Exhaustive DTLS handshake test

Sean Buckheister s_buckhe at cs.uni-kl.de
Tue Feb 14 20:43:53 CET 2012


> Hey Sean,
>  I've put the test in the gnutls tree under tests [0].

Cool! :)

> I believe the
> current version copes with most cases of lost packets and
> re-arrangements (I'm in the process of verifying that).

I fear not, and I am terribly sorry. Due to an oversight, the programm
dropped far less packets than it actually should. The patch to fix this
is rather short: add "filter_current_idx++;" at the end of
filter_run_next. Not having that line there will only cause the filter
index to grow beyond the bounds of the actual filter chain, and since
the chain is initialized with null values, and null values are
interpreted as "send packet now", many packets would get sent instead of
dropped.

As of current git head, there are almost 6000 variations that fail the
test with 1000 child processes, but pass with only 100. This seems
rather odd, running on a machine with four cores an 10ms between any two
test run forks. Maybe i made a big mistake fixing my original mistake,
but looking at the traces, it doesn't look much like it.

Running the full suite, with 100 children, in nonblocking mode also
fails a number of the tests. I am puzzled.

> I've put the copyright holder as you. Once FSF receives the papers from
> you I'll update it to FSF.

(I'm not exactly sure whether I can legally transfer copyright. To my
knowledge, I can grant a nonrevocable exclusive use license though,
which should be pretty much the same thing.)

> Note that I've tweaked the code in order to compile with gnutls' cflags.

I have tried to extract the gnutls cflags, they are "-std=gnu99 -g -O2"
for me. The program compiled fine with those, but I must be missing
something. Now it compiles with -std=c89, which should work for everyone.

I've also made a number of modifications to avoid code duplication for
filter_packet_* and filter_permute_*, more sensible error handling, more
sensible child process handling (^C now kills the whole process tree,
not just the master process). I would also add tests for certificate
authentication of both client and server, four extra packets, which
would make the test suite a bit more comprehensive. It would end up
being more than 0.3 million test runs.

Also, there are a number of parameters missing:

* run tests with nonblocking DTLS
* set debug output level
* set child process limit
* set retransmit timeouts?

I have noticed that low retransmit timeouts and large child process
limits yield to a lot of false negatives in the batch run.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dtls-handshake.c
Type: text/x-csrc
Size: 16830 bytes
Desc: not available
URL: </pipermail/attachments/20120214/0668fde6/attachment.c>


More information about the Gnutls-devel mailing list