2 # Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
10 ## SSL test configurations
16 use OpenSSL::Test::Utils;
22 name => "SNI-switch-context",
25 "ServerNameCallback" => "IgnoreMismatch",
30 "ServerName" => "server2",
34 "ExpectedServerName" => "server2",
35 "ExpectedResult" => "Success"
39 name => "SNI-keep-context",
42 "ServerNameCallback" => "IgnoreMismatch",
47 "ServerName" => "server1",
51 "ExpectedServerName" => "server1",
52 "ExpectedResult" => "Success"
56 name => "SNI-no-server-support",
60 "ServerName" => "server1",
63 test => { "ExpectedResult" => "Success" },
66 name => "SNI-no-client-support",
69 "ServerNameCallback" => "IgnoreMismatch",
74 # We expect that the callback is still called
75 # to let the application decide whether they tolerate
76 # missing SNI (as our test callback does).
77 "ExpectedServerName" => "server1",
78 "ExpectedResult" => "Success"
82 name => "SNI-bad-sni-ignore-mismatch",
85 "ServerNameCallback" => "IgnoreMismatch",
90 "ServerName" => "invalid",
94 "ExpectedServerName" => "server1",
95 "ExpectedResult" => "Success"
99 name => "SNI-bad-sni-reject-mismatch",
102 "ServerNameCallback" => "RejectMismatch",
107 "ServerName" => "invalid",
111 "ExpectedResult" => "ServerFail",
112 "ExpectedServerAlert" => "UnrecognizedName"
116 name => "SNI-bad-clienthello-sni-ignore-mismatch",
119 "ServerNameCallback" => "ClientHelloIgnoreMismatch",
124 "ServerName" => "invalid",
128 "ExpectedServerName" => "server1",
129 "ExpectedResult" => "Success"
133 name => "SNI-bad-clienthello-sni-reject-mismatch",
136 "ServerNameCallback" => "ClientHelloRejectMismatch",
141 "ServerName" => "invalid",
145 "ExpectedResult" => "ServerFail",
146 "ExpectedServerAlert" => "UnrecognizedName"
151 our @tests_tls_1_1 = (
153 name => "SNI-clienthello-disable-v12",
156 "ServerNameCallback" => "ClientHelloNoV12",
161 "ServerName" => "server2",
165 "ExpectedProtocol" => "TLSv1.1",
166 "ExpectedServerName" => "server2",
171 push @tests, @tests_tls_1_1 unless disabled("tls1_1") || $fips_mode;