSpec)\n" \
+    "    delay_ccs=0/1       default: 0 (don't delay ChangeCipherSpec)\n"   \
     "    drop=%%d             default: 0 (no dropped packets)\n"            \
     "                        drop about 1:N packets randomly\n"             \
     "    mtu=%%d              default: 0 (unlimited)\n"                     \
     "                        drop packets larger than N bytes\n"            \
-    "    bad_ad=%%d           default: 0 (don't add bad ApplicationData)\n" \
+    "    bad_ad=0/1          default: 0 (don't add bad ApplicationData)\n"  \
+    "    protect_hvr=0/1     default: 0 (don't protect HelloVerifyRequest)\n" \
     "\n"                                                                    \
     "    seed=%%d             default: (use current time)\n"                \
     "\n"
@@ -114,6 +115,7 @@
     int drop;                   /* drop 1 packet in N (none if 0)           */
     int mtu;                    /* drop packets larger than this            */
     int bad_ad;                 /* inject corrupted ApplicationData record  */
+    int protect_hvr;            /* never drop or delay HelloVerifyRequest   */
 
     unsigned int seed;          /* seed for "random" events                 */
 } opt;
@@ -199,6 +201,12 @@
             if( opt.bad_ad < 0 || opt.bad_ad > 1 )
                 exit_usage( p, q );
         }
+        else if( strcmp( p, "protect_hvr" ) == 0 )
+        {
+            opt.protect_hvr = atoi( q );
+            if( opt.protect_hvr < 0 || opt.protect_hvr > 1 )
+                exit_usage( p, q );
+        }
         else if( strcmp( p, "seed" ) == 0 )
         {
             opt.seed = atoi( q );
@@ -366,6 +374,8 @@
           cur.len > (unsigned) opt.mtu ) ||
         ( opt.drop != 0 &&
           strcmp( cur.type, "ApplicationData" ) != 0 &&
+          ! ( opt.protect_hvr &&
+              strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
           rand() % opt.drop == 0 ) )
     {
         ; /* Nothing to do */
@@ -374,6 +384,8 @@
                strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) ||
              ( opt.delay != 0 &&
                strcmp( cur.type, "ApplicationData" ) != 0 &&
+               ! ( opt.protect_hvr &&
+                   strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
                prev.dst == 0 &&
                rand() % opt.delay == 0 ) )
     {

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 48e5b03..2078ccd 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2273,6 +2273,15 @@
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
 
+needs_more_time 2
+run_test    "DTLS proxy: 3d, max handshake, openssl server" \
+            -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
+            "$O_SRV -dtls1 -mtu 2048" \
+            "$P_CLI dtls=1" \
+            0 \
+            -s "Extra-header:" \
+            -c "HTTP/1.0 200 OK"
+
 # Final report
 
 echo "------------------------------------------------------------------------"