ssl-opt.sh: TLS 1.3: Run tests with middlebox compatibility enabled
Run tests with middlebox compatibility enabled but tests
dedicated to middlebox compatibility disabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9235be7..eb67a71 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2725,8 +2725,22 @@
component_test_tls13_experimental () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
- scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
- scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
+ scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
+ scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+ msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
+ make test
+ msg "ssl-opt.sh (TLS 1.3 experimental)"
+ if_build_succeeded tests/ssl-opt.sh
+}
+
+component_test_tls13_experimental_no_compatibility_mode () {
+ msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
+ scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
+ scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
@@ -2737,8 +2751,9 @@
component_test_tls13_experimental_with_padding () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding"
- scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
- scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
+ scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
+ scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding"
@@ -2750,6 +2765,7 @@
component_test_tls13_experimental_with_ecp_restartable () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with ecp_restartable"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_ECP_RESTARTABLE
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
@@ -2762,6 +2778,7 @@
component_test_tls13_experimental_with_everest () {
msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with Everest"
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py
index 07013ae..0bf8555 100755
--- a/tests/scripts/generate_tls13_compat_tests.py
+++ b/tests/scripts/generate_tls13_compat_tests.py
@@ -138,7 +138,7 @@
"-sigalgs {signature_algorithms}".format(
signature_algorithms=signature_algorithms),
"-groups {named_groups}".format(named_groups=named_groups)]
- ret += ['-msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache']
+ ret += ['-msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache']
return ' '.join(ret)
def pre_checks(self):
@@ -221,7 +221,7 @@
priority_string_list = ['NONE'] + sorted(priority_string_list) + ['VERS-TLS1.3']
priority_string = ':+'.join(priority_string_list)
- priority_string += ':%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE'
+ priority_string += ':%NO_TICKETS'
ret += ['--priority={priority_string}'.format(
priority_string=priority_string)]
ret = ' '.join(ret)
@@ -272,6 +272,7 @@
ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
'requires_config_enabled MBEDTLS_SSL_CLI_C',
'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL',
+ 'requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE',
'requires_config_disabled MBEDTLS_USE_PSA_CRYPTO']
if 'rsa_pss_rsae_sha256' in self._sig_algs:
ret.append(