ssl-opt.sh: Do not force TLS 1.3 on client

For TLS 1.3 tests, do not force TLS 1.3 version on client to play the negotiation game whenever possible. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-18 14:04:12 +01:00 · 2022-03-18 14:04:12 +01:00 · a1b8f6e914
commit a1b8f6e914
parent f3b425bbde
3 changed files with 443 additions and 240 deletions
--- a/tests/scripts/generate_tls13_compat_tests.py
+++ b/tests/scripts/generate_tls13_compat_tests.py
@ -291,7 +291,7 @@ class MbedTLSCli(TLSProgram):
        super().cmd()
        ret = ['$P_CLI']
        ret += ['server_addr=127.0.0.1', 'server_port=$SRV_PORT',
-                'debug_level=4', 'force_version=tls13']
+                'debug_level=4']
        ret += ['ca_file={cafile}'.format(
            cafile=CERTIFICATES[self._cert_sig_algs[0]].cafile)]

@ -325,7 +325,7 @@ class MbedTLSCli(TLSProgram):
        return ret

    def post_checks(self):
-        check_strings = []
+        check_strings = ["Protocol is TLSv1.3"]
        if self._ciphers:
            check_strings.append(
                "server hello, chosen ciphersuite: ( {:04x} ) - {}".format(