Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Framework: Split check_test_cases.py and outcome_analysis.py #55

Merged
merged 742 commits into from
Oct 10, 2024
Merged

Framework: Split check_test_cases.py and outcome_analysis.py #55

Changes from 1 commit
Commits
Show all changes
742 commits
Select commit Hold shift + click to select a range
6901504
Allow no authentication of the server in 1.3
mpg Aug 14, 2024
7a442c9
ssl-opt.sh: Fix test case titles
ronald-cron-arm Apr 3, 2024
bfbecf8
tls13: Add support for trusted certificate callback
ronald-cron-arm Apr 3, 2024
95dd6f5
ssl-opt.sh: Test trusted certificate callback in TLS 1.3
ronald-cron-arm Apr 3, 2024
5bdadbb
Restrict the scope of a few variables
mpg Aug 14, 2024
fd800c2
Improve a variable's name
mpg Aug 14, 2024
843a00d
Add support for context f_vrfy callback in 1.3
mpg Aug 16, 2024
908f57d
Minor refactoring of generic SSL certificate verif
mpg Aug 16, 2024
19dd9f5
Merge 1.2 and 1.3 certificate verification
mpg Aug 16, 2024
a040548
Improve some comments
mpg Aug 16, 2024
67072bf
Fix two dependency declarations in ssl-opt
mpg Aug 16, 2024
9e3e991
Fix typos in comments
mpg Aug 20, 2024
5398e58
Fix guards around function now used by 1.3 as well
mpg Aug 20, 2024
b721ccc
Add a ChangeLog entry
mpg Aug 20, 2024
c645f11
Merge pull request #9508 from eleuzi01/docs-fix
mpg Sep 2, 2024
c21675e
Make error line consistent with the header
eleuzi01 Sep 2, 2024
c37877f
Merge pull request #9515 from mpg/windows-makefile-fixes
mpg Sep 3, 2024
f3cd97d
Merge pull request #9327 from eleuzi01/issue-9319
mpg Sep 3, 2024
36fe918
Merge pull request #9252 from gabor-mezei-arm/9114_replace_MBEDTLS_MD…
davidhorstmann-arm Sep 3, 2024
1d98d9d
Merge pull request #9526 from mpg/refactor-tls123-verif-dev
davidhorstmann-arm Sep 3, 2024
9fc5be0
Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1
eleuzi01 Sep 4, 2024
7305002
Add optionally unsafe variant of exp_mod for perf
mpg Jun 18, 2024
91537eb
Improve documentation of MBEDTLS_MPI_IS_PUBLIC
yanesca Aug 12, 2024
9a8b1f4
Make _optionally_safe functions internal
yanesca Aug 12, 2024
4726cb8
Move mixed security code to small local functions
yanesca Aug 12, 2024
5b69fad
Move MBEDTLS_MPI_IS_* macros to bignum_core.h
yanesca Aug 12, 2024
24fb8c9
Make MBEDTLS_MPI_IS_PUBLIC thumb friendly
yanesca Aug 12, 2024
8fc736d
Move _public parameters next to their target
yanesca Aug 12, 2024
a099ac9
Use actual exponent size for window calculation
yanesca Aug 13, 2024
df5e55b
Add tests for optionally safe codepaths
yanesca Aug 13, 2024
1fa5f3a
Add tests for optionally unsafe code paths
yanesca Aug 13, 2024
b64f1b5
Fix mpi_core_exp_mod documentation
yanesca Aug 15, 2024
87253af
Optimise public RSA operations
yanesca Aug 15, 2024
08091d7
Fix optionally safe hooks declarations
yanesca Aug 20, 2024
d6aaee1
Disable optionally safe test hook in threading builds
yanesca Aug 20, 2024
76c0e6f
Clean up initialization in _core_exp_mod()
yanesca Aug 20, 2024
a7eb812
Fix memory corruption in exp_mod tests
yanesca Aug 20, 2024
e1d1854
Add changelog
yanesca Aug 22, 2024
6872c5f
Make mbedtls_mpi_exp_mod_unsafe internal
yanesca Aug 22, 2024
6154765
Improve ChangeLog
yanesca Aug 22, 2024
c870e05
Add header for mbedtls_mpi_exp_mod_unsafe()
yanesca Aug 22, 2024
b676959
Fix Changelog formatting
yanesca Aug 22, 2024
64467ff
Add tests for optionally safe code paths in bignum
yanesca Aug 21, 2024
e0825bb
Add tests for optionally safe code paths in RSA
yanesca Aug 21, 2024
816a71f
Introduce MBEDTLS_MPI_IS_TEST
yanesca Aug 22, 2024
47847ca
Initial local variables to secure default
yanesca Aug 22, 2024
7e909c8
Explain the choice of the value of MBEDTLS_MPI_IS_PUBLIC
yanesca Aug 22, 2024
514e62c
Move bignum code path testing out of the library
yanesca Aug 22, 2024
44eca95
Fix incorrect test result
yanesca Aug 22, 2024
21445c5
Prepare codepath tests for early termination
yanesca Aug 22, 2024
e91d924
Fix code style
mpg Sep 2, 2024
464bf78
Fix guards on #include
mpg Sep 2, 2024
3106013
Fix code style (for real this time, hopefully)
mpg Sep 2, 2024
49645f6
Misc improvements to comments
mpg Sep 3, 2024
0c4a115
Remove codepath testing where it's redundant
mpg Sep 5, 2024
b70ef86
Move new files to their correct location
mpg Sep 5, 2024
63cb13e
Replace MBEDTLS_ECP_HAVE_SECP224K1 with PSA_WANT_ECC_SECP_K1_224
eleuzi01 Sep 5, 2024
924c1a3
Merge pull request #9540 from eleuzi01/replace-sha1
davidhorstmann-arm Sep 5, 2024
1ad1954
Merge pull request #9304 from sezrab/analyze_driver_vs_reference_head…
gilles-peskine-arm Sep 5, 2024
8c95999
Merge pull request #9544 from eleuzi01/replace-224k1
ronald-cron-arm Sep 6, 2024
a9511bc
all.sh: Enable MBEDTLS_PSA_CRYPTO_CONFIG in tls13 components
ronald-cron-arm Sep 6, 2024
54d1eec
all.sh: Enable MBEDTLS_PSA_CRYPTO_CONFIG in build_aes_variations
ronald-cron-arm Sep 6, 2024
6604047
all.sh: Keep only "test_block_cipher_no_decrypt_aesni" with PSA config
ronald-cron-arm Sep 6, 2024
e7f289e
Use PSA crypto config in test_sha3_variations
ronald-cron-arm Sep 6, 2024
ada6ce5
Update framework to latest
ronald-cron-arm Sep 9, 2024
a6950b8
Replace MBEDTLS_PK_CAN_ECDSA_SOME with PSA_HAVE_ALG_SOME_ECDSA
eleuzi01 Jul 30, 2024
4fd105c
Introduce PSA_HAVE_ALG_ECDSA_SIGN and PSA_HAVE_ALG_ECDSA_VERIFY
eleuzi01 Aug 27, 2024
39c7d5d
Replace MBEDTLS_PK_CAN_ECDSA_SIGN with PSA_HAVE_ALG_ECDSA_SIGN
eleuzi01 Aug 27, 2024
bed21b5
Replace MBEDTLS_PK_CAN_ECDSA_VERIFY with PSA_HAVE_ALG_ECDSA_VERIFY
eleuzi01 Aug 27, 2024
8d8620b
Address review comments: add PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
eleuzi01 Sep 3, 2024
96867b6
Address review comments: remove dependencies
eleuzi01 Sep 3, 2024
91d8386
Enable USE_PSA_CRYPTO
eleuzi01 Sep 4, 2024
b430eee
Bring back some dependencies
eleuzi01 Sep 5, 2024
9c64764
Remove definitions of MBEDTLS_PK_CAN/HAVE_ECDSA*
eleuzi01 Sep 6, 2024
9328781
Use scripts/project_name.txt in Python scripts
ronald-cron-arm Sep 9, 2024
7ba04a2
Bump version to 4.0.0
davidhorstmann-arm Sep 3, 2024
22eb209
Update framework
ronald-cron-arm Sep 9, 2024
ef2dd74
Run test suites with a single call to run-test-suites.pl
gilles-peskine-arm Sep 11, 2024
24515f9
Revert "Adapt basic-build-test.sh"
gilles-peskine-arm Sep 11, 2024
282abb5
Create seedfile in the tf-psa-crypto subproject
gilles-peskine-arm Sep 11, 2024
71a53b5
Fix test suites invoked in the wrong directory
gilles-peskine-arm Sep 11, 2024
25012e5
Update framework to the merge of #45
ronald-cron-arm Sep 11, 2024
4153ebb
Fix comments
ronald-cron-arm Sep 11, 2024
9fa8dc4
Fix shared library builds
gilles-peskine-arm Sep 11, 2024
236e05d
Fix typo that caused cpp_dummy_build not to be built with CMake
gilles-peskine-arm Sep 11, 2024
10ff417
tests: add a test for pkg-config files
billatarm Mar 25, 2024
8ea8b30
Merge pull request #8988 from billatarm/add-pc-files
paul-elliott-arm Sep 11, 2024
5f71537
Merge pull request #9552 from ronald-cron-arm/project-and-branches-de…
ronald-cron-arm Sep 12, 2024
2f620f3
Merge pull request #9561 from gilles-peskine-arm/cmake-underscore_D
paul-elliott-arm Sep 12, 2024
a45ba05
Merge pull request #9549 from ronald-cron-arm/adapt-components
ronald-cron-arm Sep 12, 2024
ffce45c
Add missing ALG_SHA_1
eleuzi01 Sep 12, 2024
56ee69d
Fix "Renegotiation: openssl server, client-initiated" with OpenSSL 3
gilles-peskine-arm Sep 6, 2024
9404169
Use CONFIGS_ENABLED instead of repeatedly calling query_compile_time_…
gilles-peskine-arm Sep 6, 2024
6f9952a
ssl-opt: Fix GnuTLS PSK injection
gilles-peskine-arm Sep 6, 2024
ae3dc17
Detect more cases where certificates are required
gilles-peskine-arm Sep 6, 2024
4f09864
Fix PSK-only mode doing less than it should
gilles-peskine-arm Sep 6, 2024
24b4303
Detect PSK-only mode in TLS 1.3 as well
gilles-peskine-arm Sep 6, 2024
9d3b207
Unify the two requires-key-exchange-with-certificate function
gilles-peskine-arm Sep 6, 2024
db26406
Also activate PSK-only mode when PSK-ephemeral key exchanges are avai…
gilles-peskine-arm Sep 6, 2024
cd4fe70
Fix weirdly quoted invocations of requires_any_configs_enabled
gilles-peskine-arm Sep 7, 2024
78df617
Remove unused auth_mode parameter on a PSK test case
gilles-peskine-arm Sep 7, 2024
7f453bf
Improve some comments
gilles-peskine-arm Sep 9, 2024
2dd4395
Fix detection of TLS 1.2 PSK-ephemeral key exchange modes
gilles-peskine-arm Sep 9, 2024
6e85e35
Documentation improvements
gilles-peskine-arm Sep 10, 2024
e3eab32
requires_certificate_authentication: prioritize TLS 1.3
gilles-peskine-arm Sep 10, 2024
e16aecc
Merge pull request #9556 from gilles-peskine-arm/ssl-opt-psk-detectio…
gilles-peskine-arm Sep 13, 2024
de4d5b7
Merge pull request #9497 from minosgalanakis/bugfix/return_early_in_c…
gilles-peskine-arm Sep 13, 2024
5dab92e
CMake: support "make programs"
gilles-peskine-arm Sep 14, 2024
b630648
CMake: support "make ssl-opt" to just build what ssl-opt.sh needs
gilles-peskine-arm Sep 14, 2024
d001f58
make: support "make ssl-opt" to just build what ssl-opt.sh needs
gilles-peskine-arm Sep 14, 2024
063fb8c
Move config-ccm-psk-tls1_2.h testing to separate all.sh components
gilles-peskine-arm Sep 14, 2024
68f511e
Move config-ccm-psk-dtls1_2.h testing to separate all.sh components
gilles-peskine-arm Sep 14, 2024
b6d4913
Move config-suite-b.h testing to separate all.sh components
gilles-peskine-arm Sep 14, 2024
86ceb13
Move config-thread.h testing to separate all.sh components
gilles-peskine-arm Sep 14, 2024
af5a899
Move config-symmetric-only.h testing to separate all.sh components
gilles-peskine-arm Sep 14, 2024
effa6a0
Move config-tfm.h testing to separate all.sh component
gilles-peskine-arm Sep 14, 2024
2e449f0
Remove test-ref-configs.pl, which no longer does anything
gilles-peskine-arm Sep 14, 2024
73c4096
Make the file a bit more readable
gilles-peskine-arm May 12, 2024
fbb59bd
Document the C compiler requirement
gilles-peskine-arm May 12, 2024
b805168
Merge pull request #9536 from mpg/rsapub-perf-dev
tom-cosgrove-arm Sep 18, 2024
f8db5b6
Move the function declarations to x509.h
sezrab Jul 19, 2024
4f76194
Move function mbedtls_oid_get_numeric_string to x509.c
sezrab Jul 19, 2024
4aee6a2
Move mbedtls_oid_get_numeric_string unit tests to test_suite_x509parse
sezrab Jul 19, 2024
c71abc3
Move mbedtls_oid_from_numeric_string to x509_create.c
sezrab Jul 19, 2024
2bb3f4d
Move mbedtls_oid_from_numeric_string unit tests to test_suite_x509write
sezrab Jul 19, 2024
3da783b
Move static OID functions to x509.c
sezrab Sep 13, 2024
5125a1b
Add ChangeLog for moving OID string conversion functions
Harry-Ramsey Sep 13, 2024
e5b261f
Fix ChangeLog format error
Harry-Ramsey Sep 13, 2024
9f2b817
Update documentation
gabor-mezei-arm Aug 6, 2024
c659c1b
Move config file modification flag handling to the Config class
gabor-mezei-arm Aug 6, 2024
daf807f
Fix pylint issues
gabor-mezei-arm Aug 14, 2024
d53080d
Make the `Config` a proper base class
gabor-mezei-arm Aug 27, 2024
776ee90
Fix header file detection
gabor-mezei-arm Sep 9, 2024
24d7cc7
Create a class for command line config manipulation
gabor-mezei-arm Aug 6, 2024
a12ed6b
Unify spacing
gabor-mezei-arm Sep 9, 2024
0e9e4cb
Move commonly used part to config_common
gabor-mezei-arm Sep 10, 2024
f5f1308
Fix documentation
gabor-mezei-arm Sep 18, 2024
568808a
Update member variable names
gabor-mezei-arm Sep 18, 2024
317a2a3
Fix documentation
gabor-mezei-arm Sep 18, 2024
cd326bf
Apply the parameter change
gabor-mezei-arm Sep 18, 2024
a941e14
Update framework
gabor-mezei-arm Sep 10, 2024
a22b95a
Fix obsolete comment about MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
gilles-peskine-arm Sep 19, 2024
bae154d
Merge pull request #9385 from eleuzi01/replace-ecdsa-some
davidhorstmann-arm Sep 19, 2024
94c3065
Fix x509 parse syntax typo
Harry-Ramsey Sep 19, 2024
e7422a1
Remove legacy-crypto components that come from test-ref-configs
gilles-peskine-arm Sep 19, 2024
ea5de2b
Simplify psa-crypto components that come from test-ref-configs
gilles-peskine-arm Sep 19, 2024
8904570
Merge pull request #9470 from gabor-mezei-arm/9325_move_config.py_to_…
ronald-cron-arm Sep 20, 2024
702d75a
Pass the setting's value to adapters
gilles-peskine-arm Sep 19, 2024
e4c6955
Change "full" to affect boolean settings rather than use sections
gilles-peskine-arm Sep 19, 2024
36571d6
Change "realfull" to activate everything
gilles-peskine-arm Sep 19, 2024
00b9144
Don't pass the section name to adapters
gilles-peskine-arm Sep 19, 2024
475ed86
Merge pull request #9600 from gilles-peskine-arm/use_psa_crypto-key_i…
tom-cosgrove-arm Sep 24, 2024
edc27bc
Merge pull request #9128 from gilles-peskine-arm/make_generated_files…
paul-elliott-arm Sep 24, 2024
26650f5
Merge pull request #9565 from gilles-peskine-arm/test-ref-configs-go-…
gilles-peskine-arm Sep 24, 2024
1d6a950
opt-testcases/*.sh are not executable
gilles-peskine-arm Sep 13, 2024
7b02c1f
Avoid multiline requires_all_configs_xxx
gilles-peskine-arm Sep 13, 2024
73a406e
Separate accepting TLS 1.3 middlebox compatibility from sending it
gilles-peskine-arm Sep 13, 2024
671a439
Adapt middlebox compatibility tests for always-on acceptance
gilles-peskine-arm Sep 13, 2024
0f2d839
Remove mid-stanza blank lines
gilles-peskine-arm Sep 13, 2024
edc8f35
Remove obsolete requirements on middlebox compatibility mode: manual
gilles-peskine-arm Sep 13, 2024
ae5a35f
Remove obsolete requirements on middlebox compatibility mode: generated
gilles-peskine-arm Sep 13, 2024
c07beda
generate_tls13_compat_tests: change default mode to all
gilles-peskine-arm Sep 13, 2024
3943a1a
Automatically generate tests/opt-testcases/tls13-compat.sh
gilles-peskine-arm Sep 13, 2024
5dd839a
Fix sensitivity of tls13-compat.sh to the exact generation method
gilles-peskine-arm Sep 13, 2024
6f03eb8
Changelog entry: fix #9551
gilles-peskine-arm Sep 13, 2024
dfbc1a9
Remove transitional always-on internal option
gilles-peskine-arm Sep 13, 2024
9ca9b92
Reduce level of non-error debug message
gilles-peskine-arm Sep 13, 2024
1e01b4a
Remove obsolete requirement for GnuTLS %DISABLE_TLS13_COMPAT_MODE
gilles-peskine-arm Sep 19, 2024
907e495
Print a "Gen" line when generating a file
gilles-peskine-arm Sep 19, 2024
40c090f
Move generation of tls13-compat.sh to tests/CMakeLists.txt
gilles-peskine-arm Sep 19, 2024
fd6d279
CMake: generate tls13-compat.sh in the default build target
gilles-peskine-arm Sep 19, 2024
1150526
Fix copypasta
gilles-peskine-arm Sep 24, 2024
63068d6
Have `make ssl-opt` generate `tls13-compat.sh`
gilles-peskine-arm Sep 24, 2024
419bacc
Allow running pylint and mypy on a single file
gilles-peskine-arm Sep 16, 2024
19ef1ae
Replace stringly typed data by class: prepare
gilles-peskine-arm Sep 16, 2024
f646dbf
Replace stringly typed data by class: coverage
gilles-peskine-arm Sep 16, 2024
82b1672
Replace stringly typed data by class: driver vs reference (code)
gilles-peskine-arm Sep 16, 2024
9df375b
Replace stringly typed data by class: driver vs reference (data)
gilles-peskine-arm Sep 16, 2024
0f31f76
Remove dead code that was handling stringly typed data
gilles-peskine-arm Sep 16, 2024
3f5022e
Move analysis functions into their respective classes
gilles-peskine-arm Sep 16, 2024
b4daeb4
Remove now-useless level of method call indirection
gilles-peskine-arm Sep 16, 2024
0297605
Move test case ignore list to the master Task class
gilles-peskine-arm Sep 16, 2024
dba8010
Simplify sub-test-suite handling in is_test_case_ignored
gilles-peskine-arm Sep 16, 2024
54cfe77
Switch coverage analysis to IGNORE_TESTS for its allowlist
gilles-peskine-arm Sep 16, 2024
870ed2a
Have `make ssl-opt` generate `tls13-compat.sh` (make edition)
gilles-peskine-arm Sep 25, 2024
2efb3da
Merge pull request #9628 from gilles-peskine-arm/tls13-middlebox-comp…
ronald-cron-arm Sep 25, 2024
6959f53
ssl_client1: Exit with an error status if the TLS connection failed
gilles-peskine-arm Aug 27, 2024
a602a41
Prepare to test SSL sample programs
gilles-peskine-arm Sep 4, 2024
2bc5c80
Allow test cases to use a specific port
gilles-peskine-arm Sep 4, 2024
7985d45
Test ssl_client1
gilles-peskine-arm Sep 4, 2024
ae710c8
Test dtls_client
gilles-peskine-arm Sep 4, 2024
a21e893
Test ssl_server
gilles-peskine-arm Sep 4, 2024
3abca95
Test ssl_pthread_server
gilles-peskine-arm Sep 4, 2024
c83e56c
Test ssl_fork_server
gilles-peskine-arm Sep 4, 2024
6b4d693
Test dtls_server
gilles-peskine-arm Sep 4, 2024
3338821
Declare OpenSSL version dependency for TLS 1.3 test cases
gilles-peskine-arm Sep 4, 2024
8db2b79
Declare GnuTLS version dependency for TLS 1.3 test cases
gilles-peskine-arm Sep 5, 2024
6ef5239
Compatibiliy with older OpenSSL and GnuTLS
gilles-peskine-arm Sep 4, 2024
530cb41
ssl_server: Allow the client to close the connection first
gilles-peskine-arm Sep 4, 2024
6e3de21
dtls_client: don't force the use of IPv6
gilles-peskine-arm Sep 5, 2024
c3d1a1d
Test SSL sample programs against each other and ssl_client2, ssl_server2
gilles-peskine-arm Sep 9, 2024
cc7d6ae
Note known issue about test cases skipped in TLS 1.3-only builds
gilles-peskine-arm Sep 11, 2024
e13ff09
Use OPENSSL_NEXT for a test case that uses IPv6 when available
gilles-peskine-arm Sep 13, 2024
f9ad830
Skip ssl_server in config-suite-b
gilles-peskine-arm Sep 13, 2024
5333425
Always call psa_crypto_init before using TLS
gilles-peskine-arm Sep 25, 2024
465837b
Disable session tickets for ssl_client1 when using TLS 1.3
gilles-peskine-arm Sep 25, 2024
3c16e99
Update framework to the main branch
gilles-peskine-arm Sep 26, 2024
f88f6d6
Stop testing without PSA
gilles-peskine-arm Sep 26, 2024
5602651
Merge pull request #9604 from gilles-peskine-arm/config-full-booleans…
mpg Sep 26, 2024
3b71262
Remove MBEDTLS_OID_C guard from static functions
Harry-Ramsey Sep 26, 2024
b268d27
Merge pull request #9413 from sezrab/split_numeric_string_conversions…
davidhorstmann-arm Sep 26, 2024
e4669a5
Remove legacy symbol definitions pt 1
eleuzi01 Aug 20, 2024
404311a
Remove MBEDTLS_ECP_HAVE_SECP256R1 leftovers
eleuzi01 Aug 20, 2024
c0d6943
Replace legacy symbols in config files
eleuzi01 Aug 20, 2024
3b84b2e
Remove legacy symbol definitions pt 2
eleuzi01 Aug 20, 2024
05fe6e4
Remove MBEDTLS_MD_CAN_SHA512 from header files
eleuzi01 Sep 3, 2024
feb105c
Address review comment
eleuzi01 Sep 5, 2024
7f85f1f
Cosmetic changes
eleuzi01 Sep 5, 2024
9b0bdd0
Remove MBEDTLS_ECP_HAVE_xxx and MBEDTLS_MD_CAN_xxx
eleuzi01 Sep 6, 2024
bf90fa9
Update submodule to the head of framework PR
eleuzi01 Sep 26, 2024
1a09caa
Merge pull request #9638 from gilles-peskine-arm/ssl-opt-sample-progr…
davidhorstmann-arm Sep 26, 2024
0930b33
Don't use the "allow list" terminology any longer
gilles-peskine-arm Sep 26, 2024
4677129
Merge pull request #9558 from gilles-peskine-arm/run-test-suites-on-s…
gilles-peskine-arm Sep 28, 2024
780e856
Update submodule
eleuzi01 Sep 30, 2024
96c6f5e
Merge pull request #9492 from eleuzi01/remove-legacy-symbol-definitions
ronald-cron-arm Oct 1, 2024
713127d
dtls_server: allow unexpected messages during handshake
gilles-peskine-arm Oct 1, 2024
13b4954
Remove "error" allowance in dtls_server
gilles-peskine-arm Oct 1, 2024
cb42f29
Merge pull request #9662 from gilles-peskine-arm/dtls_server-allow_un…
mpg Oct 2, 2024
38d4c91
Merge pull request #9594 from gilles-peskine-arm/analyze_outcomes-cla…
gilles-peskine-arm Oct 3, 2024
1e5dbd3
Create a module to split test case collection from checks
gilles-peskine-arm Oct 3, 2024
c8c83d0
Split test case collection from checks
gilles-peskine-arm Oct 3, 2024
9f930e0
Create a module to split branch-independent code out of analyze_outco…
gilles-peskine-arm Oct 3, 2024
49c77dd
Remove sample ignore list elements for coverage
gilles-peskine-arm Oct 3, 2024
9d78e87
Missing NotImplementedError in abstract method
gilles-peskine-arm Oct 3, 2024
ad02d44
Don't reuse a variable name inside a function
gilles-peskine-arm Oct 3, 2024
005dca6
Typecheck main
gilles-peskine-arm Oct 3, 2024
e41cde5
Pass KNOWN_TASKS as an argument to main
gilles-peskine-arm Oct 3, 2024
082eade
Separate code and data of outcome analysis
gilles-peskine-arm Oct 3, 2024
3146772
Adjust paths for impending moves to the framework
gilles-peskine-arm Oct 3, 2024
199c919
Upgrade mypy to the last version supporting Python 3.6
gilles-peskine-arm Sep 23, 2024
fecb9b9
Downgrade mypy to a version that works with our code base
gilles-peskine-arm Sep 23, 2024
2c17ec7
Default to allowing partial test coverage
gilles-peskine-arm Oct 4, 2024
ce00cfe
Move some files to framework repository
gilles-peskine-arm Oct 9, 2024
4103f92
Merge branch 'tmp-branch-move-files-to-framework' into move-files-int…
gilles-peskine-arm Oct 9, 2024
48c005f
Adjust import path after script moves
gilles-peskine-arm Oct 3, 2024
67e415f
Also write to a log file by default
gilles-peskine-arm Oct 3, 2024
b111d9f
Support compressed outcome files transparently
gilles-peskine-arm Oct 3, 2024
9c9d9fa
Default to requiring full test coverage
gilles-peskine-arm Oct 4, 2024
d63709d
collect_test_cases.py is now a separate module
gilles-peskine-arm Oct 8, 2024
6759e80
Make open calls more uniform
gilles-peskine-arm Oct 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Disable session tickets for ssl_client1 when using TLS 1.3 
TLS 1.3 session tickets require additional handling in the client.
Mbed-TLS/mbedtls#8749

Disable session tickets for ssl_client1 when using TLS 1.3
until Mbed-TLS/mbedtls#6640 is resolved
and (if relevant) implemented in ssl_client1.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
  • Loading branch information
@gilles-peskine-arm
gilles-peskine-arm committed Sep 25, 2024
commit 465837b24d5bf4e135b2167b1243606b4c03a0b7
15 changes: 12 additions & 3 deletions tests/opt-testcases/sample.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,12 @@

: ${PROGRAMS_DIR:=../programs/ssl}

# Disable session tickets for ssl_client1 when potentially using TLS 1.3
# until https://github.com/Mbed-TLS/mbedtls/issues/6640 is resolved
# and (if relevant) implemented in ssl_client1.
run_test "Sample: ssl_client1, ssl_server2" \
-P 4433 \
"$PROGRAMS_DIR/ssl_server2" \
"$PROGRAMS_DIR/ssl_server2 tickets=0" \
"$PROGRAMS_DIR/ssl_client1" \
0 \
-s "[1-9][0-9]* bytes read" \
Expand Down Expand Up @@ -39,22 +42,28 @@ run_test "Sample: ssl_client1, gnutls server, TLS 1.2" \
-S "Error" \
-C "error"

# Disable session tickets for ssl_client1 when using TLS 1.3
# until https://github.com/Mbed-TLS/mbedtls/issues/6640 is resolved
# and (if relevant) implemented in ssl_client1.
requires_protocol_version tls13
requires_openssl_tls1_3
run_test "Sample: ssl_client1, openssl server, TLS 1.3" \
-P 4433 \
"$O_NEXT_SRV -tls1_3" \
"$O_NEXT_SRV -tls1_3 -num_tickets 0" \
"$PROGRAMS_DIR/ssl_client1" \
0 \
-c "New, TLSv1.3, Cipher is" \
-S "ERROR" \
-C "error"

# Disable session tickets for ssl_client1 when using TLS 1.3
# until https://github.com/Mbed-TLS/mbedtls/issues/6640 is resolved
# and (if relevant) implemented in ssl_client1.
requires_protocol_version tls13
requires_gnutls_tls1_3
run_test "Sample: ssl_client1, gnutls server, TLS 1.3" \
-P 4433 \
"$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3" \
"$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3 --noticket" \
"$PROGRAMS_DIR/ssl_client1" \
0 \
-s "Version: TLS1.3" \
Expand Down