From f826bef8a98468558ad3ccfc61a78ea04de98be9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 14 Dec 2022 09:09:23 +0800 Subject: [PATCH] Refine components for tls13-prototype - Prefix all prototype components with `test_prototype` - Create a duplicate component if it is same with exist one. - Overwrite `tls13-only.h` with upstream version. And create user configs for prototype. - `test_tls13_only_*` are duplicated with minor changes. - Add non-0-RTT components - Change `with_padding` to `without_padding` - Enable asan for all prototype components The purpose is to - Reduce the differences with upstream. - List the components which MUST be passed in prototype. Signed-off-by: Jerry Yu --- .../tls13-only-prototype-no-middlebox.h | 26 + tests/configs/tls13-only-prototype.h | 36 + tests/configs/tls13-only.h | 8 +- tests/scripts/all.sh | 745 +++++++++++------- 4 files changed, 543 insertions(+), 272 deletions(-) create mode 100644 tests/configs/tls13-only-prototype-no-middlebox.h create mode 100644 tests/configs/tls13-only-prototype.h diff --git a/tests/configs/tls13-only-prototype-no-middlebox.h b/tests/configs/tls13-only-prototype-no-middlebox.h new file mode 100644 index 000000000000..ef611f18982b --- /dev/null +++ b/tests/configs/tls13-only-prototype-no-middlebox.h @@ -0,0 +1,26 @@ +/* MBEDTLS_USER_CONFIG_FILE for testing. + * Only used for a few test configurations. + * + * Typical usage (note multiple levels of quoting): + * make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype-no-middlebox.h\"'" + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tls13-only-prototype.h" +#undef MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE diff --git a/tests/configs/tls13-only-prototype.h b/tests/configs/tls13-only-prototype.h new file mode 100644 index 000000000000..af689fe4f945 --- /dev/null +++ b/tests/configs/tls13-only-prototype.h @@ -0,0 +1,36 @@ +/* MBEDTLS_USER_CONFIG_FILE for testing. + * Only used for a few test configurations. + * + * Typical usage (note multiple levels of quoting): + * make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "tls13-only.h" + +// /* Enable TLS 1.3 and core 1.3 features */ +// #define MBEDTLS_ZERO_RTT +// #define MBEDTLS_SSL_EARLY_DATA + +/* Disable invasive tests */ +/* For prototype, `TLS 1.3 srv Certificate msg - wrong vector lengths` will fail */ +#undef MBEDTLS_TEST_HOOKS + +#undef MBEDTLS_SSL_RENEGOTIATION +#undef MBEDTLS_SSL_CONTEXT_SERIALIZATION \ No newline at end of file diff --git a/tests/configs/tls13-only.h b/tests/configs/tls13-only.h index e312452b91da..7483f1cd977b 100644 --- a/tests/configs/tls13-only.h +++ b/tests/configs/tls13-only.h @@ -24,8 +24,7 @@ /* Enable TLS 1.3 and core 1.3 features */ #define MBEDTLS_SSL_PROTO_TLS1_3 -#define MBEDTLS_ZERO_RTT -#define MBEDTLS_SSL_EARLY_DATA +#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE /* Disable TLS 1.2 and 1.2-specific features */ #undef MBEDTLS_SSL_ENCRYPT_THEN_MAC @@ -35,9 +34,6 @@ #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY #undef MBEDTLS_SSL_DTLS_HELLO_VERIFY #undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE -#undef MBEDTLS_SSL_RENEGOTIATION -#undef MBEDTLS_SSL_CONTEXT_SERIALIZATION /* Enable some invasive tests */ -/* For prototype, `TLS 1.3 srv Certificate msg - wrong vector lengths` will fail */ -// #define MBEDTLS_TEST_HOOKS +#define MBEDTLS_TEST_HOOKS diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 376300652db7..3d4195c044c6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2802,266 +2802,6 @@ component_test_malloc_0_null () { tests/ssl-opt.sh -e 'proxy' } -component_test_tls13 () { - msg "build: TLS 1.3" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 compat.sh" - if_build_succeeded tests/compat.sh -m tls13 -t ECDSA - - msg "test: TLS 1.3 ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_no_mps () { - msg "build: TLS 1.3 without MPS" - scripts/config.py unset MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 without MPS compat.sh" - if_build_succeeded tests/compat.sh -m tls13 -t ECDSA - - msg "test: TLS 1.3 without MPS ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_no_compatibility_mode () { - msg "build: TLS 1.3 (ASanDbg) without TLS 1.2 compatibility mode" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_no_mps_no_compatibility_mode () { - msg "build: TLS 1.3 without MPS (ASanDbg) and without TLS 1.2 compatibility mode" - scripts/config.py unset MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 without MPS ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_with_padding () { - msg "build: TLS 1.3 (ASanDbg) " - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 compat.sh" - if_build_succeeded tests/compat.sh -m tls13 -t ECDSA - - msg "test: TLS 1.3 ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_no_mps_with_padding () { - msg "build: TLS 1.3 without MPS (ASanDbg) " - scripts/config.py unset MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 without MPS compat.sh" - if_build_succeeded tests/compat.sh -m tls13 -t ECDSA - - msg "test: TLS 1.3 without MPS ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_client_only () { - msg "build: TLS 1.3 client-only (ASanDbg) " - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - scripts/config.py unset MBEDTLS_SSL_SRV_C - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 client-only, ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_client_only_no_mps () { - msg "build: TLS 1.3 client-only (ASanDbg) " - scripts/config.py unset MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - - scripts/config.py unset MBEDTLS_SSL_SRV_C - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 client-only, ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_server_only () { - msg "build: TLS 1.3 server-only (ASanDbg) " - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - - scripts/config.py unset MBEDTLS_SSL_CLI_C - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 server-only, ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_server_only_no_mps () { - msg "build: TLS 1.3 server-only (ASanDbg) " - scripts/config.py unset MBEDTLS_SSL_USE_MPS - scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE - scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - - scripts/config.py unset MBEDTLS_SSL_CLI_C - - CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" - - msg "test: TLS 1.3 server-only, ssl-opt.sh" - if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" -} - -component_test_tls13_only_psk_ephemeral_mps () { - msg "build: TLS 1.3 only with MPS from default, only PSK ephemeral key exchange mode" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED - scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C - scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT - scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION - scripts/config.py unset MBEDTLS_ECDSA_C - scripts/config.py unset MBEDTLS_PKCS1_V21 - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode" - cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode" - tests/ssl-opt.sh -f 'TLS 1.3' -} - -component_test_tls13_only_mps () { - msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2" - scripts/config.py set MBEDTLS_SSL_USE_MPS - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - # For time being, mps fail. - # msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled" - # cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: TLS 1.3 only, all key exchange modes enabled" - tests/ssl-opt.sh -f 'TLS 1.3' -} - -component_test_tls13_only_psk_mps () { - msg "build: TLS 1.3 only with MPS from default, only PSK key exchange mode" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED - scripts/config.py unset MBEDTLS_ECDH_C - scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C - scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT - scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION - scripts/config.py unset MBEDTLS_ECDSA_C - scripts/config.py unset MBEDTLS_PKCS1_V21 - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled" - cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled" - tests/ssl-opt.sh -f 'TLS 1.3' -} - -component_test_tls13_only_ephemeral_mps () { - msg "build: TLS 1.3 only with MPS from default, only ephemeral key exchange mode" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - # For time being, mps fail. - # msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode" - # cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode" - tests/ssl-opt.sh -f 'TLS 1.3' -} - -component_test_tls13_only_psk_all_mps () { - msg "build: TLS 1.3 only with MPS from default, without ephemeral key exchange mode" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED - scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C - scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT - scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION - scripts/config.py unset MBEDTLS_ECDSA_C - scripts/config.py unset MBEDTLS_PKCS1_V21 - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" - cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" - tests/ssl-opt.sh -f 'TLS 1.3' -} - - -component_test_tls13_only_ephemeral_all_mps () { - msg "build: TLS 1.3 only with MPS from default, without PSK key exchange mode" - scripts/config.py set MBEDTLS_SSL_USE_MPS - scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - # For time being, mps fail. - # msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" - # cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" - tests/ssl-opt.sh -f 'TLS 1.3' -} - component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES @@ -3487,7 +3227,7 @@ component_test_tls13_only () { make test msg "ssl-opt.sh: TLS 1.3 only, all key exchange modes enabled" - tests/ssl-opt.sh -f 'TLS 1.3' + tests/ssl-opt.sh } component_test_tls13_only_psk () { @@ -3506,7 +3246,7 @@ component_test_tls13_only_psk () { cd tests; ./test_suite_ssl; cd .. msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled" - tests/ssl-opt.sh -f 'TLS 1.3' + tests/ssl-opt.sh } component_test_tls13_only_ephemeral () { @@ -3519,7 +3259,7 @@ component_test_tls13_only_ephemeral () { cd tests; ./test_suite_ssl; cd .. msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode" - tests/ssl-opt.sh -f 'TLS 1.3' + tests/ssl-opt.sh } component_test_tls13_only_psk_ephemeral () { @@ -3537,7 +3277,7 @@ component_test_tls13_only_psk_ephemeral () { cd tests; ./test_suite_ssl; cd .. msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode" - tests/ssl-opt.sh -f 'TLS 1.3' + tests/ssl-opt.sh } component_test_tls13_only_psk_all () { @@ -3554,7 +3294,7 @@ component_test_tls13_only_psk_all () { cd tests; ./test_suite_ssl; cd .. msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" - tests/ssl-opt.sh -f 'TLS 1.3' + tests/ssl-opt.sh } component_test_tls13_only_ephemeral_all () { @@ -3566,9 +3306,482 @@ component_test_tls13_only_ephemeral_all () { cd tests; ./test_suite_ssl; cd .. msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" - tests/ssl-opt.sh -f 'TLS 1.3' + tests/ssl-opt.sh +} + +component_test_tls13 () { + msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" + scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" + make test + msg "ssl-opt.sh (TLS 1.3)" + tests/ssl-opt.sh +} + +component_test_tls13_no_compatibility_mode () { + msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" + scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" + make test + msg "ssl-opt.sh (TLS 1.3 no compatibility mode)" + tests/ssl-opt.sh +} + +component_test_prototype_tls13_only () { + msg "build: TLS 1.3 only with MPS" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 compat.sh" + if_build_succeeded tests/compat.sh -m tls13 -t ECDSA + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + # Known fail: `runtime error: member access within null pointer of type 'struct mbedtls_ssl_mps'` + # msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled" + # cd tests; ./test_suite_ssl; cd .. } +component_test_prototype_tls13_only_no_mps () { + msg "build: TLS 1.3 only without MPS" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 compat.sh" + if_build_succeeded tests/compat.sh -m tls13 -t ECDSA + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled" + cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_only_no_0rtt () { + msg "build: TLS 1.3 only with MPS and without 0-RTT" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py unset MBEDTLS_ZERO_RTT + scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 compat.sh" + if_build_succeeded tests/compat.sh -m tls13 -t ECDSA + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + # Known fail: `runtime error: member access within null pointer of type 'struct mbedtls_ssl_mps'` + # msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled" + # cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_only_no_0rtt_no_mps () { + msg "build: TLS 1.3 only without MPS and 0-RTT" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py unset MBEDTLS_ZERO_RTT + scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 compat.sh" + if_build_succeeded tests/compat.sh -m tls13 -t ECDSA + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled" + cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_only_no_compatibility_mode () { + msg "build: TLS 1.3 only without TLS 1.2 compatibility mode" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype-no-middlebox.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + # runtime error: member access within null pointer of type 'struct mbedtls_ssl_mps' + # msg "test_suite_ssl: TLS 1.3 only, all key exchange modes enabled" + # cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_only_no_compatibility_mode_no_mps () { + msg "build: TLS 1.3 only without TLS 1.2 compatibility mode and MPS" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype-no-middlebox.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + msg "test_suite_ssl: TLS 1.3 only" + cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_only_without_padding () { + msg "build: TLS 1.3 without padding" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 compat.sh" + if_build_succeeded tests/compat.sh -m tls13 -t ECDSA + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + # Known fail: `runtime error: member access within null pointer of type 'struct mbedtls_ssl_mps'` + # msg "test_suite_ssl: TLS 1.3 only" + # cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_only_without_padding_no_mps () { + msg "build: TLS 1.3 only without MPS and padding" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 compat.sh" + if_build_succeeded tests/compat.sh -m tls13 -t ECDSA + + msg "test: TLS 1.3 ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" + + msg "test_suite_ssl: TLS 1.3 only" + cd tests; ./test_suite_ssl; cd .. +} + +component_test_prototype_tls13_client_only () { + msg "build: TLS 1.3 client-only" + scripts/config.py unset MBEDTLS_SSL_SRV_C + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_SSL_USE_MPS + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 client-only, ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" +} + +component_test_prototype_tls13_client_only_no_mps () { + msg "build: TLS 1.3 client-only" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_SRV_C + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 client-only, ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" +} + +component_test_prototype_tls13_server_only () { + msg "build: TLS 1.3 server-only" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + + scripts/config.py unset MBEDTLS_SSL_CLI_C + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 server-only, ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" +} + +component_test_prototype_tls13_server_only_no_mps () { + msg "build: TLS 1.3 server-only" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_SSL_CLI_C + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: TLS 1.3 server-only, ssl-opt.sh" + if_build_succeeded tests/ssl-opt.sh -f "TLS 1.3" +} + +component_test_prototype_tls13_only_psk_ephemeral () { + msg "build: TLS 1.3 only with MPS from default, only PSK ephemeral key exchange mode" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_psk_ephemeral_no_mps () { + msg "build: TLS 1.3 only without MPS from default, only PSK ephemeral key exchange mode" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral key exchange mode" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral key exchange mode" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_psk () { + msg "build: TLS 1.3 only with MPS from default, only PSK key exchange mode" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_psk_no_mps () { + msg "build: TLS 1.3 only without MPS from default, only PSK key exchange mode" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, only PSK key exchange mode enabled" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only PSK key exchange mode enabled" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_ephemeral () { + msg "build: TLS 1.3 only with MPS from default, only ephemeral key exchange mode" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py unset MBEDTLS_ZERO_RTT + scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + # Known fail: `runtime error: member access within null pointer of type 'struct mbedtls_ssl_mps'` + # msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode" + # cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_ephemeral_no_mps () { + msg "build: TLS 1.3 only without MPS from default, only ephemeral key exchange mode" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py unset MBEDTLS_ZERO_RTT + scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, only ephemeral key exchange mode" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only ephemeral key exchange mode" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_psk_all () { + msg "build: TLS 1.3 only with MPS from default, without ephemeral key exchange mode" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_psk_all_no_mps () { + msg "build: TLS 1.3 only without MPS from default, without ephemeral key exchange mode" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, PSK and PSK ephemeral key exchange modes" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_ephemeral_all () { + msg "build: TLS 1.3 only with MPS from default, without PSK key exchange mode" + scripts/config.py set MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + # Known fail: `runtime error: member access within null pointer of type 'struct mbedtls_ssl_mps'` + # msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" + # cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_tls13_only_ephemeral_all_no_mps () { + msg "build: TLS 1.3 only without MPS from default, without PSK key exchange mode" + scripts/config.py unset MBEDTLS_SSL_USE_MPS + scripts/config.py set MBEDTLS_ZERO_RTT + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + + CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only-prototype.h\"'" + make CFLAGS="$CFLAGS $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test_suite_ssl: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, ephemeral and PSK ephemeral key exchange modes" + tests/ssl-opt.sh -f 'TLS 1.3' +} + +component_test_prototype_full_cmake_gcc_asan () { + # Duplicate test_full_cmake_gcc_asan for marking it as part of prototype tests. + component_test_full_cmake_gcc_asan +} + +component_test_prototype_default_cmake_gcc_asan () { + msg "build: cmake, gcc, ASan" # ~ 1 min 50s + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s + make test + + msg "test: selftest (ASan build)" # ~ 10s + programs/test/selftest + + # For time being, this is known fail + # msg "test: ssl-opt.sh (ASan build)" # ~ 1 min + # tests/ssl-opt.sh + + msg "test: compat.sh (ASan build)" # ~ 6 min + tests/compat.sh + + msg "test: context-info.sh (ASan build)" # ~ 15 sec + tests/context-info.sh +} component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s