From f9ad8303f15b2e7b3f861db9baac422f8add9898 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 13 Sep 2024 23:08:48 +0200
Subject: [PATCH] Skip ssl_server in config-suite-b

When building with `configs/config-suite-b.h`, the SSL I/O buffer size is
1024 bytes. Experimentally, this isn't quite enough for the test certificate
that we use: the server aborts the handshake with
`MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` raised from
`mbedtls_ssl_write_certificate()`. State an ad hoc minimum output buffer
size to skip testing `ssl_server` in `config-suite-b`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/ssl-opt.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 1c7db2c284..e7eef1a702 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -509,6 +509,11 @@ detect_required_features() {
             requires_config_enabled MBEDTLS_PEM_PARSE_C
             requires_config_enabled MBEDTLS_SSL_SRV_C
             requires_certificate_authentication
+            # The actual minimum depends on the configuration since it's
+            # mostly about the certificate size.
+            # In config-suite-b.h, for the test certificates (server5.crt),
+            # 1024 is not enough.
+            requires_config_value_at_least MBEDTLS_SSL_OUT_CONTENT_LEN 2000
             ;;
     esac