Skip to content

[TEST] Add comprehensive DTLS socket test coverage #401

Description

@kcenon

Summary

Add comprehensive test coverage for the DTLS socket implementation, which currently has zero tests.

Current State

  • dtls_socket.h exists with full interface
  • dtls_socket.cpp implements OpenSSL DTLS
  • No test files exist for DTLS

DTLS Socket Features to Test

Interface

class dtls_socket {
public:
    dtls_socket(asio::ip::udp::socket socket, SSL_CTX* ssl_ctx);
    
    auto async_handshake(handshake_type type, handler) -> void;
    auto set_receive_callback(callback) -> void;
    auto set_error_callback(callback) -> void;
    auto start_receive() -> void;
    auto stop_receive() -> void;
    auto async_send(data, handler) -> void;
    auto async_send_to(data, endpoint, handler) -> void;
    auto is_handshake_complete() const -> bool;
};

Test Plan

Unit Tests (test_dtls_socket.cpp)

1. Construction Tests

TEST_F(DtlsSocketTest, ConstructWithValidContext)
TEST_F(DtlsSocketTest, ConstructWithNullContextThrows)

2. Handshake Tests

TEST_F(DtlsSocketTest, ClientHandshakeSuccess)
TEST_F(DtlsSocketTest, ServerHandshakeSuccess)
TEST_F(DtlsSocketTest, HandshakeTimeout)
TEST_F(DtlsSocketTest, HandshakeWithInvalidCertificate)
TEST_F(DtlsSocketTest, HandshakePacketLoss)
TEST_F(DtlsSocketTest, HandshakeRetransmission)

3. Send/Receive Tests

TEST_F(DtlsSocketTest, SendAfterHandshake)
TEST_F(DtlsSocketTest, SendBeforeHandshakeFails)
TEST_F(DtlsSocketTest, ReceiveDecryptsCorrectly)
TEST_F(DtlsSocketTest, SendToSpecificEndpoint)
TEST_F(DtlsSocketTest, LargePayloadFragmentation)

4. Error Handling Tests

TEST_F(DtlsSocketTest, ErrorCallbackOnSslError)
TEST_F(DtlsSocketTest, ErrorCallbackOnNetworkError)
TEST_F(DtlsSocketTest, RecoveryAfterTransientError)

5. Thread Safety Tests

TEST_F(DtlsSocketTest, ConcurrentSendOperations)
TEST_F(DtlsSocketTest, SendDuringReceive)
TEST_F(DtlsSocketTest, StopReceiveDuringCallback)

Integration Tests (test_dtls_e2e.cpp)

TEST_F(DtlsIntegrationTest, ClientServerCommunication)
TEST_F(DtlsIntegrationTest, MultipleClientsToServer)
TEST_F(DtlsIntegrationTest, SessionResumption)
TEST_F(DtlsIntegrationTest, ConnectionTimeout)
TEST_F(DtlsIntegrationTest, GracefulShutdown)

Security Tests

TEST_F(DtlsSecurityTest, RejectExpiredCertificate)
TEST_F(DtlsSecurityTest, RejectSelfSignedWhenRequired)
TEST_F(DtlsSecurityTest, VerifyHostname)
TEST_F(DtlsSecurityTest, MinimumTlsVersion)

Test Infrastructure

Mock SSL Context

class MockSslContext {
public:
    static SSL_CTX* create_test_context();
    static std::pair<std::string, std::string> generate_test_cert();
};

Test Certificates

  • Generate self-signed certificates for testing
  • Use in-memory certificate storage
  • Support both RSA and ECDSA

Tasks

  • Create tests/unit/test_dtls_socket.cpp
  • Create tests/integration/test_dtls_e2e.cpp
  • Implement mock SSL context helper
  • Generate test certificates
  • Implement all unit tests
  • Implement all integration tests
  • Add DTLS tests to CI pipeline
  • Achieve >80% code coverage for dtls_socket

Acceptance Criteria

  • All unit tests pass
  • All integration tests pass
  • >80% code coverage for dtls_socket.cpp
  • Tests run in CI without flakiness
  • TSAN clean for concurrent tests
  • ASAN clean for memory safety

Files to Create

  • tests/unit/test_dtls_socket.cpp
  • tests/integration/test_dtls_e2e.cpp
  • tests/helpers/mock_ssl_context.h
  • tests/helpers/test_certificates.h

Related

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions