453dfd8d5e
Currently, SSL tests are configured via command-line switches to ssltest.c. This results in a lot of duplication between ssltest.c and apps, and a complex setup. ssltest.c is also simply old and needs maintenance. Instead, we already have a way to configure SSL servers and clients, so we leverage that. SSL tests can now be configured from a configuration file. Test servers and clients are configured using the standard ssl_conf module. Additional test settings are configured via a test configuration. Moreover, since the CONF language involves unnecessary boilerplate, the test conf itself is generated from a shorter Perl syntax. The generated testcase files are checked in to the repo to make it easier to verify that the intended test cases are in fact run; and to simplify debugging failures. To demonstrate the approach, min/max protocol tests are converted to the new format. This change also fixes MinProtocol and MaxProtocol handling. It was previously requested that an SSL_CTX have both the server and client flags set for these commands; this clearly can never work. Guide to this PR: - test/ssl_test.c - test framework - test/ssl_test_ctx.* - test configuration structure - test/handshake_helper.* - new SSL test handshaking code - test/ssl-tests/ - test configurations - test/generate_ssl_tests.pl - script for generating CONF-style test configurations from perl inputs Reviewed-by: Richard Levitte <levitte@openssl.org>
35 lines
1.2 KiB
C
35 lines
1.2 KiB
C
/*
|
|
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL licenses, (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
* https://www.openssl.org/source/license.html
|
|
* or in the file LICENSE in the source distribution.
|
|
*/
|
|
|
|
#ifndef HEADER_HANDSHAKE_HELPER_H
|
|
#define HEADER_HANDSHAKE_HELPER_H
|
|
|
|
#include "ssl_test_ctx.h"
|
|
|
|
typedef struct handshake_result {
|
|
ssl_test_result_t result;
|
|
/* These alerts are in the 2-byte format returned by the info_callback. */
|
|
/* Alert sent by the client; 0 if no alert. */
|
|
int client_alert_sent;
|
|
/* Alert received by the server; 0 if no alert. */
|
|
int client_alert_received;
|
|
/* Alert sent by the server; 0 if no alert. */
|
|
int server_alert_sent;
|
|
/* Alert received by the client; 0 if no alert. */
|
|
int server_alert_received;
|
|
/* Negotiated protocol. On success, these should always match. */
|
|
int server_protocol;
|
|
int client_protocol;
|
|
} HANDSHAKE_RESULT;
|
|
|
|
/* Do a handshake and report some information about the result. */
|
|
HANDSHAKE_RESULT do_handshake(SSL_CTX *server_ctx, SSL_CTX *client_ctx);
|
|
|
|
#endif /* HEADER_HANDSHAKE_HELPER_H */
|