tests/multi_net: Update DTLS multi-net test.

The original version of this test had to exchange a 1 byte UDP packet before the DTLS handshake. This is no longer needed due to MSG_PEEK support. The test also doesn't work with HelloVerify enabled, as the first connection attempt always fails with an MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED result. Anticipate this by listening for the client twice on the server side. This work was funded through GitHub Sponsors. Signed-off-by: Angus Gratton <angus@redyak.com.au>
2025-06-05 15:33:56 +10:00
parent 9b7d85227e
commit 89f9ee9d7c
2 changed files with 41 additions and 33 deletions
--- a/tests/multi_net/tls_dtls_server_client.py
+++ b/tests/multi_net/tls_dtls_server_client.py
@@ -34,28 +34,36 @@ def instance0():

    multitest.next()

-    # Wait for the client to connect.
-    data, client_addr = s.recvfrom(1)
-    print("incoming connection", data)
-
-    # Connect back to the client, so the UDP socket can be used like a stream.
-    s.connect(client_addr)
-
-    # Create the DTLS context and load the certificate.
    ctx = tls.SSLContext(tls.PROTOCOL_DTLS_SERVER)
    ctx.load_cert_chain(cert, key)

-    # Wrap the UDP socket in server mode.
-    print("wrap socket")
-    s = ctx.wrap_socket(s, server_side=1)
+    # Because of "hello verify required", we expect the peer
+    # to connect twice: once to set the cookie, then second time
+    # successfully.
+    #
+    # As this isn't a real server, we hard-code two connection attempts
+    for _ in range(2):
+        print("waiting")
+        # Wait for the client to connect so we know their address
+        _, client_addr = s.recvfrom(1, socket.MSG_PEEK)
+        print("incoming connection")
+        s.connect(client_addr)  # Connect back to the client

-    # Transfer some data.
-    for _ in range(4):
-        print(s.recv(16))
-        s.send(b"server to client")
+        # Wrap the UDP socket in server mode.
+        try:
+            s = ctx.wrap_socket(s, server_side=1, client_id=repr(client_addr).encode())
+        except OSError as e:
+            print(e)
+            continue  # wait for second connection

-    # Close the DTLS and UDP connection.
-    s.close()
+        # Transfer some data.
+        for i in range(4):
+            print(s.recv(32))
+            s.send(b"server to client " + str(i).encode())
+
+        # Close the DTLS and UDP connection.
+        s.close()
+        break


 # DTLS client.
@@ -68,9 +76,6 @@ def instance1():
    print("connect")
    s.connect(addr)

-    # Send one byte to indicate a connection, and so the server can obtain our address.
-    s.write("X")
-
    # Create a DTLS context and load the certificate.
    ctx = tls.SSLContext(tls.PROTOCOL_DTLS_CLIENT)
    ctx.verify_mode = tls.CERT_REQUIRED
@@ -81,9 +86,9 @@ def instance1():
    s = ctx.wrap_socket(s, server_hostname="micropython.local")

    # Transfer some data.
-    for _ in range(4):
-        s.send(b"client to server")
-        print(s.recv(16))
+    for i in range(4):
+        s.send(b"client to server " + str(i).encode())
+        print(s.recv(32))

    # Close the DTLS and UDP connection.
    s.close()
--- a/tests/multi_net/tls_dtls_server_client.py.exp
+++ b/tests/multi_net/tls_dtls_server_client.py.exp
@@ -1,14 +1,17 @@
 --- instance0 ---
-incoming connection b'X'
-wrap socket
-b'client to server'
-b'client to server'
-b'client to server'
-b'client to server'
+waiting
+incoming connection
+(-27264, 'MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED')
+waiting
+incoming connection
+b'client to server 0'
+b'client to server 1'
+b'client to server 2'
+b'client to server 3'
 --- instance1 ---
 connect
 wrap socket
-b'server to client'
-b'server to client'
-b'server to client'
-b'server to client'
+b'server to client 0'
+b'server to client 1'
+b'server to client 2'
+b'server to client 3'