05-sni.cnf.in@ 94330

Last change on this file since 94330 was 94320, checked in by vboxsync, 3 years ago
libs/openssl-3.0.1: Export to OSE and fix copyright headers in Makefiles, bugref:10128
File size: 4.3 KB

Line
1	# -- mode: perl; --
2	# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
3	#
4	# Licensed under the Apache License 2.0 (the "License"). You may not use
5	# this file except in compliance with the License. You can obtain a copy
6	# in the file LICENSE in the source distribution or at
7	# https://www.openssl.org/source/license.html
8
9
10	## SSL test configurations
11
12	use strict;
13	use warnings;
14
15	package ssltests;
16	use OpenSSL::Test::Utils;
17
18	our $fips_mode;
19
20	our @tests = (
21	{
22	name => "SNI-switch-context",
23	server => {
24	extra => {
25	"ServerNameCallback" => "IgnoreMismatch",
26	},
27	},
28	client => {
29	extra => {
30	"ServerName" => "server2",
31	},
32	},
33	test => {
34	"ExpectedServerName" => "server2",
35	"ExpectedResult" => "Success"
36	},
37	},
38	{
39	name => "SNI-keep-context",
40	server => {
41	extra => {
42	"ServerNameCallback" => "IgnoreMismatch",
43	},
44	},
45	client => {
46	extra => {
47	"ServerName" => "server1",
48	},
49	},
50	test => {
51	"ExpectedServerName" => "server1",
52	"ExpectedResult" => "Success"
53	},
54	},
55	{
56	name => "SNI-no-server-support",
57	server => { },
58	client => {
59	extra => {
60	"ServerName" => "server1",
61	},
62	},
63	test => { "ExpectedResult" => "Success" },
64	},
65	{
66	name => "SNI-no-client-support",
67	server => {
68	extra => {
69	"ServerNameCallback" => "IgnoreMismatch",
70	},
71	},
72	client => { },
73	test => {
74	# We expect that the callback is still called
75	# to let the application decide whether they tolerate
76	# missing SNI (as our test callback does).
77	"ExpectedServerName" => "server1",
78	"ExpectedResult" => "Success"
79	},
80	},
81	{
82	name => "SNI-bad-sni-ignore-mismatch",
83	server => {
84	extra => {
85	"ServerNameCallback" => "IgnoreMismatch",
86	},
87	},
88	client => {
89	extra => {
90	"ServerName" => "invalid",
91	},
92	},
93	test => {
94	"ExpectedServerName" => "server1",
95	"ExpectedResult" => "Success"
96	},
97	},
98	{
99	name => "SNI-bad-sni-reject-mismatch",
100	server => {
101	extra => {
102	"ServerNameCallback" => "RejectMismatch",
103	},
104	},
105	client => {
106	extra => {
107	"ServerName" => "invalid",
108	},
109	},
110	test => {
111	"ExpectedResult" => "ServerFail",
112	"ExpectedServerAlert" => "UnrecognizedName"
113	},
114	},
115	{
116	name => "SNI-bad-clienthello-sni-ignore-mismatch",
117	server => {
118	extra => {
119	"ServerNameCallback" => "ClientHelloIgnoreMismatch",
120	},
121	},
122	client => {
123	extra => {
124	"ServerName" => "invalid",
125	},
126	},
127	test => {
128	"ExpectedServerName" => "server1",
129	"ExpectedResult" => "Success"
130	},
131	},
132	{
133	name => "SNI-bad-clienthello-sni-reject-mismatch",
134	server => {
135	extra => {
136	"ServerNameCallback" => "ClientHelloRejectMismatch",
137	},
138	},
139	client => {
140	extra => {
141	"ServerName" => "invalid",
142	},
143	},
144	test => {
145	"ExpectedResult" => "ServerFail",
146	"ExpectedServerAlert" => "UnrecognizedName"
147	},
148	},
149	);
150
151	our @tests_tls_1_1 = (
152	{
153	name => "SNI-clienthello-disable-v12",
154	server => {
155	"CipherString" => "DEFAULT:\@SECLEVEL=0",
156	extra => {
157	"ServerNameCallback" => "ClientHelloNoV12",
158	},
159	},
160	client => {
161	"CipherString" => "DEFAULT:\@SECLEVEL=0",
162	extra => {
163	"ServerName" => "server2",
164	},
165	},
166	test => {
167	"ExpectedProtocol" => "TLSv1.1",
168	"ExpectedServerName" => "server2",
169	},
170	},
171	);
172
173	push @tests, @tests_tls_1_1 unless disabled("tls1_1") \|\| $fips_mode;

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format