diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0d47fd5271..a51b49f11f 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -79,24 +79,20 @@ fi if [ -n "${OPENSSL_NEXT:-}" ]; then O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key" - O_NEXT_SRV_RSA="$OPENSSL_NEXT s_server -www -cert data_files/server2-sha256.crt -key data_files/server2.key" O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www " O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client" else O_NEXT_SRV=false - O_NEXT_SRV_RSA=false O_NEXT_SRV_NO_CERT=false O_NEXT_CLI=false fi if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" - G_NEXT_SRV_RSA="$GNUTLS_NEXT_SERV --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key" G_NEXT_SRV_NO_CERT="$GNUTLS_NEXT_SERV" else G_NEXT_SRV=false G_NEXT_SRV_NO_CERT=false - G_NEXT_SRV_RSA=false fi if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then @@ -1444,14 +1440,12 @@ fi if [ -n "${OPENSSL_NEXT:-}" ]; then O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT" - O_NEXT_SRV_RSA="$O_NEXT_SRV_RSA -accept $SRV_PORT" O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT" O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT" fi if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" - G_NEXT_SRV_RSA="$G_NEXT_SRV_RSA -p $SRV_PORT" G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT" fi @@ -8867,22 +8861,6 @@ run_test "TLS1.3: minimal feature sets - openssl" \ -c "<= parse finished message" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT -requires_config_disabled MBEDTLS_USE_PSA_CRYPTO -run_test "TLS 1.3 m->O AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \ - "$O_NEXT_SRV_RSA -ciphersuites TLS_AES_128_GCM_SHA256 -tls1_3 -msg -no_middlebox -num_tickets 0" \ - "$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \ - 0 \ - -c "ECDH curve: x25519" \ - -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ - -c "Certificate Verify: Signature algorithm ( 0804 )" \ - -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \ - -c "HTTP/1.0 200 ok" - requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -8915,24 +8893,6 @@ run_test "TLS1.3: minimal feature sets - gnutls" \ -c "<= parse finished message" \ -c "HTTP/1.0 200 OK" -requires_gnutls_next_no_ticket -requires_gnutls_next_disable_tls13_compat -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT -requires_config_disabled MBEDTLS_USE_PSA_CRYPTO -requires_gnutls_next -run_test "TLS 1.3 m->G AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \ - "$G_NEXT_SRV_RSA --disable-client-cert --priority=NORMAL:+CIPHER-ALL:+SHA256:+GROUP-SECP256R1:+ECDHE-ECDSA:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \ - "$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \ - 0 \ - -c "ECDH curve: x25519" \ - -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ - -c "Certificate Verify: Signature algorithm ( 0804 )" \ - -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \ - -c "HTTP/1.0 200 OK" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL skip_handshake_stage_check requires_gnutls_tls1_3