Reword and add explanatory comments for MAX_IM_CA tests

- Reword the comment on config.h to suggest that
  `MAX_INTERMEDIATE_CA` may not exist in the config.
- Add a comment explaining why the tests are more restrictive
  than necessary.

Signed-off-by: Yuto Takano <yuto.takano@arm.com>
This commit is contained in:
Yuto Takano 2021-07-02 13:05:15 +01:00
parent bec7cf762d
commit ccdd25cbc5

View file

@ -4321,12 +4321,16 @@ run_test "Authentication: client no cert, ssl3" \
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
# config.h contains a value for MBEDTLS_X509_MAX_INTERMEDIATE_CA that is
# different from the script's assumed default value (below).
# Relevant tests are skipped if they do not match.
# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default
# value, defined here as MAX_IM_CA. Some test cases will be skipped if the
# library is configured with a different value.
MAX_IM_CA='8'
# The tests for the max_int tests can pass with any number higher than MAX_IM_CA
# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1
# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions
# are in place so that the semantics are consistent with the test description.
requires_config_value_at_least "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_config_value_at_most "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer