summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp14
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp b/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp
index a273ceaa17..00e4cfbe46 100644
--- a/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp
+++ b/tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp
@@ -288,6 +288,20 @@ void tst_QDtlsCookie::verifyClient()
clientPort), true);
QCOMPARE(anotherListener.verifiedHello(), dgram);
QCOMPARE(anotherListener.dtlsError(), QDtlsError::NoError);
+
+ // Now, let's test if a DTLS server is able to create a new TLS session
+ // re-using the client's 'Hello' with a cookie inside:
+ QDtls session(QSslSocket::SslServerMode);
+ auto dtlsConf = QSslConfiguration::defaultDtlsConfiguration();
+ dtlsConf.setDtlsCookieVerificationEnabled(true);
+ session.setDtlsConfiguration(dtlsConf);
+ session.setPeer(clientAddress, clientPort);
+ // Borrow a secret and hash algorithm:
+ session.setCookieGeneratorParameters(listener.cookieGeneratorParameters());
+ // Trigger TLS state machine change to think it accepted a cookie and started
+ // a handshake:
+ QVERIFY(session.doHandshake(&serverSocket, dgram));
+
// Now let's use a wrong port:
QCOMPARE(listener.verifyClient(&serverSocket, dgram, clientAddress, serverPort), false);
// Invalid cookie, no verified hello message:
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 02:21:54 +0000