Insert records with unexpected CID in CID tests in ssl-opt.sh
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index e1c9f02..ac36abc 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1171,7 +1171,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
- -p "$P_PXY drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef" \
0 \
@@ -1188,7 +1188,9 @@
-c "Peer CID (length 2 Bytes): de ad" \
-s "Peer CID (length 2 Bytes): be ef" \
-s "Use of Connection ID has been negotiated" \
- -c "Use of Connection ID has been negotiated"
+ -c "Use of Connection ID has been negotiated" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
@@ -1213,7 +1215,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
- -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
0 \
@@ -1230,7 +1232,9 @@
-c "Peer CID (length 2 Bytes): de ad" \
-s "Peer CID (length 2 Bytes): be ef" \
-s "Use of Connection ID has been negotiated" \
- -c "Use of Connection ID has been negotiated"
+ -c "Use of Connection ID has been negotiated" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
@@ -1494,7 +1498,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \
- -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
"$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
0 \
@@ -1505,7 +1509,9 @@
-c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
-s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
-s "(after renegotiation) Use of Connection ID has been negotiated" \
- -c "(after renegotiation) Use of Connection ID has been negotiated"
+ -c "(after renegotiation) Use of Connection ID has been negotiated" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
@@ -1540,7 +1546,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
- -p "$P_PXY drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
"$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
0 \
@@ -1551,7 +1557,9 @@
-C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
-S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
-C "(after renegotiation) Use of Connection ID has been negotiated" \
- -S "(after renegotiation) Use of Connection ID has been negotiated"
+ -S "(after renegotiation) Use of Connection ID has been negotiated" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
@@ -1582,7 +1590,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
- -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
"$P_CLI debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
0 \
@@ -1591,7 +1599,9 @@
-c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
-s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
-c "(after renegotiation) Use of Connection ID has been negotiated" \
- -s "(after renegotiation) Use of Connection ID has been negotiated"
+ -s "(after renegotiation) Use of Connection ID has been negotiated" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
@@ -1612,7 +1622,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \
- -p "$P_PXY drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
0 \
@@ -1624,7 +1634,9 @@
-S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
-C "(after renegotiation) Use of Connection ID has been negotiated" \
-S "(after renegotiation) Use of Connection ID has been negotiated" \
- -s "(after renegotiation) Use of Connection ID was not offered by client"
+ -s "(after renegotiation) Use of Connection ID was not offered by client" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
@@ -1645,7 +1657,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \
- -p "$P_PXY drop=5 delay=5 duplicate=5" \
+ -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
0 \
@@ -1657,7 +1669,9 @@
-S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
-C "(after renegotiation) Use of Connection ID has been negotiated" \
-S "(after renegotiation) Use of Connection ID has been negotiated" \
- -c "(after renegotiation) Use of Connection ID was rejected by the server"
+ -c "(after renegotiation) Use of Connection ID was rejected by the server" \
+ -c "ignoring unexpected CID" \
+ -s "ignoring unexpected CID"
# Tests for Encrypt-then-MAC extension