mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-14 01:26:49 +00:00
ssl-opt.sh: Remove requires_key_exchange_with_cert_in_tls12_enabled
Remove requires_key_exchange_with_cert_in_tls12_enabled and use `requires_any_configs_enabled` directly instead. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
a2900bcd1e
commit
5de538c9dd
@ -357,7 +357,6 @@ class MbedTLSBase(TLSProgram):
|
||||
|
||||
def pre_checks(self):
|
||||
ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
|
||||
'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3',
|
||||
'requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED']
|
||||
|
||||
if self._compat_mode:
|
||||
|
||||
@ -259,17 +259,10 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
|
||||
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
|
||||
|
||||
requires_key_exchange_with_cert_in_tls12_enabled() {
|
||||
if ! $P_QUERY -any $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
then
|
||||
SKIP_NEXT="YES"
|
||||
fi
|
||||
}
|
||||
|
||||
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() {
|
||||
if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2
|
||||
then
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
|
||||
then
|
||||
SKIP_NEXT="YES"
|
||||
@ -5195,7 +5188,7 @@ run_test "Authentication: server badcert, client required" \
|
||||
-c "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server badcert, client optional" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5207,7 +5200,7 @@ run_test "Authentication: server badcert, client optional" \
|
||||
-C "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server goodcert, client optional, no trusted CA" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
|
||||
@ -5239,7 +5232,7 @@ run_test "Authentication: server goodcert, client required, no trusted CA" \
|
||||
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5251,7 +5244,7 @@ run_test "Authentication: server ECDH p256v1, client required, p256v1 unsuppo
|
||||
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5262,7 +5255,7 @@ run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsuppo
|
||||
-c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server badcert, client none" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5274,7 +5267,7 @@ run_test "Authentication: server badcert, client none" \
|
||||
-C "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: client SHA256, server required" \
|
||||
"$P_SRV auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server6.crt \
|
||||
@ -5285,7 +5278,7 @@ run_test "Authentication: client SHA256, server required" \
|
||||
-c "Supported Signature Algorithm found: 5,"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: client SHA384, server required" \
|
||||
"$P_SRV auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server6.crt \
|
||||
@ -5419,7 +5412,7 @@ run_test "Authentication: client no cert, server optional" \
|
||||
-S "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: openssl client no cert, server optional" \
|
||||
"$P_SRV debug_level=3 auth_mode=optional" \
|
||||
"$O_CLI" \
|
||||
@ -5431,7 +5424,7 @@ run_test "Authentication: openssl client no cert, server optional" \
|
||||
-S "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: client no cert, openssl server optional" \
|
||||
"$O_SRV -verify 10 -tls1_2" \
|
||||
"$P_CLI debug_level=3 crt_file=none key_file=none" \
|
||||
@ -5443,7 +5436,7 @@ run_test "Authentication: client no cert, openssl server optional" \
|
||||
-C "! mbedtls_ssl_handshake returned"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: client no cert, openssl server required" \
|
||||
"$O_SRV -Verify 10 -tls1_2" \
|
||||
"$P_CLI debug_level=3 crt_file=none key_file=none" \
|
||||
@ -5487,7 +5480,7 @@ run_test "Authentication: server max_int+1 chain, client default" \
|
||||
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server max_int+1 chain, client optional" \
|
||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
@ -5499,7 +5492,7 @@ run_test "Authentication: server max_int+1 chain, client optional" \
|
||||
requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: server max_int+1 chain, client none" \
|
||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
@ -5551,7 +5544,7 @@ run_test "Authentication: client max_int chain, server required" \
|
||||
# Tests for CA list in CertificateRequest messages
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: send CA list in CertificateRequest (default)" \
|
||||
"$P_SRV debug_level=3 auth_mode=required" \
|
||||
"$P_CLI crt_file=data_files/server6.crt \
|
||||
@ -5560,7 +5553,7 @@ run_test "Authentication: send CA list in CertificateRequest (default)" \
|
||||
-s "requested DN"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: do not send CA list in CertificateRequest" \
|
||||
"$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
|
||||
"$P_CLI crt_file=data_files/server6.crt \
|
||||
@ -5569,7 +5562,7 @@ run_test "Authentication: do not send CA list in CertificateRequest" \
|
||||
-S "requested DN"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: send CA list in CertificateRequest, client self signed" \
|
||||
"$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
|
||||
@ -5583,7 +5576,7 @@ run_test "Authentication: send CA list in CertificateRequest, client self sig
|
||||
-s "X509 - Certificate verification failed"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: send alt conf DN hints in CertificateRequest" \
|
||||
"$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \
|
||||
crt_file2=data_files/server1.crt \
|
||||
@ -5595,7 +5588,7 @@ run_test "Authentication: send alt conf DN hints in CertificateRequest" \
|
||||
-c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: send alt conf DN hints in CertificateRequest (2)" \
|
||||
"$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \
|
||||
crt_file2=data_files/server2.crt \
|
||||
@ -5607,7 +5600,7 @@ run_test "Authentication: send alt conf DN hints in CertificateRequest (2)" \
|
||||
-c "DN hint: C=NL, O=PolarSSL, CN=localhost"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication: send alt hs DN hints in CertificateRequest" \
|
||||
"$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=3 \
|
||||
crt_file2=data_files/server1.crt \
|
||||
@ -5623,7 +5616,7 @@ run_test "Authentication: send alt hs DN hints in CertificateRequest" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server badcert, client required" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5637,7 +5630,7 @@ run_test "Authentication, CA callback: server badcert, client required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server badcert, client optional" \
|
||||
"$P_SRV crt_file=data_files/server5-badsign.crt \
|
||||
key_file=data_files/server5.key" \
|
||||
@ -5659,7 +5652,7 @@ run_test "Authentication, CA callback: server badcert, client optional" \
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5673,7 +5666,7 @@ run_test "Authentication, CA callback: server ECDH p256v1, client required, p
|
||||
requires_config_enabled MBEDTLS_ECP_C
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \
|
||||
"$P_SRV debug_level=1 key_file=data_files/server5.key \
|
||||
crt_file=data_files/server5.ku-ka.crt" \
|
||||
@ -5686,7 +5679,7 @@ run_test "Authentication, CA callback: server ECDH p256v1, client optional, p
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client SHA256, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server6.crt \
|
||||
@ -5699,7 +5692,7 @@ run_test "Authentication, CA callback: client SHA256, server required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client SHA384, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server6.crt \
|
||||
@ -5712,7 +5705,7 @@ run_test "Authentication, CA callback: client SHA384, server required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client badcert, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
|
||||
@ -5737,7 +5730,7 @@ run_test "Authentication, CA callback: client badcert, server required" \
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client cert not trusted, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
|
||||
@ -5758,7 +5751,7 @@ run_test "Authentication, CA callback: client cert not trusted, server requir
|
||||
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client badcert, server optional" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \
|
||||
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
|
||||
@ -5781,7 +5774,7 @@ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server max_int chain, client default" \
|
||||
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
|
||||
key_file=data_files/dir-maxpath/09.key" \
|
||||
@ -5794,7 +5787,7 @@ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server max_int+1 chain, client default" \
|
||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
@ -5807,7 +5800,7 @@ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: server max_int+1 chain, client optional" \
|
||||
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
@ -5821,7 +5814,7 @@ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client max_int+1 chain, server optional" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
@ -5834,7 +5827,7 @@ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client max_int+1 chain, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
@ -5847,7 +5840,7 @@ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
|
||||
requires_full_size_output_buffer
|
||||
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Authentication, CA callback: client max_int chain, server required" \
|
||||
"$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
|
||||
@ -6185,7 +6178,7 @@ run_test "Non-blocking I/O: client auth" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Non-blocking I/O: ticket" \
|
||||
"$P_SRV nbio=2 tickets=1 auth_mode=none" \
|
||||
"$P_CLI nbio=2 tickets=1" \
|
||||
@ -6195,7 +6188,7 @@ run_test "Non-blocking I/O: ticket" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Non-blocking I/O: ticket + client auth" \
|
||||
"$P_SRV nbio=2 tickets=1 auth_mode=required" \
|
||||
"$P_CLI nbio=2 tickets=1" \
|
||||
@ -6205,7 +6198,7 @@ run_test "Non-blocking I/O: ticket + client auth" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Non-blocking I/O: ticket + client auth + resume" \
|
||||
"$P_SRV nbio=2 tickets=1 auth_mode=required" \
|
||||
"$P_CLI nbio=2 tickets=1 reconnect=1" \
|
||||
@ -6215,7 +6208,7 @@ run_test "Non-blocking I/O: ticket + client auth + resume" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Non-blocking I/O: ticket + resume" \
|
||||
"$P_SRV nbio=2 tickets=1 auth_mode=none" \
|
||||
"$P_CLI nbio=2 tickets=1 reconnect=1" \
|
||||
@ -6225,7 +6218,7 @@ run_test "Non-blocking I/O: ticket + resume" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Non-blocking I/O: session-id resume" \
|
||||
"$P_SRV nbio=2 tickets=0 auth_mode=none" \
|
||||
"$P_CLI nbio=2 tickets=0 reconnect=1" \
|
||||
@ -6255,7 +6248,7 @@ run_test "Event-driven I/O: client auth" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Event-driven I/O: ticket" \
|
||||
"$P_SRV event=1 tickets=1 auth_mode=none" \
|
||||
"$P_CLI event=1 tickets=1" \
|
||||
@ -6265,7 +6258,7 @@ run_test "Event-driven I/O: ticket" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Event-driven I/O: ticket + client auth" \
|
||||
"$P_SRV event=1 tickets=1 auth_mode=required" \
|
||||
"$P_CLI event=1 tickets=1" \
|
||||
@ -6275,7 +6268,7 @@ run_test "Event-driven I/O: ticket + client auth" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Event-driven I/O: ticket + client auth + resume" \
|
||||
"$P_SRV event=1 tickets=1 auth_mode=required" \
|
||||
"$P_CLI event=1 tickets=1 reconnect=1" \
|
||||
@ -6285,7 +6278,7 @@ run_test "Event-driven I/O: ticket + client auth + resume" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Event-driven I/O: ticket + resume" \
|
||||
"$P_SRV event=1 tickets=1 auth_mode=none" \
|
||||
"$P_CLI event=1 tickets=1 reconnect=1" \
|
||||
@ -6295,7 +6288,7 @@ run_test "Event-driven I/O: ticket + resume" \
|
||||
-c "Read from server: .* bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
|
||||
requires_key_exchange_with_cert_in_tls12_enabled
|
||||
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
|
||||
run_test "Event-driven I/O: session-id resume" \
|
||||
"$P_SRV event=1 tickets=0 auth_mode=none" \
|
||||
"$P_CLI event=1 tickets=0 reconnect=1" \
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user