From 6e81b27003e24cb15d45b010f1b0713c9beb3de9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 27 Sep 2021 11:16:17 +0800 Subject: [PATCH] Add client state number check It is temporary check. If any change on `mbedtls_ssl_states`, please double check those tests Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 2 +- library/ssl_tls13_server.c | 3 ++- tests/ssl-opt.sh | 36 ++++++++++++++++++++++++++++++------ 3 files changed, 33 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 2eb9a73905..aa6c0854e0 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -851,7 +851,7 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) { int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls1_3 client state: %d", ssl->state ) ); switch( ssl->state ) { diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 437e836e84..5238f044eb 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -29,7 +29,8 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ) { - ((void) ssl); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "tls1_3 server state: %d", ssl->state ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 41e714ec22..66c648573b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8663,26 +8663,50 @@ run_test "TLS1.3: handshake dispatch test: tls1_3 only" \ "$P_SRV debug_level=2 min_version=tls1_3 max_version=tls1_3" \ "$P_CLI debug_level=2 min_version=tls1_3 max_version=tls1_3" \ 1 \ - -s "tls13 server state: MBEDTLS_SSL_HELLO_REQUEST" \ - -c "tls13 client state: MBEDTLS_SSL_HELLO_REQUEST" + -s "tls1_3 server state: 0" \ + -c "tls1_3 client state: 0" requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL run_test "TLS1.3: Test client hello msg work - openssl" \ "$O_NEXT_SRV -tls1_3 -msg" \ - "$P_CLI min_version=tls1_3 max_version=tls1_3" \ + "$P_CLI debug_level=2 min_version=tls1_3 max_version=tls1_3" \ 1 \ -c "SSL - The requested feature is not available" \ - -s "ServerHello" + -s "ServerHello" \ + -c "tls1_3 client state: 0" \ + -c "tls1_3 client state: 2" \ + -c "tls1_3 client state: 19" \ + -c "tls1_3 client state: 5" \ + -c "tls1_3 client state: 3" \ + -c "tls1_3 client state: 9" \ + -c "tls1_3 client state: 13" \ + -c "tls1_3 client state: 7" \ + -c "tls1_3 client state: 20" \ + -c "tls1_3 client state: 11" \ + -c "tls1_3 client state: 14" \ + -c "tls1_3 client state: 15" requires_gnutls_tls1_3 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL run_test "TLS1.3: Test client hello msg work - gnutls" \ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 --debug=4" \ - "$P_CLI min_version=tls1_3 max_version=tls1_3" \ + "$P_CLI debug_level=2 min_version=tls1_3 max_version=tls1_3" \ 1 \ -c "SSL - The requested feature is not available" \ - -s "SERVER HELLO was queued" + -s "SERVER HELLO was queued" \ + -c "tls1_3 client state: 0" \ + -c "tls1_3 client state: 2" \ + -c "tls1_3 client state: 19" \ + -c "tls1_3 client state: 5" \ + -c "tls1_3 client state: 3" \ + -c "tls1_3 client state: 9" \ + -c "tls1_3 client state: 13" \ + -c "tls1_3 client state: 7" \ + -c "tls1_3 client state: 20" \ + -c "tls1_3 client state: 11" \ + -c "tls1_3 client state: 14" \ + -c "tls1_3 client state: 15" # Test heap memory usage after handshake requires_config_enabled MBEDTLS_MEMORY_DEBUG