Skip to content

Commit

Permalink
Force IPv4 in gnutls_cli srtp tests
Browse files Browse the repository at this point in the history 
Force using IPv4 in the GNU_CLI SRTP tests, as introduced for
other tests in Mbed-TLS#1918.
  • Loading branch information
@jeannotlapin
Ron Eldor authored and jeannotlapin committed Apr 23, 2020
1 parent 8e4a40f commit 26702e9
Showing 1 changed file with 29 additions and 42 deletions.
71 changes: 29 additions & 42 deletions tests/ssl-opt.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8904,110 +8904,90 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl
-C "dumping 'received mki' (8 bytes)" \
-C "error"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP all profiles supported. gnutls client." \
"$P_SRV dtls=1 use_srtp=1 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_SRV dtls=1 use_srtp=1 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-s "found srtp profile" \
-s "selected srtp profile" \
-s "server hello, adding use_srtp extension" \
-c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls client." \
"$P_SRV dtls=1 use_srtp=1 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32" \
"$P_SRV dtls=1 use_srtp=1 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-s "found srtp profile" \
-s "selected srtp profile" \
-s "server hello, adding use_srtp extension" \
-c "SRTP profile: SRTP_NULL_HMAC_SHA1_80"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \
"$P_SRV dtls=1 use_srtp=1 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
"$P_SRV dtls=1 use_srtp=1 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-s "found srtp profile: MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32" \
-s "selected srtp profile: MBEDTLS_SRTP_AES128_CM_HMAC_SHA1_32" \
-s "server hello, adding use_srtp extension" \
-c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \
"$P_SRV dtls=1 use_srtp=1 srtp_force_profile=4 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_SRV dtls=1 use_srtp=1 srtp_force_profile=4 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-s "found srtp profile" \
-s "selected srtp profile: MBEDTLS_SRTP_NULL_HMAC_SHA1_32" \
-s "server hello, adding use_srtp extension" \
-c "SRTP profile: SRTP_NULL_SHA1_32"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \
"$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
"$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-s "found srtp profile" \
-s "selected srtp profile" \
-s "server hello, adding use_srtp extension" \
-c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \
"$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
"$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-s "found srtp profile" \
-S "selected srtp profile" \
-S "server hello, adding use_srtp extension" \
-C "SRTP profile:"

# gnutls-cli resolves localhost as an IPv6 address, when enabled,
# and fails to send messagges over UDP, causing DTLS negotiation to fail.
# Force server to bind to IPv6 address
requires_ipv6
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \
"$P_SRV dtls=1 debug_level=3 server_addr=::1" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_SRV dtls=1 debug_level=3" \
"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
0 \
-s "found use_srtp extension" \
-S "server hello, adding use_srtp extension" \
-C "SRTP profile:"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP all profiles supported. gnutls server" \
"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_CLI dtls=1 use_srtp=1 debug_level=3" \
Expand All @@ -9019,6 +8999,7 @@ run_test "DTLS-SRTP all profiles supported. gnutls server" \
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls server." \
"$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_CLI dtls=1 use_srtp=1 debug_level=3" \
Expand All @@ -9030,6 +9011,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports all profiles,
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \
"$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
Expand All @@ -9041,6 +9023,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports one profile.
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \
"$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \
"$P_CLI dtls=1 use_srtp=30 debug_level=3" \
Expand All @@ -9052,6 +9035,7 @@ run_test "DTLS-SRTP server supports one profile. Client supports all profiles.
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \
"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
"$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
Expand All @@ -9063,6 +9047,7 @@ run_test "DTLS-SRTP server and Client support only one matching profile. gnutls
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \
"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
"$P_CLI dtls=1 use_srtp=1 srtp_force_profile=4 debug_level=3" \
Expand All @@ -9074,6 +9059,7 @@ run_test "DTLS-SRTP server and Client support only one different profile. gnutl
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
"$G_SRV -u" \
"$P_CLI dtls=1 use_srtp=1 debug_level=3" \
Expand All @@ -9085,6 +9071,7 @@ run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
-C "error"

requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
requires_gnutls
run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \
"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
"$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
Expand Down

0 comments on commit 26702e9

Please sign in to comment.