Extend the 'doth' system test with a Mutual TLS resumption check

This commit adds a simple check to the 'doth' system test which
ensures that session resumption when Mutual TLS is used works as
expected.

diff --git a/bin/tests/system/doth/tests.sh b/bin/tests/system/doth/tests.sh
index 920d6af2141e819207cbcfd30b8dc8f6b83c7f85..d22f0ef6497b23287eb40b93272c7a62fc451282 100644 (file)
--- a/bin/tests/system/doth/tests.sh
+++ b/bin/tests/system/doth/tests.sh
@@ -776,6 +776,16 @@ grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+# send two requests one after another so that session resumption will happen
+n=$((n + 1))
+echo_i "checking DoH query (client certificate used - session resumption when using Mutual TLS) ($n)"
+ret=0
+# shellcheck disable=SC2086
+dig_with_https_opts +https +tls-ca="$ca_file" +tls-certfile="./CA/certs/srv01.client01.example.com.pem" +tls-keyfile="./CA/certs/srv01.client01.example.com.key" -p "${EXTRAPORT6}" +comm @10.53.0.1 . SOA . SOA > dig.out.test$n
+grep "TLS error" dig.out.test$n > /dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 test_opcodes() {
        EXPECT_STATUS="$1"
        shift