Detect GnuTLS support for TLS-RSA-WITH-NULL-SHA256
TLS-RSA-WITH-NULL-SHA256, like other SHA256-based cipher suites, was first
introduced in TLS 1.2. Mbed TLS accepts it in earlier protocol versions as
well. This is technically a bug, which older versions of GnuTLS also have.
GnuTLS 3.4.7 fixed this bug. Adapt compat.sh to automatically omit
TLS-RSA-WITH-NULL-SHA256 in invalid protocol versions if GnuTLS doesn't
support it. It's already not included in invalid protocol versions in
OpenSSL interoperability testing.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/tests/compat.sh b/tests/compat.sh
index a351a65..0098042 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -617,7 +617,16 @@
;;
"RSA")
- if [ `minor_ver "$MODE"` -gt 0 ]
+ # TLS-RSA-WITH-NULL-SHA256 is a (D)TLS 1.2-only cipher suite,
+ # like all SHA256 cipher suites. But Mbed TLS supports it with
+ # (D)TLS 1.0 and 1.1 as well. So do ancient versions of GnuTLS,
+ # but this was considered a bug which was fixed in GnuTLS 3.4.7.
+ # Check the GnuTLS support list to see what the protocol version
+ # requirement is for that cipher suite.
+ if [ `minor_ver "$MODE"` -ge 3 ] || {
+ [ `minor_ver "$MODE"` -gt 0 ] &&
+ $GNUTLS_CLI --list | grep -q '^TLS_RSA_NULL_SHA256.*0$'
+ }
then
M_CIPHERS="$M_CIPHERS \
TLS-RSA-WITH-NULL-SHA256 \