Skip to content

fix(test): Reduce s2n_security_policies_test duration#5558

Merged
goatgoose merged 1 commit intoaws:mainfrom
goatgoose:fix-security-policies-test
Oct 13, 2025
Merged

fix(test): Reduce s2n_security_policies_test duration#5558
goatgoose merged 1 commit intoaws:mainfrom
goatgoose:fix-security-policies-test

Conversation

@goatgoose
Copy link
Copy Markdown
Contributor

@goatgoose goatgoose commented Oct 13, 2025

Description of changes:

s2n_security_policies_test is taking a long time to run (~30 seconds on my machine). This is because this file contains a test which expects s2n_negotiate to return an error, but does not disable blinding for this error:

s2n-tls/tests/unit/s2n_security_policies_test.c

Lines 864 to 865 in ad30ba9

EXPECT_ERROR_WITH_ERRNO(s2n_test_security_policies_compatible(&security_policy_20240503, "20250211", ecdsa_sha256_chain_and_key),
S2N_ERR_NO_VALID_SIGNATURE_SCHEME);

This PR disables blinding in s2n_test_security_policies_compatible_for_policy, to allow it be properly used for tests that return errors protected by connection blinding.

Call-outs:

Ideally we'd have a way to catch issues like this before they're merged: #5557

Testing:

Test duration before change:

❯ ctest --test-dir build -R s2n_security_policies_test
Test project /Users/vclarksa/w/s2n-tls-fork/build
    Start 184: s2n_security_policies_test
1/1 Test #184: s2n_security_policies_test .......   Passed   29.98 sec

100% tests passed, 0 tests failed out of 1

Label Time Summary:
unit    =  29.98 sec*proc (1 test)

Test duration after change:

❯ ctest --test-dir build -R s2n_security_policies_test
Test project /Users/vclarksa/w/s2n-tls-fork/build
    Start 184: s2n_security_policies_test
1/1 Test #184: s2n_security_policies_test .......   Passed    2.13 sec

100% tests passed, 0 tests failed out of 1

Label Time Summary:
unit    =   2.13 sec*proc (1 test)

Total Test time (real) =   2.14 sec

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Oct 13, 2025
@goatgoose goatgoose mentioned this pull request Oct 13, 2025
Open
@goatgoose goatgoose marked this pull request as ready for review October 13, 2025 18:11
@goatgoose goatgoose enabled auto-merge October 13, 2025 18:23
@goatgoose goatgoose added this pull request to the merge queue Oct 13, 2025
Merged via the queue into aws:main with commit dd5a33b Oct 13, 2025
51 checks passed
@goatgoose goatgoose deleted the fix-security-policies-test branch October 13, 2025 19:01
@dougch dougch mentioned this pull request Oct 28, 2025
Closed
@BrewTestBot BrewTestBot mentioned this pull request Oct 30, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmayclin jmayclin jmayclin approved these changes

@CarolYeh910 CarolYeh910 CarolYeh910 approved these changes

Assignees

No one assigned

Labels

s2n-core team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@goatgoose @jmayclin @CarolYeh910