Blame - tests/scripts/components-configuration-tls.sh - mirror/mbed-tls

blob: e01a5989df677cae3c91fbc34edf149eff3c4b61 [file] [log] [blame]

Minos Galanakis	6aab5b7	2024-07-25 14:24:37 +0100	[diff] [blame]	1	# components-configuration-tls.sh
				2	#
				3	# Copyright The Mbed TLS Contributors
				4	# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
				5
Minos Galanakis	609f749	2024-07-31 16:39:28 +0100	[diff] [blame]	6	# This file contains test components that are executed by all.sh
Minos Galanakis	6aab5b7	2024-07-25 14:24:37 +0100	[diff] [blame]	7
				8	################################################################
				9	#### Configuration Testing - TLS
				10	################################################################
				11
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	12	component_test_config_suite_b () {
				13	msg "build: configs/config-suite-b.h"
Gilles Peskine	b6d4913	2024-09-14 11:21:29 +0200	[diff] [blame]	14	cp configs/config-suite-b.h "$CONFIG_H"
Gilles Peskine	b6d4913	2024-09-14 11:21:29 +0200	[diff] [blame]	15	# test-ref-configs works by overwriting mbedtls_config.h; this makes cmake
				16	# want to re-generate generated files that depend on it, quite correctly.
				17	# However this doesn't work as the generation script expects a specific
				18	# format for mbedtls_config.h, which the other files don't follow. Also,
				19	# cmake can't know this, but re-generation is actually not necessary as
				20	# the generated files only depend on the list of available options, not
				21	# whether they're on or off. So, disable cmake's (over-sensitive here)
				22	# dependency resolution for generated files and just rely on them being
				23	# present (thanks to pre_generate_files) by turning GEN_FILES off.
				24	CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan .
				25	make
				26
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	27	msg "test: configs/config-suite-b.h - unit tests"
Gilles Peskine	b6d4913	2024-09-14 11:21:29 +0200	[diff] [blame]	28	make test
				29
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	30	msg "test: configs/config-suite-b.h - compat.sh"
Gilles Peskine	b6d4913	2024-09-14 11:21:29 +0200	[diff] [blame]	31	tests/compat.sh -m tls12 -f 'ECDHE_ECDSA.AES.GCM' -p mbedTLS
				32
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	33	msg "build: configs/config-suite-b.h + DEBUG"
Gilles Peskine	b6d4913	2024-09-14 11:21:29 +0200	[diff] [blame]	34	MBEDTLS_TEST_CONFIGURATION="$MBEDTLS_TEST_CONFIGURATION+DEBUG"
				35	make clean
				36	scripts/config.py set MBEDTLS_DEBUG_C
				37	scripts/config.py set MBEDTLS_ERROR_C
				38	make ssl-opt
				39
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	40	msg "test: configs/config-suite-b.h + DEBUG - ssl-opt.sh"
Gilles Peskine	b6d4913	2024-09-14 11:21:29 +0200	[diff] [blame]	41	tests/ssl-opt.sh
				42	}
				43
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	44	component_test_no_renegotiation () {
				45	msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min
				46	scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION
				47	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				48	make
				49
				50	msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s
				51	make test
				52
				53	msg "test: !MBEDTLS_SSL_RENEGOTIATION - ssl-opt.sh (ASan build)" # ~ 6 min
				54	tests/ssl-opt.sh
				55	}
				56
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	57	component_test_tls1_2_default_stream_cipher_only () {
				58	msg "build: default with only stream cipher use psa"
				59
				60	scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
				61	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				62	# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
				63	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM
				64	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG
				65	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM
				66	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CHACHA20_POLY1305
				67	# Note: The three unsets below are to be removed for Mbed TLS 4.0
				68	scripts/config.py unset MBEDTLS_GCM_C
				69	scripts/config.py unset MBEDTLS_CCM_C
				70	scripts/config.py unset MBEDTLS_CHACHAPOLY_C
				71	#Disable TLS 1.3 (as no AEAD)
				72	scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
				73	# Disable CBC. Note: When implemented, PSA_WANT_ALG_CBC_MAC will also need to be unset here to fully disable CBC
				74	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_NO_PADDING
				75	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_PKCS7
				76	# Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
				77	# Note: The unset below is to be removed for 4.0
				78	scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
				79	# Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
				80	scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
				81	# Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
				82	scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER
				83	# Modules that depend on AEAD
				84	scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
				85	scripts/config.py unset MBEDTLS_SSL_TICKET_C
				86
				87	make
				88
				89	msg "test: default with only stream cipher use psa"
				90	make test
				91
				92	# Not running ssl-opt.sh because most tests require a non-NULL ciphersuite.
				93	}
				94
				95	component_test_tls1_2_default_cbc_legacy_cipher_only () {
				96	msg "build: default with only CBC-legacy cipher use psa"
				97
				98	scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
				99	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				100	# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
				101	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM
				102	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG
				103	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM
				104	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CHACHA20_POLY1305
				105	# Note: The three unsets below are to be removed for Mbed TLS 4.0
				106	scripts/config.py unset MBEDTLS_GCM_C
				107	scripts/config.py unset MBEDTLS_CCM_C
				108	scripts/config.py unset MBEDTLS_CHACHAPOLY_C
				109	#Disable TLS 1.3 (as no AEAD)
				110	scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
				111	# Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
				112	scripts/config.py -f $CRYPTO_CONFIG_H set PSA_WANT_ALG_CBC_NO_PADDING
				113	# Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
				114	scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC
				115	# Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
				116	scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
				117	# Modules that depend on AEAD
				118	scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
				119	scripts/config.py unset MBEDTLS_SSL_TICKET_C
				120
				121	make
				122
				123	msg "test: default with only CBC-legacy cipher use psa"
				124	make test
				125
				126	msg "test: default with only CBC-legacy cipher use psa - ssl-opt.sh (subset)"
				127	tests/ssl-opt.sh -f "TLS 1.2"
				128	}
				129
				130	component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only () {
				131	msg "build: default with only CBC-legacy and CBC-EtM ciphers use psa"
				132
				133	scripts/config.py set MBEDTLS_USE_PSA_CRYPTO
				134	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				135	# Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C)
				136	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM
				137	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG
				138	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM
				139	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CHACHA20_POLY1305
				140	# Note: The three unsets below are to be removed for Mbed TLS 4.0
				141	scripts/config.py unset MBEDTLS_GCM_C
				142	scripts/config.py unset MBEDTLS_CCM_C
				143	scripts/config.py unset MBEDTLS_CHACHAPOLY_C
				144	#Disable TLS 1.3 (as no AEAD)
				145	scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
				146	# Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES))
				147	scripts/config.py -f $CRYPTO_CONFIG_H set PSA_WANT_ALG_CBC_NO_PADDING
				148	# Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC)
				149	scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC
				150	# Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER))
				151	scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
				152	# Modules that depend on AEAD
				153	scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
				154	scripts/config.py unset MBEDTLS_SSL_TICKET_C
				155
				156	make
				157
				158	msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa"
				159	make test
				160
				161	msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa - ssl-opt.sh (subset)"
				162	tests/ssl-opt.sh -f "TLS 1.2"
				163	}
				164
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	165	component_test_config_thread () {
				166	msg "build: configs/config-thread.h"
Gilles Peskine	86ceb13	2024-09-14 11:24:07 +0200	[diff] [blame]	167	cp configs/config-thread.h "$CONFIG_H"
Gilles Peskine	86ceb13	2024-09-14 11:24:07 +0200	[diff] [blame]	168	# test-ref-configs works by overwriting mbedtls_config.h; this makes cmake
				169	# want to re-generate generated files that depend on it, quite correctly.
				170	# However this doesn't work as the generation script expects a specific
				171	# format for mbedtls_config.h, which the other files don't follow. Also,
				172	# cmake can't know this, but re-generation is actually not necessary as
				173	# the generated files only depend on the list of available options, not
				174	# whether they're on or off. So, disable cmake's (over-sensitive here)
				175	# dependency resolution for generated files and just rely on them being
				176	# present (thanks to pre_generate_files) by turning GEN_FILES off.
				177	CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan .
				178	make
				179
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	180	msg "test: configs/config-thread.h - unit tests"
Gilles Peskine	86ceb13	2024-09-14 11:24:07 +0200	[diff] [blame]	181	make test
				182
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	183	msg "test: configs/config-thread.h - ssl-opt.sh"
Gilles Peskine	86ceb13	2024-09-14 11:24:07 +0200	[diff] [blame]	184	tests/ssl-opt.sh -f 'ECJPAKE.*nolog'
				185	}
				186
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	187	component_test_tls1_2_ccm_psk () {
				188	msg "build: configs/config-ccm-psk-tls1_2.h"
Gilles Peskine	063fb8c	2024-09-14 11:10:05 +0200	[diff] [blame]	189	cp configs/config-ccm-psk-tls1_2.h "$CONFIG_H"
Gilles Peskine	063fb8c	2024-09-14 11:10:05 +0200	[diff] [blame]	190	# test-ref-configs works by overwriting mbedtls_config.h; this makes cmake
				191	# want to re-generate generated files that depend on it, quite correctly.
				192	# However this doesn't work as the generation script expects a specific
				193	# format for mbedtls_config.h, which the other files don't follow. Also,
				194	# cmake can't know this, but re-generation is actually not necessary as
				195	# the generated files only depend on the list of available options, not
				196	# whether they're on or off. So, disable cmake's (over-sensitive here)
				197	# dependency resolution for generated files and just rely on them being
				198	# present (thanks to pre_generate_files) by turning GEN_FILES off.
				199	CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan .
				200	make
				201
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	202	msg "test: configs/config-ccm-psk-tls1_2.h - unit tests"
Gilles Peskine	063fb8c	2024-09-14 11:10:05 +0200	[diff] [blame]	203	make test
				204
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	205	msg "test: configs/config-ccm-psk-tls1_2.h - compat.sh"
Gilles Peskine	063fb8c	2024-09-14 11:10:05 +0200	[diff] [blame]	206	tests/compat.sh -m tls12 -f '^TLS_PSK_WITH_AES_..._CCM_8'
				207	}
				208
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	209	component_test_tls1_2_ccm_psk_dtls () {
				210	msg "build: configs/config-ccm-psk-dtls1_2.h"
Gilles Peskine	68f511e	2024-09-14 11:19:31 +0200	[diff] [blame]	211	cp configs/config-ccm-psk-dtls1_2.h "$CONFIG_H"
Gilles Peskine	68f511e	2024-09-14 11:19:31 +0200	[diff] [blame]	212	# test-ref-configs works by overwriting mbedtls_config.h; this makes cmake
				213	# want to re-generate generated files that depend on it, quite correctly.
				214	# However this doesn't work as the generation script expects a specific
				215	# format for mbedtls_config.h, which the other files don't follow. Also,
				216	# cmake can't know this, but re-generation is actually not necessary as
				217	# the generated files only depend on the list of available options, not
				218	# whether they're on or off. So, disable cmake's (over-sensitive here)
				219	# dependency resolution for generated files and just rely on them being
				220	# present (thanks to pre_generate_files) by turning GEN_FILES off.
				221	CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan .
				222	make
				223
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	224	msg "test: configs/config-ccm-psk-dtls1_2.h - unit tests"
Gilles Peskine	68f511e	2024-09-14 11:19:31 +0200	[diff] [blame]	225	make test
				226
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	227	msg "test: configs/config-ccm-psk-dtls1_2.h - compat.sh"
Gilles Peskine	68f511e	2024-09-14 11:19:31 +0200	[diff] [blame]	228	tests/compat.sh -m dtls12 -f '^TLS_PSK_WITH_AES_..._CCM_8'
				229
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	230	msg "build: configs/config-ccm-psk-dtls1_2.h + DEBUG"
Gilles Peskine	68f511e	2024-09-14 11:19:31 +0200	[diff] [blame]	231	MBEDTLS_TEST_CONFIGURATION="$MBEDTLS_TEST_CONFIGURATION+DEBUG"
				232	make clean
				233	scripts/config.py set MBEDTLS_DEBUG_C
				234	scripts/config.py set MBEDTLS_ERROR_C
				235	make ssl-opt
				236
Gilles Peskine	ea5de2b	2024-09-19 18:41:55 +0200	[diff] [blame]	237	msg "test: configs/config-ccm-psk-dtls1_2.h + DEBUG - ssl-opt.sh"
Gilles Peskine	68f511e	2024-09-14 11:19:31 +0200	[diff] [blame]	238	tests/ssl-opt.sh
				239	}
				240
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	241	component_test_small_ssl_out_content_len () {
				242	msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
				243	scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
				244	scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
				245	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				246	make
				247
				248	msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests"
				249	tests/ssl-opt.sh -f "Max fragment\\|Large packet"
				250	}
				251
				252	component_test_small_ssl_in_content_len () {
				253	msg "build: small SSL_IN_CONTENT_LEN (ASan build)"
				254	scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096
				255	scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384
				256	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				257	make
				258
				259	msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests"
				260	tests/ssl-opt.sh -f "Max fragment"
				261	}
				262
				263	component_test_small_ssl_dtls_max_buffering () {
				264	msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0"
				265	scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000
				266	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				267	make
				268
				269	msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test"
				270	tests/ssl-opt.sh -f "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg"
				271	}
				272
				273	component_test_small_mbedtls_ssl_dtls_max_buffering () {
				274	msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1"
				275	scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 190
				276	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				277	make
				278
				279	msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test"
				280	tests/ssl-opt.sh -f "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket"
				281	}
				282
				283	# Common helper for component_full_without_ecdhe_ecdsa() and
				284	# component_full_without_ecdhe_ecdsa_and_tls13() which:
				285	# - starts from the "full" configuration minus the list of symbols passed in
				286	# as 1st parameter
				287	# - build
				288	# - test only TLS (i.e. test_suite_tls and ssl-opt)
				289	build_full_minus_something_and_test_tls () {
				290	symbols_to_disable="$1"
				291
				292	msg "build: full minus something, test TLS"
				293
				294	scripts/config.py full
				295	for sym in $symbols_to_disable; do
				296	echo "Disabling $sym"
				297	scripts/config.py unset $sym
				298	done
				299
				300	make
				301
				302	msg "test: full minus something, test TLS"
				303	( cd tests; ./test_suite_ssl )
				304
				305	msg "ssl-opt: full minus something, test TLS"
				306	tests/ssl-opt.sh
				307	}
				308
				309	component_full_without_ecdhe_ecdsa () {
				310	build_full_minus_something_and_test_tls "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED"
				311	}
				312
				313	component_full_without_ecdhe_ecdsa_and_tls13 () {
				314	build_full_minus_something_and_test_tls "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
				315	MBEDTLS_SSL_PROTO_TLS1_3"
				316	}
				317
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	318	component_build_no_ssl_srv () {
				319	msg "build: full config except SSL server, make, gcc" # ~ 30s
				320	scripts/config.py full
				321	scripts/config.py unset MBEDTLS_SSL_SRV_C
Minos Galanakis	a368c8a	2024-08-06 12:06:51 +0100	[diff] [blame]	322	make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -Wmissing-prototypes'
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	323	}
				324
				325	component_build_no_ssl_cli () {
				326	msg "build: full config except SSL client, make, gcc" # ~ 30s
				327	scripts/config.py full
				328	scripts/config.py unset MBEDTLS_SSL_CLI_C
Minos Galanakis	a368c8a	2024-08-06 12:06:51 +0100	[diff] [blame]	329	make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1 -Wmissing-prototypes'
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	330	}
				331
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	332	component_test_no_max_fragment_length () {
				333	# Run max fragment length tests with MFL disabled
				334	msg "build: default config except MFL extension (ASan build)" # ~ 30s
				335	scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
				336	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				337	make
				338
				339	msg "test: ssl-opt.sh, MFL-related tests"
				340	tests/ssl-opt.sh -f "Max fragment length"
				341	}
				342
				343	component_test_asan_remove_peer_certificate () {
				344	msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)"
				345	scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
				346	scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
				347	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				348	make
				349
				350	msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
				351	make test
				352
				353	msg "test: ssl-opt.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
				354	tests/ssl-opt.sh
				355
				356	msg "test: compat.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
				357	tests/compat.sh
				358
				359	msg "test: context-info.sh, !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
				360	tests/context-info.sh
				361	}
				362
				363	component_test_no_max_fragment_length_small_ssl_out_content_len () {
				364	msg "build: no MFL extension, small SSL_OUT_CONTENT_LEN (ASan build)"
				365	scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
				366	scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384
				367	scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096
				368	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				369	make
				370
				371	msg "test: MFL tests (disabled MFL extension case) & large packet tests"
				372	tests/ssl-opt.sh -f "Max fragment length\\|Large buffer"
				373
				374	msg "test: context-info.sh (disabled MFL extension case)"
				375	tests/context-info.sh
				376	}
				377
				378	component_test_variable_ssl_in_out_buffer_len () {
				379	msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled (ASan build)"
				380	scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
				381	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				382	make
				383
				384	msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
				385	make test
				386
				387	msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
				388	tests/ssl-opt.sh
				389
				390	msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled"
				391	tests/compat.sh
				392	}
				393
				394	component_test_dtls_cid_legacy () {
				395	msg "build: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled (ASan build)"
				396	scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1
				397
				398	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				399	make
				400
				401	msg "test: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy)"
				402	make test
				403
				404	msg "test: ssl-opt.sh, MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled"
				405	tests/ssl-opt.sh
				406
				407	msg "test: compat.sh, MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled"
				408	tests/compat.sh
				409	}
				410
				411	component_test_ssl_alloc_buffer_and_mfl () {
				412	msg "build: default config with memory buffer allocator and MFL extension"
				413	scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
				414	scripts/config.py set MBEDTLS_PLATFORM_MEMORY
				415	scripts/config.py set MBEDTLS_MEMORY_DEBUG
				416	scripts/config.py set MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
				417	scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
				418	cmake -DCMAKE_BUILD_TYPE:String=Release .
				419	make
				420
				421	msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
				422	make test
				423
				424	msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH"
				425	tests/ssl-opt.sh -f "Handshake memory usage"
				426	}
				427
				428	component_test_when_no_ciphersuites_have_mac () {
				429	msg "build: when no ciphersuites have MAC"
				430	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				431	scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING
				432	scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7
				433	scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC
				434	scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128
				435
				436	scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
				437	scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
				438	scripts/config.py unset MBEDTLS_CMAC_C
				439
				440	make
				441
				442	msg "test: !MBEDTLS_SSL_SOME_SUITES_USE_MAC"
				443	make test
				444
				445	msg "test ssl-opt.sh: !MBEDTLS_SSL_SOME_SUITES_USE_MAC"
				446	tests/ssl-opt.sh -f 'Default\\|EtM' -e 'without EtM'
				447	}
				448
				449	component_test_tls12_only () {
				450	msg "build: default config without MBEDTLS_SSL_PROTO_TLS1_3, cmake, gcc, ASan"
				451	scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
				452	CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
				453	make
				454
				455	msg "test: main suites (inc. selftests) (ASan build)"
				456	make test
				457
				458	msg "test: ssl-opt.sh (ASan build)"
				459	tests/ssl-opt.sh
				460
				461	msg "test: compat.sh (ASan build)"
				462	tests/compat.sh
				463	}
				464
				465	component_test_tls13_only () {
				466	msg "build: default config without MBEDTLS_SSL_PROTO_TLS1_2"
				467	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
				468	scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT
				469	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				470
				471	msg "test: TLS 1.3 only, all key exchange modes enabled"
				472	make test
				473
				474	msg "ssl-opt.sh: TLS 1.3 only, all key exchange modes enabled"
				475	tests/ssl-opt.sh
				476	}
				477
				478	component_test_tls13_only_psk () {
				479	msg "build: TLS 1.3 only from default, only PSK key exchange mode"
				480	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
				481	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	482	scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
				483	scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
				484	scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	485	scripts/config.py unset MBEDTLS_PKCS7_C
				486	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	487
				488	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				489	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDH
				490	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA
				491	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
				492	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_OAEP
				493	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_PSS
				494	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_FFDH
				495	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY
				496	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC
				497	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT
				498	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT
				499	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE
				500	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_DH_RFC7919_2048
				501	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_DH_RFC7919_3072
				502	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_DH_RFC7919_4096
				503	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_DH_RFC7919_6144
				504	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_DH_RFC7919_8192
Ronald Cron	4153ebb	2024-09-11 15:32:48 +0200	[diff] [blame]	505	# Note: The four unsets below are to be removed for Mbed TLS 4.0
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	506	scripts/config.py unset MBEDTLS_ECDH_C
				507	scripts/config.py unset MBEDTLS_ECDSA_C
				508	scripts/config.py unset MBEDTLS_PKCS1_V21
				509	scripts/config.py unset MBEDTLS_DHM_C
				510
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	511	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				512
				513	msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled"
				514	cd tests; ./test_suite_ssl; cd ..
				515
				516	msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled"
				517	tests/ssl-opt.sh
				518	}
				519
				520	component_test_tls13_only_ephemeral () {
				521	msg "build: TLS 1.3 only from default, only ephemeral key exchange mode"
				522	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
				523	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
				524	scripts/config.py unset MBEDTLS_SSL_EARLY_DATA
				525	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				526
				527	msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode"
				528	cd tests; ./test_suite_ssl; cd ..
				529
				530	msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode"
				531	tests/ssl-opt.sh
				532	}
				533
				534	component_test_tls13_only_ephemeral_ffdh () {
				535	msg "build: TLS 1.3 only from default, only ephemeral ffdh key exchange mode"
				536	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
				537	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
				538	scripts/config.py unset MBEDTLS_SSL_EARLY_DATA
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	539
				540	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				541	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDH
Ronald Cron	4153ebb	2024-09-11 15:32:48 +0200	[diff] [blame]	542	# Note: The unset below is to be removed for Mbed TLS 4.0
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	543	scripts/config.py unset MBEDTLS_ECDH_C
				544
				545	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				546
				547	msg "test_suite_ssl: TLS 1.3 only, only ephemeral ffdh key exchange mode"
				548	cd tests; ./test_suite_ssl; cd ..
				549
				550	msg "ssl-opt.sh: TLS 1.3 only, only ephemeral ffdh key exchange mode"
				551	tests/ssl-opt.sh
				552	}
				553
				554	component_test_tls13_only_psk_ephemeral () {
				555	msg "build: TLS 1.3 only from default, only PSK ephemeral key exchange mode"
				556	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
				557	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
				558	scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
				559	scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
				560	scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	561	scripts/config.py unset MBEDTLS_PKCS7_C
				562	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	563
				564	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				565	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA
				566	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
				567	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_OAEP
				568	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_PSS
Ronald Cron	4153ebb	2024-09-11 15:32:48 +0200	[diff] [blame]	569	# Note: The two unsets below are to be removed for Mbed TLS 4.0
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	570	scripts/config.py unset MBEDTLS_ECDSA_C
				571	scripts/config.py unset MBEDTLS_PKCS1_V21
				572
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	573	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				574
				575	msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode"
				576	cd tests; ./test_suite_ssl; cd ..
				577
				578	msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode"
				579	tests/ssl-opt.sh
				580	}
				581
				582	component_test_tls13_only_psk_ephemeral_ffdh () {
				583	msg "build: TLS 1.3 only from default, only PSK ephemeral ffdh key exchange mode"
				584	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
				585	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
				586	scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
				587	scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
				588	scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	589	scripts/config.py unset MBEDTLS_PKCS7_C
				590	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	591
				592	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				593	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDH
				594	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA
				595	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
				596	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_OAEP
				597	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_PSS
				598	# Note: The three unsets below are to be removed for Mbed TLS 4.0
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	599	scripts/config.py unset MBEDTLS_ECDH_C
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	600	scripts/config.py unset MBEDTLS_ECDSA_C
				601	scripts/config.py unset MBEDTLS_PKCS1_V21
				602
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	603	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				604
				605	msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral ffdh key exchange mode"
				606	cd tests; ./test_suite_ssl; cd ..
				607
				608	msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral ffdh key exchange mode"
				609	tests/ssl-opt.sh
				610	}
				611
				612	component_test_tls13_only_psk_all () {
				613	msg "build: TLS 1.3 only from default, without ephemeral key exchange mode"
				614	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
				615	scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C
				616	scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
				617	scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	618	scripts/config.py unset MBEDTLS_PKCS7_C
				619	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	620
				621	scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
				622	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA
				623	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
				624	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_OAEP
				625	scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_RSA_PSS
Ronald Cron	4153ebb	2024-09-11 15:32:48 +0200	[diff] [blame]	626	# Note: The two unsets below are to be removed for Mbed TLS 4.0
Ronald Cron	a9511bc	2024-09-06 09:21:10 +0200	[diff] [blame]	627	scripts/config.py unset MBEDTLS_ECDSA_C
				628	scripts/config.py unset MBEDTLS_PKCS1_V21
				629
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	630	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				631
				632	msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes"
				633	cd tests; ./test_suite_ssl; cd ..
				634
				635	msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes"
				636	tests/ssl-opt.sh
				637	}
				638
				639	component_test_tls13_only_ephemeral_all () {
				640	msg "build: TLS 1.3 only from default, without PSK key exchange mode"
				641	scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
				642	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
				643	make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'"
				644
				645	msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"
				646	cd tests; ./test_suite_ssl; cd ..
				647
				648	msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes"
				649	tests/ssl-opt.sh
				650	}
				651
				652	component_test_tls13_no_padding () {
				653	msg "build: default config plus early data minus padding"
				654	scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
				655	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
				656	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				657	make
				658	msg "test: default config plus early data minus padding"
				659	make test
				660	msg "ssl-opt.sh (TLS 1.3 no padding)"
				661	tests/ssl-opt.sh
				662	}
				663
				664	component_test_tls13_no_compatibility_mode () {
				665	msg "build: default config plus early data minus middlebox compatibility mode"
				666	scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
				667	scripts/config.py set MBEDTLS_SSL_EARLY_DATA
				668	CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan .
				669	make
				670	msg "test: default config plus early data minus middlebox compatibility mode"
				671	make test
				672	msg "ssl-opt.sh (TLS 1.3 no compatibility mode)"
				673	tests/ssl-opt.sh
				674	}
				675
Minos Galanakis	f78447f	2024-07-26 20:49:51 +0100	[diff] [blame]	676	component_test_full_minus_session_tickets () {
Minos Galanakis	7665a93	2024-07-26 15:45:11 +0100	[diff] [blame]	677	msg "build: full config without session tickets"
				678	scripts/config.py full
				679	scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS
				680	scripts/config.py unset MBEDTLS_SSL_EARLY_DATA
				681	CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
				682	make
				683	msg "test: full config without session tickets"
				684	make test
				685	msg "ssl-opt.sh (full config without session tickets)"
				686	tests/ssl-opt.sh
				687	}
				688
Minos Galanakis	4b6ee64	2024-08-01 11:20:02 +0100	[diff] [blame]	689	component_test_depends_py_kex () {
				690	msg "test/build: depends.py kex (gcc)"
Minos Galanakis	4b6ee64	2024-08-01 11:20:02 +0100	[diff] [blame]	691	tests/scripts/depends.py kex
				692	}
				693
Minos Galanakis	6aab5b7	2024-07-25 14:24:37 +0100	[diff] [blame]	694