Add missing large and small packet tests for ssl_server2
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index a9dd5c0..92151fd 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3669,10 +3669,10 @@
0 \
-s "Read from client: 500 bytes read (.*+.*)"
-# Tests for small packets
+# Tests for small client packets
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Small packet SSLv3 BlockCipher" \
+run_test "Small client packet SSLv3 BlockCipher" \
"$P_SRV min_version=ssl3" \
"$P_CLI request_size=1 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3680,21 +3680,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
-run_test "Small packet SSLv3 StreamCipher" \
+run_test "Small client packet SSLv3 StreamCipher" \
"$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=ssl3 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 BlockCipher" \
+run_test "Small client packet TLS 1.0 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 BlockCipher, without EtM" \
+run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1 etm=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3702,7 +3702,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 BlockCipher, truncated MAC" \
+run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3710,21 +3710,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 StreamCipher" \
+run_test "Small client packet TLS 1.0 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.0 StreamCipher, without EtM" \
+run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3732,7 +3732,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 StreamCipher, truncated MAC" \
+run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3740,21 +3740,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 BlockCipher" \
+run_test "Small client packet TLS 1.1 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 BlockCipher, without EtM" \
+run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
@@ -3762,7 +3762,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 BlockCipher, truncated MAC" \
+run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3770,21 +3770,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 StreamCipher" \
+run_test "Small client packet TLS 1.1 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.1 StreamCipher, without EtM" \
+run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3792,7 +3792,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 StreamCipher, truncated MAC" \
+run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3800,28 +3800,28 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 BlockCipher" \
+run_test "Small client packet TLS 1.2 BlockCipher" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 BlockCipher, without EtM" \
+run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 BlockCipher larger MAC" \
+run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
@@ -3829,7 +3829,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 BlockCipher, truncated MAC" \
+run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3837,21 +3837,21 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 StreamCipher" \
+run_test "Small client packet TLS 1.2 StreamCipher" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 StreamCipher, without EtM" \
+run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
@@ -3859,7 +3859,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 StreamCipher, truncated MAC" \
+run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
@@ -3867,31 +3867,31 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 AEAD" \
+run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-s "Read from client: 1 bytes read"
-run_test "Small packet TLS 1.2 AEAD shorter tag" \
+run_test "Small client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
0 \
-s "Read from client: 1 bytes read"
-# Tests for small packets in DTLS
+# Tests for small client packets in DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.0" \
+run_test "Small client packet DTLS 1.0" \
"$P_SRV dtls=1 force_version=dtls1" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3899,7 +3899,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.0, without EtM" \
+run_test "Small client packet DTLS 1.0, without EtM" \
"$P_SRV dtls=1 force_version=dtls1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3908,7 +3908,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.0, truncated hmac" \
+run_test "Small client packet DTLS 1.0, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \
"$P_CLI dtls=1 request_size=1 trunc_hmac=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3917,7 +3917,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.0, without EtM, truncated MAC" \
+run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
@@ -3925,7 +3925,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.2" \
+run_test "Small client packet DTLS 1.2" \
"$P_SRV dtls=1 force_version=dtls1_2" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3933,7 +3933,7 @@
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-run_test "Small packet DTLS 1.2, without EtM" \
+run_test "Small client packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@@ -3942,7 +3942,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.2, truncated hmac" \
+run_test "Small client packet DTLS 1.2, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
@@ -3951,13 +3951,302 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small packet DTLS 1.2, without EtM, truncated MAC" \
+run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
0 \
-s "Read from client: 1 bytes read"
+# Tests for small server packets
+
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Small server packet SSLv3 BlockCipher" \
+ "$P_SRV response_size=1 min_version=ssl3" \
+ "$P_CLI force_version=ssl3 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
+run_test "Small server packet SSLv3 StreamCipher" \
+ "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=ssl3 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 BlockCipher" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1 etm=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 StreamCipher" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
+ trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 BlockCipher" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 StreamCipher" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 BlockCipher" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 StreamCipher" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 AEAD" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+run_test "Small server packet TLS 1.2 AEAD shorter tag" \
+ "$P_SRV response_size=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+# Tests for small server packets in DTLS
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.0" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.0, without EtM" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.0, truncated hmac" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \
+ "$P_CLI dtls=1 trunc_hmac=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.2" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+run_test "Small server packet DTLS 1.2, without EtM" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.2, truncated hmac" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
+ 0 \
+ -c "Read from server: 1 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
+ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
+ "$P_CLI dtls=1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
+ 0 \
+ -c "Read from server: 1 bytes read"
+
# A test for extensions in SSLv3
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
@@ -4231,6 +4520,15 @@
-c "16383 bytes read"\
-C "Read from server: 16384 bytes read"
+run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1 etm=0 recsplit=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -c "Read from server: 1 bytes read"\
+ -c "16383 bytes read"\
+ -C "Read from server: 16384 bytes read"
+
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \
"$P_SRV response_size=16384" \
@@ -4249,6 +4547,41 @@
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.0 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
run_test "Large server packet TLS 1.1 BlockCipher" \
@@ -4258,11 +4591,12 @@
0 \
-c "Read from server: 16384 bytes read"
-run_test "Large server packet TLS 1.1 StreamCipher" \
- "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
- "$P_CLI force_version=tls1_1 \
- force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_1 etm=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
+ -s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
@@ -4275,6 +4609,30 @@
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 StreamCipher" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ 0 \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \
"$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI force_version=tls1_1 \
@@ -4283,6 +4641,14 @@
0 \
-c "Read from server: 16384 bytes read"
+run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_1 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384" \
"$P_CLI force_version=tls1_2 \
@@ -4290,6 +4656,14 @@
0 \
-c "Read from server: 16384 bytes read"
+run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
+ "$P_SRV response_size=16384" \
+ "$P_CLI force_version=tls1_2 etm=0 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV response_size=16384" \
"$P_CLI force_version=tls1_2 \
@@ -4306,11 +4680,28 @@
0 \
-c "Read from server: 16384 bytes read"
+run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
run_test "Large server packet TLS 1.2 StreamCipher" \
"$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_CLI force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
+run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
@@ -4322,6 +4713,15 @@
0 \
-c "Read from server: 16384 bytes read"
+requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
+run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
+ "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
+ "$P_CLI force_version=tls1_2 \
+ force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
+ 0 \
+ -s "16384 bytes written in 1 fragments" \
+ -c "Read from server: 16384 bytes read"
+
run_test "Large server packet TLS 1.2 AEAD" \
"$P_SRV response_size=16384" \
"$P_CLI force_version=tls1_2 \
