From b7adf7bb77ade7d39dbcdfe524b6a7c5a08abe32 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 4 Dec 2024 15:32:17 +0100 Subject: [PATCH] Fix tls13_only Signed-off-by: Ronald Cron --- tests/configs/tls13-only.h | 3 --- tests/scripts/components-configuration-tls.sh | 11 +++++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/configs/tls13-only.h b/tests/configs/tls13-only.h index d825ee92c7..342bbed91e 100644 --- a/tests/configs/tls13-only.h +++ b/tests/configs/tls13-only.h @@ -26,6 +26,3 @@ #undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE #undef MBEDTLS_SSL_DTLS_CONNECTION_ID #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT - -/* Enable some invasive tests */ -#define MBEDTLS_TEST_HOOKS diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh index a60bb93268..302eda9dbe 100644 --- a/tests/scripts/components-configuration-tls.sh +++ b/tests/scripts/components-configuration-tls.sh @@ -463,6 +463,8 @@ component_test_tls13_only () { msg "build: default config without MBEDTLS_SSL_PROTO_TLS1_2" scripts/config.py set MBEDTLS_SSL_EARLY_DATA scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT + + scripts/config.py set MBEDTLS_TEST_HOOKS make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" msg "test: TLS 1.3 only, all key exchange modes enabled" @@ -482,6 +484,7 @@ component_test_tls13_only_psk () { scripts/config.py unset MBEDTLS_PKCS7_C scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_TEST_HOOKS scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDH scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA @@ -518,6 +521,8 @@ component_test_tls13_only_ephemeral () { scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + + scripts/config.py set MBEDTLS_TEST_HOOKS make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode" @@ -533,6 +538,7 @@ component_test_tls13_only_ephemeral_ffdh () { scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_TEST_HOOKS scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDH # Note: The unset below is to be removed for Mbed TLS 4.0 scripts/config.py unset MBEDTLS_ECDH_C @@ -556,6 +562,7 @@ component_test_tls13_only_psk_ephemeral () { scripts/config.py unset MBEDTLS_PKCS7_C scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_TEST_HOOKS scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_OAEP @@ -583,6 +590,7 @@ component_test_tls13_only_psk_ephemeral_ffdh () { scripts/config.py unset MBEDTLS_PKCS7_C scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_TEST_HOOKS scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDH scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA @@ -611,6 +619,7 @@ component_test_tls13_only_psk_all () { scripts/config.py unset MBEDTLS_PKCS7_C scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_TEST_HOOKS scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_OAEP @@ -632,6 +641,8 @@ component_test_tls13_only_ephemeral_all () { msg "build: TLS 1.3 only from default, without PSK key exchange mode" scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED scripts/config.py set MBEDTLS_SSL_EARLY_DATA + + scripts/config.py set MBEDTLS_TEST_HOOKS make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"