From dc1e95017048dbd2a5a242632ce6fa48e6dbb47f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 16:02:33 +0100 Subject: [PATCH] DTLS reordering: Add test for buffering a proper fragment This commit adds a test to ssl-opt.sh which exercises the behavior of the library in the situation where a single proper fragment of a future handshake message is received prior to the next expected handshake message (concretely, the client receives the first fragment of the server's Certificate message prior to the server's ServerHello). --- tests/ssl-opt.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 86bede893..7ea924567 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5920,6 +5920,22 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ -S "Inject buffered CCS message" \ -S "Remember CCS message" +run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ + -p "$P_PXY delay_srv=ServerHello" \ + "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2" \ + 0 \ + -c "Buffering HS message" \ + -c "found fragmented DTLS handshake message"\ + -c "Next handshake message 1 not or only partially bufffered" \ + -c "Next handshake message has been buffered - load"\ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load"\ + -C "Inject buffered CCS message" \ + -C "Remember CCS message" \ + -S "Inject buffered CCS message" \ + -S "Remember CCS message" + # The client buffers the ServerKeyExchange before receiving the fragmented # Certificate message; at the time of writing, together these are aroudn 1200b # in size, so that the bound below ensures that the certificate can be reassembled