From 0509fea3b2b62b063459e6ea1cb5848390c773bb Mon Sep 17 00:00:00 2001 From: Yuto Takano Date: Mon, 21 Jun 2021 19:43:33 +0100 Subject: [PATCH] Remove hard exit in ssh-opt.sh, replace with `requires` functions - Replace calls to config.py for MAX_IN_LEN and MAX_OUT_LEN with `get_config_value_or_default` - Remove hard exit when MAX_IN/OUT_LEN < 4096, replace with `requires_config_value_at_least` Signed-off-by: Yuto Takano --- tests/ssl-opt.sh | 56 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 14 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0729755f0e..355e712bd4 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -366,9 +366,10 @@ requires_not_i686() { # Calculate the input & output maximum content lengths set in the config MAX_CONTENT_LEN=16384 -MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") -MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") +MAX_IN_LEN=$(get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN") +MAX_OUT_LEN=$(get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN") +# Calculate the maximum content length that fits both if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then MAX_CONTENT_LEN="$MAX_IN_LEN" fi @@ -2748,18 +2749,8 @@ run_test "Session resume using cache, DTLS: openssl server" \ # Tests for Max Fragment Length extension -if [ "$MAX_IN_LEN" -lt "4096" ]; then - printf '%s defines MBEDTLS_SSL_IN_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" - exit 1 -fi - -if [ "$MAX_OUT_LEN" -lt "4096" ]; then - printf '%s defines MBEDTLS_SSL_OUT_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" - exit 1 -fi - if [ $MAX_CONTENT_LEN -ne 16384 ]; then - echo "Using non-default maximum content length $MAX_CONTENT_LEN" + echo "Using non-default maximum content length $MAX_CONTENT_LEN instead of 16384 " fi requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH @@ -2826,7 +2817,7 @@ run_test "Max fragment length: disabled, larger message" \ -s "1 bytes read" requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -run_test "Max fragment length DTLS: disabled, larger message" \ +run_test "Max fragment length, DTLS: disabled, larger message" \ "$P_SRV debug_level=3 dtls=1" \ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 1 \ @@ -2836,6 +2827,9 @@ run_test "Max fragment length DTLS: disabled, larger message" \ -S "Maximum outgoing record payload length is 16384" \ -c "fragment larger than.*maximum " +# Make sure it was compiled with lengths over 4096 +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: used by client" \ "$P_SRV debug_level=3" \ @@ -2850,6 +2844,8 @@ run_test "Max fragment length: used by client" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 1024 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -2864,6 +2860,8 @@ run_test "Max fragment length: client 512, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -2878,6 +2876,8 @@ run_test "Max fragment length: client 512, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 512, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2892,6 +2892,8 @@ run_test "Max fragment length: client 512, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 1024 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2906,6 +2908,8 @@ run_test "Max fragment length: client 1024, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -2920,6 +2924,8 @@ run_test "Max fragment length: client 1024, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 1024, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2934,6 +2940,8 @@ run_test "Max fragment length: client 1024, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2948,6 +2956,8 @@ run_test "Max fragment length: client 2048, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -2962,6 +2972,8 @@ run_test "Max fragment length: client 2048, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 2048, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -2976,6 +2988,8 @@ run_test "Max fragment length: client 2048, server 4096" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 512" \ "$P_SRV debug_level=3 max_frag_len=512" \ @@ -2990,6 +3004,8 @@ run_test "Max fragment length: client 4096, server 512" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ @@ -3004,6 +3020,8 @@ run_test "Max fragment length: client 4096, server 1024" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client 4096, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ @@ -3018,6 +3036,8 @@ run_test "Max fragment length: client 4096, server 2048" \ -s "server hello, max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: used by server" \ "$P_SRV debug_level=3 max_frag_len=4096" \ @@ -3032,6 +3052,8 @@ run_test "Max fragment length: used by server" \ -S "server hello, max_fragment_length extension" \ -C "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 4096 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_gnutls run_test "Max fragment length: gnutls server" \ @@ -3043,6 +3065,8 @@ run_test "Max fragment length: gnutls server" \ -c "client hello, adding max_fragment_length extension" \ -c "found max_fragment_length extension" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client, message just fits" \ "$P_SRV debug_level=3" \ @@ -3059,6 +3083,8 @@ run_test "Max fragment length: client, message just fits" \ -c "2048 bytes written in 1 fragments" \ -s "2048 bytes read" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: client, larger message" \ "$P_SRV debug_level=3" \ @@ -3076,6 +3102,8 @@ run_test "Max fragment length: client, larger message" \ -s "2048 bytes read" \ -s "297 bytes read" +requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" 2048 +requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH run_test "Max fragment length: DTLS client, larger message" \ "$P_SRV debug_level=3 dtls=1" \