453dfd8d5e
Currently, SSL tests are configured via command-line switches to ssltest.c. This results in a lot of duplication between ssltest.c and apps, and a complex setup. ssltest.c is also simply old and needs maintenance. Instead, we already have a way to configure SSL servers and clients, so we leverage that. SSL tests can now be configured from a configuration file. Test servers and clients are configured using the standard ssl_conf module. Additional test settings are configured via a test configuration. Moreover, since the CONF language involves unnecessary boilerplate, the test conf itself is generated from a shorter Perl syntax. The generated testcase files are checked in to the repo to make it easier to verify that the intended test cases are in fact run; and to simplify debugging failures. To demonstrate the approach, min/max protocol tests are converted to the new format. This change also fixes MinProtocol and MaxProtocol handling. It was previously requested that an SSL_CTX have both the server and client flags set for these commands; this clearly can never work. Guide to this PR: - test/ssl_test.c - test framework - test/ssl_test_ctx.* - test configuration structure - test/handshake_helper.* - new SSL test handshaking code - test/ssl-tests/ - test configurations - test/generate_ssl_tests.pl - script for generating CONF-style test configurations from perl inputs Reviewed-by: Richard Levitte <levitte@openssl.org>
18 lines
293 B
Text
18 lines
293 B
Text
[ssltest_default]
|
|
|
|
[ssltest_good]
|
|
ExpectedResult = ServerFail
|
|
ClientAlert = UnknownCA
|
|
Protocol = TLSv1.1
|
|
|
|
[ssltest_unknown_option]
|
|
UnknownOption = Foo
|
|
|
|
[ssltest_unknown_expected_result]
|
|
ExpectedResult = Foo
|
|
|
|
[ssltest_unknown_alert]
|
|
ServerAlert = Foo
|
|
|
|
[ssltest_unknown_protocol]
|
|
Protocol = Foo
|