Merge remote-tracking branch 'origin/pr/656' into baremetal
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 814496d..1e3287c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -639,6 +639,19 @@
if_build_succeeded tests/ssl-opt.sh
}
+component_test_dtls_only () {
+ msg "build: Default + DTLS only (ASan build)" # ~ 6 min
+ scripts/config.pl set MBEDTLS_SSL_PROTO_NO_TLS
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+
+ msg "test: DTLS only - main suites (inc. selftests) (ASan build)" # ~ 50s
+ make test
+
+ msg "test: DTLS only - ssl-opt.sh (ASan build)" # ~ 6 min
+ if_build_succeeded tests/ssl-opt.sh
+}
+
component_test_no_renegotiation () {
msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
scripts/config.pl unset MBEDTLS_SSL_RENEGOTIATION
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 33aa792..da87793 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -539,6 +539,15 @@
fi
}
+check_cmdline_check_tls_dtls() {
+ detect_dtls "$CMD"
+ if [ "$DTLS" = "0" ]; then
+ requires_config_disabled MBEDTLS_SSL_PROTO_NO_TLS
+ elif [ "$DTLS" = "1" ]; then
+ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
+ fi
+}
+
check_cmdline_authmode_compat() {
__VAL="$( get_config_value_or_default "MBEDTLS_SSL_CONF_AUTHMODE" )"
if [ ! -z "$__VAL" ]; then
@@ -692,6 +701,9 @@
check_cmdline_param_compat "badmac_limit" \
"MBEDTLS_SSL_CONF_BADMAC_LIMIT"
+ # Skip tests relying on TLS/DTLS in configs that disable it.
+ check_cmdline_check_tls_dtls
+
# Authentication mode
check_cmdline_authmode_compat
@@ -5499,7 +5511,6 @@
# Tests for small client packets in DTLS
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small client packet DTLS 1.0" \
"$P_SRV dtls=1 force_version=dtls1" \
"$P_CLI dtls=1 request_size=1 \
@@ -5507,7 +5518,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small client packet DTLS 1.0, without EtM" \
"$P_SRV dtls=1 force_version=dtls1 etm=0" \
"$P_CLI dtls=1 request_size=1 \
@@ -5515,7 +5525,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small client packet DTLS 1.0, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \
@@ -5524,7 +5533,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \
@@ -5533,7 +5541,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small client packet DTLS 1.2" \
"$P_SRV dtls=1 force_version=dtls1_2" \
"$P_CLI dtls=1 request_size=1 \
@@ -5541,7 +5548,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small client packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
"$P_CLI dtls=1 request_size=1 \
@@ -5549,7 +5555,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small client packet DTLS 1.2, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
@@ -5558,7 +5563,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
@@ -5788,7 +5792,6 @@
# Tests for small server packets in DTLS
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small server packet DTLS 1.0" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1" \
"$P_CLI dtls=1 \
@@ -5796,7 +5799,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small server packet DTLS 1.0, without EtM" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \
"$P_CLI dtls=1 \
@@ -5804,7 +5806,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small server packet DTLS 1.0, truncated hmac" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \
@@ -5813,7 +5814,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \
@@ -5822,7 +5822,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small server packet DTLS 1.2" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
"$P_CLI dtls=1 \
@@ -5830,7 +5829,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
run_test "Small server packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
"$P_CLI dtls=1 \
@@ -5838,7 +5836,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small server packet DTLS 1.2, truncated hmac" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
@@ -5847,7 +5844,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
"$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
@@ -7125,7 +7121,6 @@
# - all others below 512B
# All those tests assume MAX_CONTENT_LEN is at least 2048
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7147,7 +7142,6 @@
-C "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7173,7 +7167,6 @@
# the client to not exceed a certain MTU; hence, the following
# test can't be replicated with an MTU proxy such as the one
# `client-initiated, server only (max_frag_len)` below.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7195,7 +7188,6 @@
-c "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7224,7 +7216,6 @@
# to the peer.
# The next test checks that no datagrams significantly larger than the
# negotiated MFL are sent.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7247,7 +7238,6 @@
-c "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7276,7 +7266,6 @@
# to the peer.
# The next test checks that no datagrams significantly larger than the
# negotiated MFL are sent.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -7299,7 +7288,6 @@
-c "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
run_test "DTLS fragmenting: none (for reference) (MTU)" \
@@ -7320,7 +7308,6 @@
-C "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
run_test "DTLS fragmenting: client (MTU)" \
@@ -7341,7 +7328,6 @@
-C "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
run_test "DTLS fragmenting: server (MTU)" \
@@ -7362,7 +7348,6 @@
-c "found fragmented DTLS handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
run_test "DTLS fragmenting: both (MTU=1024)" \
@@ -7385,7 +7370,6 @@
-C "error"
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -7419,7 +7403,6 @@
# fragmentation and auto-reduction) an extra retransmission might occur,
# hence the ratio of 8.
not_with_valgrind
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7445,7 +7428,6 @@
# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
only_with_valgrind
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7473,7 +7455,6 @@
# OTOH the client might resend if the server is to slow to reset after sending
# a HelloVerifyRequest, so only check for no retransmission server-side
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
@@ -7501,7 +7482,6 @@
# OTOH the client might resend if the server is to slow to reset after sending
# a HelloVerifyRequest, so only check for no retransmission server-side
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7529,7 +7509,6 @@
-C "error"
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
@@ -7554,7 +7533,6 @@
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7592,7 +7570,6 @@
# reco_delay avoids races where the client reconnects before the server has
# resumed listening, which would result in a spurious autoreduction.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7622,7 +7599,6 @@
# An autoreduction on the client-side might happen if the server is
# slow to reset, therefore omitting '-C "autoreduction"' below.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -7655,7 +7631,6 @@
# An autoreduction on the client-side might happen if the server is
# slow to reset, therefore omitting '-C "autoreduction"' below.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -7689,7 +7664,6 @@
# An autoreduction on the client-side might happen if the server is
# slow to reset, therefore omitting '-C "autoreduction"' below.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -7723,7 +7697,6 @@
# An autoreduction on the client-side might happen if the server is
# slow to reset, therefore omitting '-C "autoreduction"' below.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -7758,7 +7731,6 @@
# An autoreduction on the client-side might happen if the server is
# slow to reset, therefore omitting '-C "autoreduction"' below.
not_with_valgrind # spurious autoreduction due to timeout
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SHA256_C
@@ -7790,7 +7762,6 @@
-C "error"
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7816,7 +7787,6 @@
-C "error"
# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
@@ -7845,7 +7815,6 @@
#
# here and below we just want to test that the we fragment in a way that
# pleases other implementations, so we don't need the peer to fragment
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -7861,7 +7830,6 @@
-c "fragmenting handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -7884,7 +7852,6 @@
# as the server name in the certificate. This will make the
# certifiate validation fail, but passing --insecure makes
# GnuTLS continue the connection nonetheless.
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -7901,7 +7868,6 @@
-s "fragmenting handshake message"
# See previous test for the reason to use --insecure
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -7917,7 +7883,6 @@
0 \
-s "fragmenting handshake message"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -7932,7 +7897,6 @@
-c "fragmenting handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -7947,7 +7911,6 @@
-c "fragmenting handshake message" \
-C "error"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -7961,7 +7924,6 @@
0 \
-s "fragmenting handshake message"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -7980,7 +7942,6 @@
# again we just want to test that the we fragment in a way that
# pleases other implementations, so we don't need the peer to fragment
requires_gnutls_next
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -7998,7 +7959,6 @@
-C "error"
requires_gnutls_next
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -8016,7 +7976,6 @@
-C "error"
requires_gnutls_next
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -8033,7 +7992,6 @@
-s "fragmenting handshake message"
requires_gnutls_next
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -8055,7 +8013,6 @@
## They should be re-enabled once a fixed version of OpenSSL is available
## (this should happen in some 1.1.1_ release according to the ticket).
skip_next_test
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -8073,7 +8030,6 @@
-C "error"
skip_next_test
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
@@ -8091,7 +8047,6 @@
-C "error"
skip_next_test
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@@ -8110,7 +8065,6 @@
# -nbio is added to prevent s_client from blocking in case of duplicated
# messages at the end of the handshake
skip_next_test
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1