commit 9d104e9857faa1b366bdf2baaa08cc7a9fb56f05
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Sep 04 16:51:50 2024 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Sep 25 17:52:48 2024 +0200
tree 6467d238dfa3138bdffbb687016b08eb8740855d
parent 2a0af359f1f22fd2ceef86ce6cd8104c69c18dec

Test dtls_server

Test against both OpenSSL and GnuTLS.

Don't use a proxy. It's not particularly useful here, and would complicate
figuring out port numbers.

Clean up compile-time requirements dtls_server.c: any certificate-based key
exchange is ok, so don't insist on built-in RSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

tests/opt-testcases/sample.sh

diff --git a/tests/opt-testcases/sample.sh b/tests/opt-testcases/sample.sh
index a74d597..7c5562f 100644
--- a/tests/opt-testcases/sample.sh
+++ b/tests/opt-testcases/sample.sh
@@ -206,3 +206,27 @@
             -c "Description:.*TLS1.3" \
             -S "error" \
             -C "ERROR"
+
+requires_protocol_version dtls12
+run_test    "Sample: dtls_server, openssl client, DTLS 1.2" \
+            -P 4433 \
+            "$PROGRAMS_DIR/dtls_server" \
+            "$O_CLI -dtls1_2" \
+            0 \
+            -s "[1-9][0-9]* bytes read" \
+            -s "[1-9][0-9]* bytes written" \
+            -c "New, TLSv1.2, Cipher is" \
+            -S "error" \
+            -C "ERROR"
+
+requires_protocol_version dtls12
+run_test    "Sample: dtls_server, gnutls client, DTLS 1.2" \
+            -P 4433 \
+            "$PROGRAMS_DIR/dtls_server" \
+            "$G_CLI -u --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 localhost" \
+            0 \
+            -s "[1-9][0-9]* bytes read" \
+            -s "[1-9][0-9]* bytes written" \
+            -c "Description:.*DTLS1.2" \
+            -S "error" \
+            -C "ERROR"