gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Exhaustive DTLS handshake test

From: Sean Buckheister
Subject: Exhaustive DTLS handshake test
Date: Sat, 11 Feb 2012 17:21:24 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20120205 Thunderbird/10.0 
Hello,

as promised, I built a (more or less) exhaustive test for the DTLS
handshake procedure. The test program will try all sensible permutations
and drop varieties that could affect handshake flight. The rules are simple:

* never touch ClientHello packets
* permute the other flight atomically in some manner, don't span flights
* drop packets as needed

This gives us 6*2*6*256 = a boatload of longrunning tests. I let the
program run over night, and the blocking DTLS handshake is indeed very
stable: it always works, unless ServerHello flights are not permuted,
but lost completely. [1]

Not so for the nonblocking handshake: timeouts occur much more often,
and with no distinguishable pattern. My guess is that the test code is
still incorrect there.

The test program is attached in a working, i.e. not optimized, state.
Next thing I'll do is group all the permutation runs for one drop
variety and run them in batch with parallel processes. That should speed
the tests up quite a lot.




[1] The test is not yet through, but this pattern emerged and is stable

Attachment: dtls-handshake.c
Description: Text Data

reply via email to
[Prev in Thread] Current Thread [Next in Thread]