mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-14 01:26:49 +00:00
Remove obsolete requirements on middlebox compatibility mode: generated
MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE is no longer required, except in test cases that are specifically about it. This commit removes the requirement in tls13-compat.sh (which does not have test cases that actually depend on the feature). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
edc8f35ed3
commit
ae5a35fc30
File diff suppressed because it is too large
Load Diff
@ -66,7 +66,7 @@ class TLSProgram:
|
||||
|
||||
# pylint: disable=too-many-arguments
|
||||
def __init__(self, ciphersuite=None, signature_algorithm=None, named_group=None,
|
||||
cert_sig_alg=None, compat_mode=True):
|
||||
cert_sig_alg=None):
|
||||
self._ciphers = []
|
||||
self._sig_algs = []
|
||||
self._named_groups = []
|
||||
@ -79,7 +79,6 @@ class TLSProgram:
|
||||
self.add_signature_algorithms(signature_algorithm)
|
||||
if cert_sig_alg:
|
||||
self.add_cert_signature_algorithms(cert_sig_alg)
|
||||
self._compat_mode = compat_mode
|
||||
|
||||
# add_ciphersuites should not override by sub class
|
||||
def add_ciphersuites(self, *ciphersuites):
|
||||
@ -157,8 +156,6 @@ class OpenSSLBase(TLSProgram):
|
||||
ret += ["-groups {named_groups}".format(named_groups=named_groups)]
|
||||
|
||||
ret += ['-msg -tls1_3']
|
||||
if not self._compat_mode:
|
||||
ret += ['-no_middlebox']
|
||||
|
||||
return ret
|
||||
|
||||
@ -288,9 +285,6 @@ class GnuTLSBase(TLSProgram):
|
||||
priority_string = ':+'.join(priority_string_list)
|
||||
priority_string += ':%NO_TICKETS'
|
||||
|
||||
if not self._compat_mode:
|
||||
priority_string += [':%DISABLE_TLS13_COMPAT_MODE']
|
||||
|
||||
ret += ['--priority={priority_string}'.format(
|
||||
priority_string=priority_string)]
|
||||
return ret
|
||||
@ -370,9 +364,6 @@ class MbedTLSBase(TLSProgram):
|
||||
ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
|
||||
'requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED']
|
||||
|
||||
if self._compat_mode:
|
||||
ret += ['requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE']
|
||||
|
||||
if 'rsa_pss_rsae_sha256' in self._sig_algs + self._cert_sig_algs:
|
||||
ret.append(
|
||||
'requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT')
|
||||
|
Loading…
x
Reference in New Issue
Block a user