From 213c4eae3a654f22663fa42eef1bf940a729cca6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 7 Mar 2023 19:29:57 +0100 Subject: [PATCH] ssl-opt: enhance comment for get_tls_version() function Signed-off-by: Valerio Setti --- tests/ssl-opt.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index eb0ac86454..08d3800b43 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1442,6 +1442,17 @@ do_run_test_once() { # Detect if the current test is going to use TLS 1.3. # $1 and $2 contain the server and client command lines, respectively. +# +# Note: this function only provides some guess about TLS version by simply +# looking at the server/client command lines. Even thought this works +# for the sake of tests' filtering (especially in conjunction with the +# detect_required_features() function), it does NOT guarantee that the +# result is accurate. It does not check other conditions, such as: +# - MBEDTLS_SSL_PROTO_TLS1_x can be disabled to selectively remove +# TLS 1.2/1.3 suppport +# - we can force a ciphersuite which contains "WITH" in its name, meaning +# that we are going to use TLS 1.2 +# - etc etc get_tls_version() { case $1 in *tls1_3*|*tls13*)