Prepare to generalize maybe_requires_ciphersuite_enabled
Rename maybe_requires_ciphersuite_enabled() to detect_required_features()
and refactor its code a little. No intended behavior change. In subsequent
commits, this function will detect other requirements in a similar way.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 039ae80..da83174 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -271,31 +271,24 @@
esac
}
-# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
-# If CMD (call to a TLS client or server program) requires a specific
-# ciphersuite, arrange to only run the test case if this ciphersuite is
-# enabled. As an exception, do run the test case if it expects a ciphersuite
-# mismatch.
-maybe_requires_ciphersuite_enabled() {
+# detect_required_features CMD [RUN_TEST_OPTION...]
+# If CMD (call to a TLS client or server program) requires certain features,
+# arrange to only run the following test case if those features are enabled.
+detect_required_features() {
case "$1" in
- *\ force_ciphersuite=*) :;;
- *) return;; # No specific required ciphersuite
- esac
- ciphersuite="${1##*\ force_ciphersuite=}"
- ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}"
- shift
-
- case "$*" in
- *"-s SSL - The server has no ciphersuites in common"*)
- # This test case expects a ciphersuite mismatch, so it doesn't
- # require the ciphersuite to be enabled.
- ;;
- *)
- requires_ciphersuite_enabled "$ciphersuite"
- ;;
+ *\ force_ciphersuite=*)
+ tmp="${1##*\ force_ciphersuite=}"
+ tmp="${tmp%%[!-0-9A-Z_a-z]*}"
+ case "$*" in
+ *"-s SSL - The server has no ciphersuites in common"*)
+ # This test case expects a ciphersuite mismatch, so it
+ # doesn't actually require the ciphersuite to be enabled.
+ :;;
+ *) requires_ciphersuite_enabled "$tmp";;
+ esac;;
esac
- unset ciphersuite
+ unset tmp
}
requires_certificate_authentication () {
@@ -1190,9 +1183,10 @@
requires_config_enabled MBEDTLS_SSL_ALPN;;
esac
- # If the client or serve requires a ciphersuite, check that it's enabled.
- maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
- maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@"
+ # If the client or server requires certain features that can be detected
+ # from their command-line arguments, check that they're enabled.
+ detect_required_features "$SRV_CMD" "$@"
+ detect_required_features "$CLI_CMD" "$@"
# If we're in a PSK-only build and the test can be adapted to PSK, do that.
maybe_adapt_for_psk "$@"