mirror of
https://github.com/openssl/openssl.git
synced 2025-01-12 13:36:28 +08:00
9f48bbacd8
Move custom server and client options from the test dictionary to an "extra" section of each server/client. Rename test expectations to say "Expected". This is a big but straightforward change. Primarily, this allows us to specify multiple server and client contexts without redefining the custom options for each of them. For example, instead of "ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols", we now have, "NPNProtocols". This simplifies writing resumption and SNI tests. The first application will be resumption tests for NPN and ALPN. Regrouping the options also makes it clearer which options apply to the server, which apply to the client, which configure the test, and which are test expectations. Reviewed-by: Richard Levitte <levitte@openssl.org>
204 lines
5.3 KiB
Plaintext
204 lines
5.3 KiB
Plaintext
# Generated with generate_ssl_tests.pl
|
|
|
|
num_tests = 6
|
|
|
|
test-0 = 0-SNI-switch-context
|
|
test-1 = 1-SNI-keep-context
|
|
test-2 = 2-SNI-no-server-support
|
|
test-3 = 3-SNI-no-client-support
|
|
test-4 = 4-SNI-bad-sni-ignore-mismatch
|
|
test-5 = 5-SNI-bad-sni-reject-mismatch
|
|
# ===========================================================
|
|
|
|
[0-SNI-switch-context]
|
|
ssl_conf = 0-SNI-switch-context-ssl
|
|
|
|
[0-SNI-switch-context-ssl]
|
|
server = 0-SNI-switch-context-server
|
|
client = 0-SNI-switch-context-client
|
|
server2 = 0-SNI-switch-context-server
|
|
|
|
[0-SNI-switch-context-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[0-SNI-switch-context-client]
|
|
CipherString = DEFAULT
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-0]
|
|
ExpectedResult = Success
|
|
ExpectedServerName = server2
|
|
server = 0-SNI-switch-context-server-extra
|
|
server2 = 0-SNI-switch-context-server-extra
|
|
client = 0-SNI-switch-context-client-extra
|
|
|
|
[0-SNI-switch-context-server-extra]
|
|
ServerNameCallback = IgnoreMismatch
|
|
|
|
[0-SNI-switch-context-client-extra]
|
|
ServerName = server2
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[1-SNI-keep-context]
|
|
ssl_conf = 1-SNI-keep-context-ssl
|
|
|
|
[1-SNI-keep-context-ssl]
|
|
server = 1-SNI-keep-context-server
|
|
client = 1-SNI-keep-context-client
|
|
server2 = 1-SNI-keep-context-server
|
|
|
|
[1-SNI-keep-context-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[1-SNI-keep-context-client]
|
|
CipherString = DEFAULT
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-1]
|
|
ExpectedResult = Success
|
|
ExpectedServerName = server1
|
|
server = 1-SNI-keep-context-server-extra
|
|
server2 = 1-SNI-keep-context-server-extra
|
|
client = 1-SNI-keep-context-client-extra
|
|
|
|
[1-SNI-keep-context-server-extra]
|
|
ServerNameCallback = IgnoreMismatch
|
|
|
|
[1-SNI-keep-context-client-extra]
|
|
ServerName = server1
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[2-SNI-no-server-support]
|
|
ssl_conf = 2-SNI-no-server-support-ssl
|
|
|
|
[2-SNI-no-server-support-ssl]
|
|
server = 2-SNI-no-server-support-server
|
|
client = 2-SNI-no-server-support-client
|
|
|
|
[2-SNI-no-server-support-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[2-SNI-no-server-support-client]
|
|
CipherString = DEFAULT
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-2]
|
|
ExpectedResult = Success
|
|
client = 2-SNI-no-server-support-client-extra
|
|
|
|
[2-SNI-no-server-support-client-extra]
|
|
ServerName = server1
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[3-SNI-no-client-support]
|
|
ssl_conf = 3-SNI-no-client-support-ssl
|
|
|
|
[3-SNI-no-client-support-ssl]
|
|
server = 3-SNI-no-client-support-server
|
|
client = 3-SNI-no-client-support-client
|
|
server2 = 3-SNI-no-client-support-server
|
|
|
|
[3-SNI-no-client-support-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[3-SNI-no-client-support-client]
|
|
CipherString = DEFAULT
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-3]
|
|
ExpectedResult = Success
|
|
ExpectedServerName = server1
|
|
server = 3-SNI-no-client-support-server-extra
|
|
server2 = 3-SNI-no-client-support-server-extra
|
|
|
|
[3-SNI-no-client-support-server-extra]
|
|
ServerNameCallback = IgnoreMismatch
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[4-SNI-bad-sni-ignore-mismatch]
|
|
ssl_conf = 4-SNI-bad-sni-ignore-mismatch-ssl
|
|
|
|
[4-SNI-bad-sni-ignore-mismatch-ssl]
|
|
server = 4-SNI-bad-sni-ignore-mismatch-server
|
|
client = 4-SNI-bad-sni-ignore-mismatch-client
|
|
server2 = 4-SNI-bad-sni-ignore-mismatch-server
|
|
|
|
[4-SNI-bad-sni-ignore-mismatch-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[4-SNI-bad-sni-ignore-mismatch-client]
|
|
CipherString = DEFAULT
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-4]
|
|
ExpectedResult = Success
|
|
ExpectedServerName = server1
|
|
server = 4-SNI-bad-sni-ignore-mismatch-server-extra
|
|
server2 = 4-SNI-bad-sni-ignore-mismatch-server-extra
|
|
client = 4-SNI-bad-sni-ignore-mismatch-client-extra
|
|
|
|
[4-SNI-bad-sni-ignore-mismatch-server-extra]
|
|
ServerNameCallback = IgnoreMismatch
|
|
|
|
[4-SNI-bad-sni-ignore-mismatch-client-extra]
|
|
ServerName = invalid
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[5-SNI-bad-sni-reject-mismatch]
|
|
ssl_conf = 5-SNI-bad-sni-reject-mismatch-ssl
|
|
|
|
[5-SNI-bad-sni-reject-mismatch-ssl]
|
|
server = 5-SNI-bad-sni-reject-mismatch-server
|
|
client = 5-SNI-bad-sni-reject-mismatch-client
|
|
server2 = 5-SNI-bad-sni-reject-mismatch-server
|
|
|
|
[5-SNI-bad-sni-reject-mismatch-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[5-SNI-bad-sni-reject-mismatch-client]
|
|
CipherString = DEFAULT
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-5]
|
|
ExpectedResult = ServerFail
|
|
ExpectedServerAlert = UnrecognizedName
|
|
server = 5-SNI-bad-sni-reject-mismatch-server-extra
|
|
server2 = 5-SNI-bad-sni-reject-mismatch-server-extra
|
|
client = 5-SNI-bad-sni-reject-mismatch-client-extra
|
|
|
|
[5-SNI-bad-sni-reject-mismatch-server-extra]
|
|
ServerNameCallback = RejectMismatch
|
|
|
|
[5-SNI-bad-sni-reject-mismatch-client-extra]
|
|
ServerName = invalid
|
|
|
|
|