openssl/test/ssl-tests/05-sni.conf.in

# -*- mode: perl; -*-
# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html


## SSL test configurations

use strict;
use warnings;

package ssltests;
use OpenSSL::Test::Utils;

our @tests = (
    {
        name => "SNI-switch-context",
        server => {
            extra => {
                "ServerNameCallback" => "IgnoreMismatch",
            },
        },
        client => {
            extra => {
                "ServerName" => "server2",
            },
        },
        test   => {
            "ExpectedServerName" => "server2",
            "ExpectedResult" => "Success"
        },
    },
    {
        name => "SNI-keep-context",
        server => {
            extra => {
                "ServerNameCallback" => "IgnoreMismatch",
            },
        },
        client => {
            extra => {
                "ServerName" => "server1",
            },
        },
        test   => {
            "ExpectedServerName" => "server1",
            "ExpectedResult" => "Success"
        },
    },
    {
        name => "SNI-no-server-support",
        server => { },
        client => {
            extra => {
                "ServerName" => "server1",
            },
        },
        test   => { "ExpectedResult" => "Success" },
    },
    {
        name => "SNI-no-client-support",
        server => {
            extra => {
                "ServerNameCallback" => "IgnoreMismatch",
            },
        },
        client => { },
        test   => {
            # We expect that the callback is still called
            # to let the application decide whether they tolerate
            # missing SNI (as our test callback does).
            "ExpectedServerName" => "server1",
            "ExpectedResult" => "Success"
        },
    },
    {
        name => "SNI-bad-sni-ignore-mismatch",
        server => {
            extra => {
                "ServerNameCallback" => "IgnoreMismatch",
            },
        },
        client => {
            extra => {
                "ServerName" => "invalid",
            },
        },
        test   => {
            "ExpectedServerName" => "server1",
            "ExpectedResult" => "Success"
        },
    },
    {
        name => "SNI-bad-sni-reject-mismatch",
        server => {
            extra => {
                "ServerNameCallback" => "RejectMismatch",
            },
        },
        client => {
            extra => {
                "ServerName" => "invalid",
            },
        },
        test   => {
            "ExpectedResult" => "ServerFail",
            "ExpectedServerAlert" => "UnrecognizedName"
        },
    },
    {
        name => "SNI-bad-early-sni-ignore-mismatch",
        server => {
            extra => {
                "ServerNameCallback" => "EarlyIgnoreMismatch",
            },
        },
        client => {
            extra => {
                "ServerName" => "invalid",
            },
        },
        test   => {
            "ExpectedServerName" => "server1",
            "ExpectedResult" => "Success"
        },
    },
    {
        name => "SNI-bad-early-sni-reject-mismatch",
        server => {
            extra => {
                "ServerNameCallback" => "EarlyRejectMismatch",
            },
        },
        client => {
            extra => {
                "ServerName" => "invalid",
            },
        },
        test   => {
            "ExpectedResult" => "ServerFail",
            "ExpectedServerAlert" => "UnrecognizedName"
        },
    },
);

our @tests_tls_1_1 = (
    {
        name => "SNI-early-disable-v12",
        server => {
            extra => {
                "ServerNameCallback" => "EarlyNoV12",
            },
        },
        client => {
            extra => {
                "ServerName" => "server2",
            },
        },
        test   => {
            "ExpectedProtocol" => "TLSv1.1",
            "ExpectedServerName" => "server2",
        },
    },
);

push @tests, @tests_tls_1_1 unless disabled("tls1_1");