ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Extend the 'doth' system test with a Mutual TLS resumption check

Browse Source 
This commit adds a simple check to the 'doth' system test which
ensures that session resumption when Mutual TLS is used works as
expected.

(cherry picked from commit d5d31c6ba1)
This commit is contained in:
Artem Boldariev
2022-12-09 18:47:07 +02:00
parent 5de938c6cf
commit e903ce1f3e
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
bin/tests/system/doth/tests.sh
View File

@@ -776,6 +776,16 @@ grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
# send two requests one after another so that session resumption will happen
n=$((n + 1))
echo_i "checking DoH query (client certificate used - session resumption when using Mutual TLS) ($n)"
ret=0
# shellcheck disable=SC2086
dig_with_https_opts +https +tls-ca="$ca_file" +tls-certfile="./CA/certs/srv01.client01.example.com.pem" +tls-keyfile="./CA/certs/srv01.client01.example.com.key" -p "${EXTRAPORT6}" +comm @10.53.0.1 . SOA . SOA > dig.out.test$n
grep "TLS error" dig.out.test$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
test_opcodes() {
EXPECT_STATUS="$1"
shift