commit 7782605491f1b7e35bbba1d1c404933374aba672
author Andrzej Kurek <andrzej.kurek@arm.com> Thu Oct 11 07:34:08 2018 -0400
committer Andrzej Kurek <andrzej.kurek@arm.com> Thu Oct 11 07:34:08 2018 -0400
tree de6a060fea8f2cd4702e6dc2634389208a924e31
parent 748face36f508e7f7b11150a8023935fb11a1621

ssl-opt.sh: add comments regarding ciphersuite forcing

tests/ssl-opt.sh

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index e309f42..96f0ba0 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -5960,6 +5960,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
@@ -5986,6 +5987,7 @@
             -C "error"
 
 # Test for automatic MTU reduction on repeated resend.
+# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
 # The ratio of max/min timeout should ideally equal 4 to accept two
 # retransmissions, but in some cases (like both the server and client using
 # fragmentation and auto-reduction) an extra retransmission might occur,
@@ -6013,6 +6015,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
 only_with_valgrind
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
@@ -6061,6 +6064,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
 # the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
 # OTOH the client might resend if the server is to slow to reset after sending
 # a HelloVerifyRequest, so only check for no retransmission server-side
@@ -6112,6 +6116,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
 not_with_valgrind # spurious autoreduction due to timeout
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
@@ -6138,6 +6143,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 1450 with full config.
 # This ensures things still work after session_reset().
 # It also exercises the "resumed handshake" flow.
 # Since we don't support reading fragmented ClientHello yet,
@@ -6333,6 +6339,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C
@@ -6356,6 +6363,7 @@
             -c "found fragmented DTLS handshake message" \
             -C "error"
 
+# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
 requires_config_enabled MBEDTLS_RSA_C
 requires_config_enabled MBEDTLS_ECDSA_C