SSL test: only write out server2 when testing SNI
The SNI tests introduced a redundant "server2" section into every test configuration. Copy this automatically from "server" unless testing SNI, to reduce noise in the generated confs. Also remove duplicate SSL_TEST_CTX_create (merge conflict error). Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Emilia Kasper
parent
25b9d11c00
commit
b02929802c
11 changed files with 25 additions and 4831 deletions
|
|
@ -43,12 +43,12 @@ sub print_templates {
|
|||
# Add the implicit base configuration.
|
||||
foreach my $test (@ssltests::tests) {
|
||||
$test->{"server"} = { (%ssltests::base_server, %{$test->{"server"}}) };
|
||||
# use server values if server2 is not defined
|
||||
# Do not emit an empty "server2" section.
|
||||
if (defined $test->{"server2"}) {
|
||||
$test->{"server2"} = { (%ssltests::base_server, %{$test->{"server2"}}) };
|
||||
} else {
|
||||
$test->{"server2"} = { (%ssltests::base_server, %{$test->{"server"}}) };
|
||||
}
|
||||
$test->{"server2"} = { (%ssltests::base_server, %{$test->{"server2"}}) };
|
||||
} else {
|
||||
$test->{"server2"} = { };
|
||||
}
|
||||
$test->{"client"} = { (%ssltests::base_client, %{$test->{"client"}}) };
|
||||
}
|
||||
|
||||
|
|
@ -98,8 +98,7 @@ sub print_templates {
|
|||
# Shamelessly copied from Configure.
|
||||
sub read_config {
|
||||
my $fname = shift;
|
||||
open(INPUT, "< $fname")
|
||||
or die "Can't open input file '$fname'!\n";
|
||||
open(INPUT, "< $fname") or die "Can't open input file '$fname'!\n";
|
||||
local $/ = undef;
|
||||
my $content = <INPUT>;
|
||||
close(INPUT);
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@ ssl_conf = 0-default-ssl
|
|||
|
||||
[0-default-ssl]
|
||||
server = 0-default-server
|
||||
server2 = 0-default-server2
|
||||
client = 0-default-client
|
||||
|
||||
[0-default-server]
|
||||
|
|
@ -19,19 +18,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-default-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-default-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-0]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -43,7 +34,6 @@ ssl_conf = 1-verify-cert-ssl
|
|||
|
||||
[1-verify-cert-ssl]
|
||||
server = 1-verify-cert-server
|
||||
server2 = 1-verify-cert-server2
|
||||
client = 1-verify-cert-client
|
||||
|
||||
[1-verify-cert-server]
|
||||
|
|
@ -51,18 +41,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[1-verify-cert-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[1-verify-cert-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-1]
|
||||
ClientAlert = UnknownCA
|
||||
ExpectedResult = ClientFail
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -18,7 +18,6 @@ ssl_conf = 0-verify-success-ssl
|
|||
|
||||
[0-verify-success-ssl]
|
||||
server = 0-verify-success-server
|
||||
server2 = 0-verify-success-server2
|
||||
client = 0-verify-success-client
|
||||
|
||||
[0-verify-success-server]
|
||||
|
|
@ -26,19 +25,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-verify-success-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-verify-success-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-0]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -50,7 +41,6 @@ ssl_conf = 1-verify-custom-reject-ssl
|
|||
|
||||
[1-verify-custom-reject-ssl]
|
||||
server = 1-verify-custom-reject-server
|
||||
server2 = 1-verify-custom-reject-server2
|
||||
client = 1-verify-custom-reject-client
|
||||
|
||||
[1-verify-custom-reject-server]
|
||||
|
|
@ -58,19 +48,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[1-verify-custom-reject-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[1-verify-custom-reject-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-1]
|
||||
ClientAlert = HandshakeFailure
|
||||
ClientVerifyCallback = RejectAll
|
||||
|
|
@ -84,7 +66,6 @@ ssl_conf = 2-verify-custom-allow-ssl
|
|||
|
||||
[2-verify-custom-allow-ssl]
|
||||
server = 2-verify-custom-allow-server
|
||||
server2 = 2-verify-custom-allow-server2
|
||||
client = 2-verify-custom-allow-client
|
||||
|
||||
[2-verify-custom-allow-server]
|
||||
|
|
@ -92,19 +73,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[2-verify-custom-allow-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[2-verify-custom-allow-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-2]
|
||||
ClientVerifyCallback = AcceptAll
|
||||
ExpectedResult = Success
|
||||
|
|
@ -117,7 +90,6 @@ ssl_conf = 3-noverify-success-ssl
|
|||
|
||||
[3-noverify-success-ssl]
|
||||
server = 3-noverify-success-server
|
||||
server2 = 3-noverify-success-server2
|
||||
client = 3-noverify-success-client
|
||||
|
||||
[3-noverify-success-server]
|
||||
|
|
@ -125,17 +97,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[3-noverify-success-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[3-noverify-success-client]
|
||||
CipherString = DEFAULT
|
||||
|
||||
|
||||
[test-3]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -147,7 +111,6 @@ ssl_conf = 4-noverify-ignore-custom-reject-ssl
|
|||
|
||||
[4-noverify-ignore-custom-reject-ssl]
|
||||
server = 4-noverify-ignore-custom-reject-server
|
||||
server2 = 4-noverify-ignore-custom-reject-server2
|
||||
client = 4-noverify-ignore-custom-reject-client
|
||||
|
||||
[4-noverify-ignore-custom-reject-server]
|
||||
|
|
@ -155,17 +118,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[4-noverify-ignore-custom-reject-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[4-noverify-ignore-custom-reject-client]
|
||||
CipherString = DEFAULT
|
||||
|
||||
|
||||
[test-4]
|
||||
ClientVerifyCallback = RejectAll
|
||||
ExpectedResult = Success
|
||||
|
|
@ -178,7 +133,6 @@ ssl_conf = 5-noverify-accept-custom-allow-ssl
|
|||
|
||||
[5-noverify-accept-custom-allow-ssl]
|
||||
server = 5-noverify-accept-custom-allow-server
|
||||
server2 = 5-noverify-accept-custom-allow-server2
|
||||
client = 5-noverify-accept-custom-allow-client
|
||||
|
||||
[5-noverify-accept-custom-allow-server]
|
||||
|
|
@ -186,17 +140,9 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[5-noverify-accept-custom-allow-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[5-noverify-accept-custom-allow-client]
|
||||
CipherString = DEFAULT
|
||||
|
||||
|
||||
[test-5]
|
||||
ClientVerifyCallback = AcceptAll
|
||||
ExpectedResult = Success
|
||||
|
|
@ -209,7 +155,6 @@ ssl_conf = 6-verify-fail-no-root-ssl
|
|||
|
||||
[6-verify-fail-no-root-ssl]
|
||||
server = 6-verify-fail-no-root-server
|
||||
server2 = 6-verify-fail-no-root-server2
|
||||
client = 6-verify-fail-no-root-client
|
||||
|
||||
[6-verify-fail-no-root-server]
|
||||
|
|
@ -217,18 +162,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[6-verify-fail-no-root-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[6-verify-fail-no-root-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-6]
|
||||
ClientAlert = UnknownCA
|
||||
ExpectedResult = ClientFail
|
||||
|
|
@ -241,7 +178,6 @@ ssl_conf = 7-verify-custom-success-no-root-ssl
|
|||
|
||||
[7-verify-custom-success-no-root-ssl]
|
||||
server = 7-verify-custom-success-no-root-server
|
||||
server2 = 7-verify-custom-success-no-root-server2
|
||||
client = 7-verify-custom-success-no-root-client
|
||||
|
||||
[7-verify-custom-success-no-root-server]
|
||||
|
|
@ -249,18 +185,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[7-verify-custom-success-no-root-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[7-verify-custom-success-no-root-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-7]
|
||||
ClientVerifyCallback = AcceptAll
|
||||
ExpectedResult = Success
|
||||
|
|
@ -273,7 +201,6 @@ ssl_conf = 8-verify-custom-fail-no-root-ssl
|
|||
|
||||
[8-verify-custom-fail-no-root-ssl]
|
||||
server = 8-verify-custom-fail-no-root-server
|
||||
server2 = 8-verify-custom-fail-no-root-server2
|
||||
client = 8-verify-custom-fail-no-root-client
|
||||
|
||||
[8-verify-custom-fail-no-root-server]
|
||||
|
|
@ -281,18 +208,10 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[8-verify-custom-fail-no-root-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[8-verify-custom-fail-no-root-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-8]
|
||||
ClientAlert = HandshakeFailure
|
||||
ClientVerifyCallback = RejectAll
|
||||
|
|
|
|||
|
|
@ -29,7 +29,6 @@ ssl_conf = 0-server-auth-flex-ssl
|
|||
|
||||
[0-server-auth-flex-ssl]
|
||||
server = 0-server-auth-flex-server
|
||||
server2 = 0-server-auth-flex-server2
|
||||
client = 0-server-auth-flex-client
|
||||
|
||||
[0-server-auth-flex-server]
|
||||
|
|
@ -37,19 +36,11 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-server-auth-flex-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-server-auth-flex-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-0]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -61,7 +52,6 @@ ssl_conf = 1-client-auth-flex-request-ssl
|
|||
|
||||
[1-client-auth-flex-request-ssl]
|
||||
server = 1-client-auth-flex-request-server
|
||||
server2 = 1-client-auth-flex-request-server2
|
||||
client = 1-client-auth-flex-request-client
|
||||
|
||||
[1-client-auth-flex-request-server]
|
||||
|
|
@ -70,20 +60,11 @@ CipherString = DEFAULT
|
|||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[1-client-auth-flex-request-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[1-client-auth-flex-request-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-1]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -95,7 +76,6 @@ ssl_conf = 2-client-auth-flex-require-fail-ssl
|
|||
|
||||
[2-client-auth-flex-require-fail-ssl]
|
||||
server = 2-client-auth-flex-require-fail-server
|
||||
server2 = 2-client-auth-flex-require-fail-server2
|
||||
client = 2-client-auth-flex-require-fail-client
|
||||
|
||||
[2-client-auth-flex-require-fail-server]
|
||||
|
|
@ -105,21 +85,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[2-client-auth-flex-require-fail-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[2-client-auth-flex-require-fail-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-2]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = HandshakeFailure
|
||||
|
|
@ -132,7 +102,6 @@ ssl_conf = 3-client-auth-flex-require-ssl
|
|||
|
||||
[3-client-auth-flex-require-ssl]
|
||||
server = 3-client-auth-flex-require-server
|
||||
server2 = 3-client-auth-flex-require-server2
|
||||
client = 3-client-auth-flex-require-client
|
||||
|
||||
[3-client-auth-flex-require-server]
|
||||
|
|
@ -142,15 +111,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[3-client-auth-flex-require-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[3-client-auth-flex-require-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -158,7 +118,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-3]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -170,7 +129,6 @@ ssl_conf = 4-client-auth-flex-noroot-ssl
|
|||
|
||||
[4-client-auth-flex-noroot-ssl]
|
||||
server = 4-client-auth-flex-noroot-server
|
||||
server2 = 4-client-auth-flex-noroot-server2
|
||||
client = 4-client-auth-flex-noroot-client
|
||||
|
||||
[4-client-auth-flex-noroot-server]
|
||||
|
|
@ -179,14 +137,6 @@ CipherString = DEFAULT
|
|||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[4-client-auth-flex-noroot-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[4-client-auth-flex-noroot-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -194,7 +144,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-4]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = UnknownCA
|
||||
|
|
@ -207,7 +156,6 @@ ssl_conf = 5-server-auth-TLSv1-ssl
|
|||
|
||||
[5-server-auth-TLSv1-ssl]
|
||||
server = 5-server-auth-TLSv1-server
|
||||
server2 = 5-server-auth-TLSv1-server2
|
||||
client = 5-server-auth-TLSv1-client
|
||||
|
||||
[5-server-auth-TLSv1-server]
|
||||
|
|
@ -216,21 +164,12 @@ CipherString = DEFAULT
|
|||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1
|
||||
|
||||
|
||||
[5-server-auth-TLSv1-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1
|
||||
|
||||
|
||||
[5-server-auth-TLSv1-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-5]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -242,7 +181,6 @@ ssl_conf = 6-client-auth-TLSv1-request-ssl
|
|||
|
||||
[6-client-auth-TLSv1-request-ssl]
|
||||
server = 6-client-auth-TLSv1-request-server
|
||||
server2 = 6-client-auth-TLSv1-request-server2
|
||||
client = 6-client-auth-TLSv1-request-client
|
||||
|
||||
[6-client-auth-TLSv1-request-server]
|
||||
|
|
@ -252,22 +190,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
Protocol = TLSv1
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[6-client-auth-TLSv1-request-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[6-client-auth-TLSv1-request-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-6]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -279,7 +207,6 @@ ssl_conf = 7-client-auth-TLSv1-require-fail-ssl
|
|||
|
||||
[7-client-auth-TLSv1-require-fail-ssl]
|
||||
server = 7-client-auth-TLSv1-require-fail-server
|
||||
server2 = 7-client-auth-TLSv1-require-fail-server2
|
||||
client = 7-client-auth-TLSv1-require-fail-client
|
||||
|
||||
[7-client-auth-TLSv1-require-fail-server]
|
||||
|
|
@ -290,23 +217,12 @@ Protocol = TLSv1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[7-client-auth-TLSv1-require-fail-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[7-client-auth-TLSv1-require-fail-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-7]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = HandshakeFailure
|
||||
|
|
@ -319,7 +235,6 @@ ssl_conf = 8-client-auth-TLSv1-require-ssl
|
|||
|
||||
[8-client-auth-TLSv1-require-ssl]
|
||||
server = 8-client-auth-TLSv1-require-server
|
||||
server2 = 8-client-auth-TLSv1-require-server2
|
||||
client = 8-client-auth-TLSv1-require-client
|
||||
|
||||
[8-client-auth-TLSv1-require-server]
|
||||
|
|
@ -330,16 +245,6 @@ Protocol = TLSv1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[8-client-auth-TLSv1-require-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[8-client-auth-TLSv1-require-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -348,7 +253,6 @@ Protocol = TLSv1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-8]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -360,7 +264,6 @@ ssl_conf = 9-client-auth-TLSv1-noroot-ssl
|
|||
|
||||
[9-client-auth-TLSv1-noroot-ssl]
|
||||
server = 9-client-auth-TLSv1-noroot-server
|
||||
server2 = 9-client-auth-TLSv1-noroot-server2
|
||||
client = 9-client-auth-TLSv1-noroot-client
|
||||
|
||||
[9-client-auth-TLSv1-noroot-server]
|
||||
|
|
@ -370,15 +273,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
Protocol = TLSv1
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[9-client-auth-TLSv1-noroot-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[9-client-auth-TLSv1-noroot-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -387,7 +281,6 @@ Protocol = TLSv1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-9]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = UnknownCA
|
||||
|
|
@ -400,7 +293,6 @@ ssl_conf = 10-server-auth-TLSv1.1-ssl
|
|||
|
||||
[10-server-auth-TLSv1.1-ssl]
|
||||
server = 10-server-auth-TLSv1.1-server
|
||||
server2 = 10-server-auth-TLSv1.1-server2
|
||||
client = 10-server-auth-TLSv1.1-client
|
||||
|
||||
[10-server-auth-TLSv1.1-server]
|
||||
|
|
@ -409,21 +301,12 @@ CipherString = DEFAULT
|
|||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.1
|
||||
|
||||
|
||||
[10-server-auth-TLSv1.1-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.1
|
||||
|
||||
|
||||
[10-server-auth-TLSv1.1-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1.1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-10]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -435,7 +318,6 @@ ssl_conf = 11-client-auth-TLSv1.1-request-ssl
|
|||
|
||||
[11-client-auth-TLSv1.1-request-ssl]
|
||||
server = 11-client-auth-TLSv1.1-request-server
|
||||
server2 = 11-client-auth-TLSv1.1-request-server2
|
||||
client = 11-client-auth-TLSv1.1-request-client
|
||||
|
||||
[11-client-auth-TLSv1.1-request-server]
|
||||
|
|
@ -445,22 +327,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
Protocol = TLSv1.1
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[11-client-auth-TLSv1.1-request-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.1
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[11-client-auth-TLSv1.1-request-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1.1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-11]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -472,7 +344,6 @@ ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl
|
|||
|
||||
[12-client-auth-TLSv1.1-require-fail-ssl]
|
||||
server = 12-client-auth-TLSv1.1-require-fail-server
|
||||
server2 = 12-client-auth-TLSv1.1-require-fail-server2
|
||||
client = 12-client-auth-TLSv1.1-require-fail-client
|
||||
|
||||
[12-client-auth-TLSv1.1-require-fail-server]
|
||||
|
|
@ -483,23 +354,12 @@ Protocol = TLSv1.1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[12-client-auth-TLSv1.1-require-fail-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[12-client-auth-TLSv1.1-require-fail-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1.1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-12]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = HandshakeFailure
|
||||
|
|
@ -512,7 +372,6 @@ ssl_conf = 13-client-auth-TLSv1.1-require-ssl
|
|||
|
||||
[13-client-auth-TLSv1.1-require-ssl]
|
||||
server = 13-client-auth-TLSv1.1-require-server
|
||||
server2 = 13-client-auth-TLSv1.1-require-server2
|
||||
client = 13-client-auth-TLSv1.1-require-client
|
||||
|
||||
[13-client-auth-TLSv1.1-require-server]
|
||||
|
|
@ -523,16 +382,6 @@ Protocol = TLSv1.1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[13-client-auth-TLSv1.1-require-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.1
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[13-client-auth-TLSv1.1-require-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -541,7 +390,6 @@ Protocol = TLSv1.1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-13]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -553,7 +401,6 @@ ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl
|
|||
|
||||
[14-client-auth-TLSv1.1-noroot-ssl]
|
||||
server = 14-client-auth-TLSv1.1-noroot-server
|
||||
server2 = 14-client-auth-TLSv1.1-noroot-server2
|
||||
client = 14-client-auth-TLSv1.1-noroot-client
|
||||
|
||||
[14-client-auth-TLSv1.1-noroot-server]
|
||||
|
|
@ -563,15 +410,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
Protocol = TLSv1.1
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[14-client-auth-TLSv1.1-noroot-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.1
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[14-client-auth-TLSv1.1-noroot-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -580,7 +418,6 @@ Protocol = TLSv1.1
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-14]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = UnknownCA
|
||||
|
|
@ -593,7 +430,6 @@ ssl_conf = 15-server-auth-TLSv1.2-ssl
|
|||
|
||||
[15-server-auth-TLSv1.2-ssl]
|
||||
server = 15-server-auth-TLSv1.2-server
|
||||
server2 = 15-server-auth-TLSv1.2-server2
|
||||
client = 15-server-auth-TLSv1.2-client
|
||||
|
||||
[15-server-auth-TLSv1.2-server]
|
||||
|
|
@ -602,21 +438,12 @@ CipherString = DEFAULT
|
|||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.2
|
||||
|
||||
|
||||
[15-server-auth-TLSv1.2-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.2
|
||||
|
||||
|
||||
[15-server-auth-TLSv1.2-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1.2
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-15]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -628,7 +455,6 @@ ssl_conf = 16-client-auth-TLSv1.2-request-ssl
|
|||
|
||||
[16-client-auth-TLSv1.2-request-ssl]
|
||||
server = 16-client-auth-TLSv1.2-request-server
|
||||
server2 = 16-client-auth-TLSv1.2-request-server2
|
||||
client = 16-client-auth-TLSv1.2-request-client
|
||||
|
||||
[16-client-auth-TLSv1.2-request-server]
|
||||
|
|
@ -638,22 +464,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
Protocol = TLSv1.2
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[16-client-auth-TLSv1.2-request-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.2
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[16-client-auth-TLSv1.2-request-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1.2
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-16]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -665,7 +481,6 @@ ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl
|
|||
|
||||
[17-client-auth-TLSv1.2-require-fail-ssl]
|
||||
server = 17-client-auth-TLSv1.2-require-fail-server
|
||||
server2 = 17-client-auth-TLSv1.2-require-fail-server2
|
||||
client = 17-client-auth-TLSv1.2-require-fail-client
|
||||
|
||||
[17-client-auth-TLSv1.2-require-fail-server]
|
||||
|
|
@ -676,23 +491,12 @@ Protocol = TLSv1.2
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[17-client-auth-TLSv1.2-require-fail-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.2
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[17-client-auth-TLSv1.2-require-fail-client]
|
||||
CipherString = DEFAULT
|
||||
Protocol = TLSv1.2
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-17]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = HandshakeFailure
|
||||
|
|
@ -705,7 +509,6 @@ ssl_conf = 18-client-auth-TLSv1.2-require-ssl
|
|||
|
||||
[18-client-auth-TLSv1.2-require-ssl]
|
||||
server = 18-client-auth-TLSv1.2-require-server
|
||||
server2 = 18-client-auth-TLSv1.2-require-server2
|
||||
client = 18-client-auth-TLSv1.2-require-client
|
||||
|
||||
[18-client-auth-TLSv1.2-require-server]
|
||||
|
|
@ -716,16 +519,6 @@ Protocol = TLSv1.2
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[18-client-auth-TLSv1.2-require-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.2
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
||||
VerifyMode = Request
|
||||
|
||||
|
||||
[18-client-auth-TLSv1.2-require-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -734,7 +527,6 @@ Protocol = TLSv1.2
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-18]
|
||||
ExpectedResult = Success
|
||||
|
||||
|
|
@ -746,7 +538,6 @@ ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl
|
|||
|
||||
[19-client-auth-TLSv1.2-noroot-ssl]
|
||||
server = 19-client-auth-TLSv1.2-noroot-server
|
||||
server2 = 19-client-auth-TLSv1.2-noroot-server2
|
||||
client = 19-client-auth-TLSv1.2-noroot-client
|
||||
|
||||
[19-client-auth-TLSv1.2-noroot-server]
|
||||
|
|
@ -756,15 +547,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|||
Protocol = TLSv1.2
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[19-client-auth-TLSv1.2-noroot-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
Protocol = TLSv1.2
|
||||
VerifyMode = Require
|
||||
|
||||
|
||||
[19-client-auth-TLSv1.2-noroot-client]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
|
||||
CipherString = DEFAULT
|
||||
|
|
@ -773,7 +555,6 @@ Protocol = TLSv1.2
|
|||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-19]
|
||||
ExpectedResult = ServerFail
|
||||
ServerAlert = UnknownCA
|
||||
|
|
|
|||
|
|
@ -18,19 +18,16 @@ Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-SNI-default-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-SNI-default-client]
|
||||
CipherString = DEFAULT
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-0]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ our @tests = (
|
|||
{
|
||||
name => "SNI-default",
|
||||
server => { },
|
||||
server2 => { },
|
||||
client => { },
|
||||
test => { "ServerName" => "server2",
|
||||
"ExpectedResult" => "Success" },
|
||||
|
|
|
|||
|
|
@ -35,21 +35,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[0-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-0]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -72,21 +69,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[1-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[1-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-1]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -109,21 +103,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[2-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[2-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-2]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -146,21 +137,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[3-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[3-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-3]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -183,21 +171,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[4-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[4-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-4]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -220,21 +205,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[5-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[5-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-5]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -257,21 +239,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[6-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[6-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-6]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -294,21 +273,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[7-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[7-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-7]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -331,21 +307,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[8-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[8-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-8]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -368,21 +341,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[9-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[9-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-9]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -405,21 +375,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[10-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[10-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-10]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -442,21 +409,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[11-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[11-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-11]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -479,21 +443,18 @@ CipherString = DEFAULT
|
|||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[12-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[12-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-12]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -516,21 +477,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[13-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[13-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-13]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -553,21 +511,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[14-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[14-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-14]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
@ -590,21 +545,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[15-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[15-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-15]
|
||||
ExpectedResult = Success
|
||||
ServerName = server1
|
||||
|
|
@ -627,21 +579,18 @@ CipherString = DEFAULT
|
|||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[16-sni-session-ticket-server2]
|
||||
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
||||
|
||||
|
||||
[16-sni-session-ticket-client]
|
||||
CipherString = DEFAULT
|
||||
Options = -SessionTicket
|
||||
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
||||
VerifyMode = Peer
|
||||
|
||||
|
||||
[test-16]
|
||||
ExpectedResult = Success
|
||||
ServerName = server2
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -176,11 +176,16 @@ static int execute_test(SSL_TEST_FIXTURE fixture)
|
|||
SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL;
|
||||
SSL_TEST_CTX *test_ctx = NULL;
|
||||
HANDSHAKE_RESULT result;
|
||||
const char *server2;
|
||||
|
||||
test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app);
|
||||
if (test_ctx == NULL)
|
||||
goto err;
|
||||
|
||||
/* Use ServerName to detect if we're testing SNI. */
|
||||
server2 = (test_ctx->servername != SSL_TEST_SERVERNAME_NONE) ? "server2"
|
||||
: "server";
|
||||
|
||||
#ifndef OPENSSL_NO_DTLS
|
||||
if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
|
||||
server_ctx = SSL_CTX_new(DTLS_server_method());
|
||||
|
|
@ -200,15 +205,11 @@ static int execute_test(SSL_TEST_FIXTURE fixture)
|
|||
OPENSSL_assert(CONF_modules_load(conf, fixture.test_app, 0) > 0);
|
||||
|
||||
if (!SSL_CTX_config(server_ctx, "server")
|
||||
|| !SSL_CTX_config(server2_ctx, "server2")
|
||||
|| !SSL_CTX_config(server2_ctx, server2)
|
||||
|| !SSL_CTX_config(client_ctx, "client")) {
|
||||
goto err;
|
||||
}
|
||||
|
||||
test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app);
|
||||
if (test_ctx == NULL)
|
||||
goto err;
|
||||
|
||||
result = do_handshake(server_ctx, server2_ctx, client_ctx, test_ctx);
|
||||
|
||||
ret = check_test(result, test_ctx);
|
||||
|
|
|
|||
|
|
@ -2,8 +2,13 @@
|
|||
ssl_conf = {-$testname-}-ssl
|
||||
|
||||
[{-$testname-}-ssl]
|
||||
server = {-$testname-}-server
|
||||
server2 = {-$testname-}-server2
|
||||
server = {-$testname-}-server{-
|
||||
# The server2 section is optional.
|
||||
$OUT = "";
|
||||
if (%server2) {
|
||||
$OUT .= "\nserver2 = $testname-server2";
|
||||
}
|
||||
-}
|
||||
client = {-$testname-}-client
|
||||
|
||||
[{-$testname-}-server]
|
||||
|
|
@ -11,22 +16,19 @@ client = {-$testname-}-client
|
|||
foreach my $key (sort keys %server) {
|
||||
$OUT .= qq{$key} . " = " . qq{$server{$key}\n} if defined $server{$key};
|
||||
}
|
||||
-}
|
||||
|
||||
[{-$testname-}-server2]
|
||||
{-
|
||||
foreach my $key (sort keys %server2) {
|
||||
$OUT .= qq{$key} . " = " . qq{$server2{$key}\n} if defined $server2{$key};
|
||||
if (%server2) {
|
||||
$OUT .= "\n[$testname-server2]\n";
|
||||
foreach my $key (sort keys %server2) {
|
||||
$OUT .= qq{$key} . " = " . qq{$server2{$key}\n} if defined $server2{$key};
|
||||
}
|
||||
}
|
||||
-}
|
||||
|
||||
[{-$testname-}-client]
|
||||
{-
|
||||
foreach my $key (sort keys %client) {
|
||||
$OUT .= qq{$key} . " = " . qq{$client{$key}\n} if defined $client{$key};
|
||||
}
|
||||
-}
|
||||
|
||||
[test-{-$idx-}]
|
||||
{-
|
||||
foreach my $key (sort keys %test) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue