Mbed-TLS · gilles-peskine-arm · Sep 13, 2024 · Sep 13, 2024 · Sep 13, 2024 · Sep 13, 2024
diff --git a/tests/opt-testcases/sample.sh b/tests/opt-testcases/sample.sh
@@ -1,10 +1,23 @@
-# Test that SSL sample programs can interoperate with OpenSSL and GnuTLS.
+# Test that SSL sample programs can interoperate with each other
+# and with OpenSSL and GnuTLS.
 
 # Copyright The Mbed TLS Contributors
 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
 
 : ${PROGRAMS_DIR:=../programs/ssl}
 
+run_test "Sample: ssl_client1, ssl_server2" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_server2" \
+ "$PROGRAMS_DIR/ssl_client1" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
 requires_protocol_version tls12
 run_test "Sample: ssl_client1, openssl server, TLS 1.2" \
  -P 4433 \
@@ -49,6 +62,22 @@ run_test "Sample: ssl_client1, gnutls server, TLS 1.3" \
  -S "Error" \
  -C "error"
 
+# The server complains of extra data after it closes the connection
+# because the client keeps sending data, so the server receives
+# more application data when it expects a new handshake. We consider
+# the test a success if both sides have sent and received application
+# data, no matter what happens afterwards.
+run_test "Sample: dtls_client, ssl_server2" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_server2 dtls=1 server_addr=localhost" \
+ "$PROGRAMS_DIR/dtls_client" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -C "error"
+
 requires_protocol_version dtls12
 run_test "Sample: dtls_client, openssl server, DTLS 1.2" \
  -P 4433 \
@@ -76,6 +105,30 @@ run_test "Sample: dtls_client, gnutls server, DTLS 1.2" \
  -S "Error" \
  -C "error"
 
+run_test "Sample: ssl_server, ssl_client2" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_server" \
+ "$PROGRAMS_DIR/ssl_client2" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
+run_test "Sample: ssl_client1 with ssl_server" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_server" \
+ "$PROGRAMS_DIR/ssl_client1" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
 requires_protocol_version tls12
 run_test "Sample: ssl_server, openssl client, TLS 1.2" \
  -P 4433 \
@@ -122,6 +175,30 @@ run_test "Sample: ssl_server, gnutls client, TLS 1.3" \
  -S "error" \
  -C "ERROR"
 
+run_test "Sample: ssl_fork_server, ssl_client2" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_fork_server" \
+ "$PROGRAMS_DIR/ssl_client2" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
+run_test "Sample: ssl_client1 with ssl_fork_server" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_fork_server" \
+ "$PROGRAMS_DIR/ssl_client1" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
 requires_protocol_version tls12
 run_test "Sample: ssl_fork_server, openssl client, TLS 1.2" \
  -P 4433 \
@@ -168,6 +245,30 @@ run_test "Sample: ssl_fork_server, gnutls client, TLS 1.3" \
  -S "error" \
  -C "ERROR"
 
+run_test "Sample: ssl_pthread_server, ssl_client2" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_pthread_server" \
+ "$PROGRAMS_DIR/ssl_client2" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
+run_test "Sample: ssl_client1 with ssl_pthread_server" \
+ -P 4433 \
+ "$PROGRAMS_DIR/ssl_pthread_server" \
+ "$PROGRAMS_DIR/ssl_client1" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -S "error" \
+ -C "error"
+
 requires_protocol_version tls12
 run_test "Sample: ssl_pthread_server, openssl client, TLS 1.2" \
  -P 4433 \
@@ -214,6 +315,38 @@ run_test "Sample: ssl_pthread_server, gnutls client, TLS 1.3" \
  -S "error" \
  -C "ERROR"
 
+# The server complains of extra data after it closes the connection
+# because the client keeps sending data, so the server receives
+# more application data when it expects a new handshake. We consider
+# the test a success if both sides have sent and received application
+# data, no matter what happens afterwards.
+run_test "Sample: dtls_client with dtls_server" \
+ -P 4433 \
+ "$PROGRAMS_DIR/dtls_server" \
+ "$PROGRAMS_DIR/dtls_client" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -C "error"
+
+# The server complains of extra data after it closes the connection
+# because the client keeps sending data, so the server receives
+# more application data when it expects a new handshake. We consider
+# the test a success if both sides have sent and received application
+# data, no matter what happens afterwards.
+run_test "Sample: ssl_client2, dtls_server" \
+ -P 4433 \
+ "$PROGRAMS_DIR/dtls_server" \
+ "$PROGRAMS_DIR/ssl_client2 dtls=1" \
+ 0 \
+ -s "[1-9][0-9]* bytes read" \
+ -s "[1-9][0-9]* bytes written" \
+ -c "[1-9][0-9]* bytes read" \
+ -c "[1-9][0-9]* bytes written" \
+ -C "error"
+
 requires_protocol_version dtls12
 run_test "Sample: dtls_server, openssl client, DTLS 1.2" \
  -P 4433 \