From 511fdf435fe94367f75d42aeb35f33b2904c975c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Apr 2022 19:26:26 +0200
Subject: [PATCH] Prepare to generalize maybe_requires_ciphersuite_enabled

Rename maybe_requires_ciphersuite_enabled() to detect_required_features()
and refactor its code a little. No intended behavior change. In subsequent
commits, this function will detect other requirements in a similar way.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/ssl-opt.sh | 44 +++++++++++++++++++-------------------------
 1 file changed, 19 insertions(+), 25 deletions(-)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 039ae8082..da8317476 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -271,31 +271,24 @@ requires_ciphersuite_enabled() {
     esac
 }
 
-# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
-# If CMD (call to a TLS client or server program) requires a specific
-# ciphersuite, arrange to only run the test case if this ciphersuite is
-# enabled. As an exception, do run the test case if it expects a ciphersuite
-# mismatch.
-maybe_requires_ciphersuite_enabled() {
+# detect_required_features CMD [RUN_TEST_OPTION...]
+# If CMD (call to a TLS client or server program) requires certain features,
+# arrange to only run the following test case if those features are enabled.
+detect_required_features() {
     case "$1" in
-        *\ force_ciphersuite=*) :;;
-        *) return;; # No specific required ciphersuite
-    esac
-    ciphersuite="${1##*\ force_ciphersuite=}"
-    ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}"
-    shift
-
-    case "$*" in
-        *"-s SSL - The server has no ciphersuites in common"*)
-            # This test case expects a ciphersuite mismatch, so it doesn't
-            # require the ciphersuite to be enabled.
-            ;;
-        *)
-            requires_ciphersuite_enabled "$ciphersuite"
-            ;;
+        *\ force_ciphersuite=*)
+            tmp="${1##*\ force_ciphersuite=}"
+            tmp="${tmp%%[!-0-9A-Z_a-z]*}"
+            case "$*" in
+                *"-s SSL - The server has no ciphersuites in common"*)
+                    # This test case expects a ciphersuite mismatch, so it
+                    # doesn't actually require the ciphersuite to be enabled.
+                    :;;
+                *) requires_ciphersuite_enabled "$tmp";;
+            esac;;
     esac
 
-    unset ciphersuite
+    unset tmp
 }
 
 requires_certificate_authentication () {
@@ -1190,9 +1183,10 @@ run_test() {
             requires_config_enabled MBEDTLS_SSL_ALPN;;
     esac
 
-    # If the client or serve requires a ciphersuite, check that it's enabled.
-    maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
-    maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@"
+    # If the client or server requires certain features that can be detected
+    # from their command-line arguments, check that they're enabled.
+    detect_required_features "$SRV_CMD" "$@"
+    detect_required_features "$CLI_CMD" "$@"
 
     # If we're in a PSK-only build and the test can be adapted to PSK, do that.
     maybe_adapt_for_psk "$@"