ssl-opt.sh: TLS 1.3: Run tests with middlebox compatibility enabled

Run tests with middlebox compatibility enabled but tests dedicated to middlebox compatibility disabled. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-09 10:39:19 +01:00 · 2021-12-09 10:39:19 +01:00 · fdb0e3f381
commit fdb0e3f381
parent 7e38cba993
4 changed files with 463 additions and 215 deletions
--- a/tests/scripts/generate_tls13_compat_tests.py
+++ b/tests/scripts/generate_tls13_compat_tests.py
@ -138,7 +138,7 @@ class OpenSSLServ(TLSProgram):
                "-sigalgs {signature_algorithms}".format(
                    signature_algorithms=signature_algorithms),
                "-groups {named_groups}".format(named_groups=named_groups)]
-        ret += ['-msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache']
+        ret += ['-msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache']
        return ' '.join(ret)

    def pre_checks(self):
@ -221,7 +221,7 @@ class GnuTLSServ(TLSProgram):
        priority_string_list = ['NONE'] + sorted(priority_string_list) + ['VERS-TLS1.3']

        priority_string = ':+'.join(priority_string_list)
-        priority_string += ':%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE'
+        priority_string += ':%NO_TICKETS'
        ret += ['--priority={priority_string}'.format(
            priority_string=priority_string)]
        ret = ' '.join(ret)
@ -272,6 +272,7 @@ class MbedTLSCli(TLSProgram):
        ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
               'requires_config_enabled MBEDTLS_SSL_CLI_C',
               'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL',
+               'requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE',
               'requires_config_disabled MBEDTLS_USE_PSA_CRYPTO']
        if 'rsa_pss_rsae_sha256' in self._sig_algs:
            ret.append(