Test dtls_server

Test against both OpenSSL and GnuTLS. Don't use a proxy. It's not particularly useful here, and would complicate figuring out port numbers. Clean up compile-time requirements dtls_server.c: any certificate-based key exchange is ok, so don't insist on built-in RSA. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-30 22:43:08 +03:00 · 2024-09-04 16:51:50 +02:00
parent 2a0af359f1
commit 9d104e9857
3 changed files with 39 additions and 16 deletions
--- a/tests/opt-testcases/sample.sh
+++ b/tests/opt-testcases/sample.sh
@ -206,3 +206,27 @@ run_test    "Sample: ssl_pthread_server, gnutls client, TLS 1.3" \
            -c "Description:.*TLS1.3" \
            -S "error" \
            -C "ERROR"
+
+requires_protocol_version dtls12
+run_test    "Sample: dtls_server, openssl client, DTLS 1.2" \
+            -P 4433 \
+            "$PROGRAMS_DIR/dtls_server" \
+            "$O_CLI -dtls1_2" \
+            0 \
+            -s "[1-9][0-9]* bytes read" \
+            -s "[1-9][0-9]* bytes written" \
+            -c "New, TLSv1.2, Cipher is" \
+            -S "error" \
+            -C "ERROR"
+
+requires_protocol_version dtls12
+run_test    "Sample: dtls_server, gnutls client, DTLS 1.2" \
+            -P 4433 \
+            "$PROGRAMS_DIR/dtls_server" \
+            "$G_CLI -u --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 localhost" \
+            0 \
+            -s "[1-9][0-9]* bytes read" \
+            -s "[1-9][0-9]* bytes written" \
+            -c "Description:.*DTLS1.2" \
+            -S "error" \
+            -C "ERROR"