Home Explore Help
Register Sign In
OWEALs
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
2
0
Fork 0
Files Issues 8 Wiki
Browse Source

Configuration: enable all, disable TLS 1.3 - turn off TLS 1.3 only options

configuration: --enable-all --disable-tls13
Post-handshake authentication and HRR cookie are enable with
'--enable-all' but disabling TLS 1.3 caused configure to fail.
Don't enable these TLS 1.3 only options when TLS 1.3 is disabled.

Also fix up tests that don't work without TLS 1.3 enabled.
Sean Parkinson 3 years ago
parent
54f072fd8d
commit
fa86c1aa91
3 changed files with 12 additions and 7 deletions
Split View Show Diff Stats
  1. 8 4
      configure.ac
  2. 1 1
      scripts/ocsp-stapling.test
  3. 3 2
      tests/api.c

+ 8 - 4
configure.ac
View File 

@@ -628,9 +628,11 @@ if test "$ENABLED_TLS13_POST_AUTH" = "yes"
 
 then
 
     if test "x$ENABLED_TLS13" = "xno"
 
     then
 
-        AC_MSG_ERROR([cannot enable postauth without enabling tls13.])
 
+        AC_MSG_NOTICE([TLS 1.3 is disabled - disabling Post-handshake Authentication])
 
+        ENABLED_TLS13_POST_AUTH="no"
 
+    else
 
+        AM_CFLAGS="-DWOLFSSL_POST_HANDSHAKE_AUTH $AM_CFLAGS"
 
     fi
 
-  AM_CFLAGS="-DWOLFSSL_POST_HANDSHAKE_AUTH $AM_CFLAGS"
 
 fi
 
 
 
@@ -644,9 +646,11 @@ if test "$ENABLED_SEND_HRR_COOKIE" = "yes"
 
 then
 
     if test "x$ENABLED_TLS13" = "xno"
 
     then
 
-        AC_MSG_ERROR([cannot enable hrrcookie without enabling tls13.])
 
+        AC_MSG_NOTICE([TLS 1.3 is disabled - disabling HRR Cookie])
 
+        ENABLED_SEND_HRR_COOKIE="no"
 
+    else
 
+        AM_CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE $AM_CFLAGS"
 
     fi
 
-  AM_CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE $AM_CFLAGS"
 
 fi

+ 1 - 1
scripts/ocsp-stapling.test
View File 

@@ -408,7 +408,7 @@ openssl ciphers -tls1_3
 
 openssl_tls13=$?
 
 ./examples/client/client -v 4 2>&1 | grep -- 'Bad SSL version'
 
 wolfssl_not_tls13=$?
 
-if [ "$openssl_tls13" = "0" -a "wolfssl_not_tls13" != "0" ]; then
 
+if [ "$openssl_tls13" = "0" -a "$wolfssl_not_tls13" != "0" ]; then
 
     printf '%s\n\n' "------------- TEST CASE 8 SHOULD PASS --------------------"
 
     # client asks for OCSP staple but doesn't fail when none returned
 
     ./examples/client/client -p $port -g -v 4 -W 1

+ 3 - 2
tests/api.c
View File 

@@ -6096,7 +6096,8 @@ static int test_wolfSSL_UseOCSPStaplingV2 (void)
 
  *----------------------------------------------------------------------------*/
 
 static void test_wolfSSL_mcast(void)
 
 {
 
-#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST)
 
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST) && \
 
+    (defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER))
 
     WOLFSSL_CTX* ctx;
 
     WOLFSSL* ssl;
 
     int result;
 
@@ -6130,7 +6131,7 @@ static void test_wolfSSL_mcast(void)
 
 
     wolfSSL_free(ssl);
 
     wolfSSL_CTX_free(ctx);
 
-#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST */
 
+#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST && (WOLFSSL_TLS13 || WOLFSSL_SNIFFER) */
 
 }