Commit Graph

4 Commits

Author SHA1 Message Date
Emilia Kasper
9f48bbacd8 Reorganize SSL test structures
Move custom server and client options from the test dictionary to an
"extra" section of each server/client. Rename test expectations to say
"Expected".

This is a big but straightforward change. Primarily, this allows us to
specify multiple server and client contexts without redefining the
custom options for each of them. For example, instead of
"ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols",
we now have, "NPNProtocols".

This simplifies writing resumption and SNI tests. The first application
will be resumption tests for NPN and ALPN.

Regrouping the options also makes it clearer which options apply to the
server, which apply to the client, which configure the test, and which
are test expectations.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-08 12:06:26 +02:00
Matt Caswell
10e6d23549 Fix SSLv3 ClientAuth alert checking
In TLS during ClientAuth if the CA is not recognised you should get an
UnknownCA alert. In SSLv3 this does not exist and you should get a
BadCertificate alert.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Matt Caswell
78cbe94f89 Fix Client Auth tests
The Client Auth tests were not correctly setting the Protocol, so that this
aspect had no effect. It was testing the same thing lots of times for
TLSv1.2 every time.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
Emilia Kasper
63936115e8 Update client authentication tests
Port client auth tests to the new framework, add coverage. The old tests
were only testing success, and only for some protocol versions; the new
tests add all protocol versions and various failure modes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-03 11:59:46 +02:00