2 # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
10 ## SSL test configurations
16 # Sanity-check that verification indeed succeeds without the
17 # restrictive callback.
19 name => "verify-success",
22 test => { "ExpectedResult" => "Success" },
25 # Same test as above but with a custom callback that always fails.
27 name => "verify-custom-reject",
31 "VerifyCallback" => "RejectAll",
35 "ExpectedResult" => "ClientFail",
36 "ExpectedClientAlert" => "HandshakeFailure",
40 # Same test as above but with a custom callback that always succeeds.
42 name => "verify-custom-allow",
46 "VerifyCallback" => "AcceptAll",
50 "ExpectedResult" => "Success",
54 # Same test as above but with a custom callback that requests retry once.
56 name => "verify-custom-retry",
60 "VerifyCallback" => "RetryOnce",
64 "ExpectedResult" => "Success",
68 # Sanity-check that verification indeed succeeds if peer verification
71 name => "noverify-success",
74 "VerifyMode" => undef,
75 "VerifyCAFile" => undef,
77 test => { "ExpectedResult" => "Success" },
80 # Same test as above but with a custom callback that always fails.
81 # The callback return has no impact on handshake success in this mode.
83 name => "noverify-ignore-custom-reject",
86 "VerifyMode" => undef,
87 "VerifyCAFile" => undef,
89 "VerifyCallback" => "RejectAll",
93 "ExpectedResult" => "Success",
97 # Same test as above but with a custom callback that always succeeds.
98 # The callback return has no impact on handshake success in this mode.
100 name => "noverify-accept-custom-allow",
103 "VerifyMode" => undef,
104 "VerifyCAFile" => undef,
106 "VerifyCallback" => "AcceptAll",
110 "ExpectedResult" => "Success",
114 # Sanity-check that verification indeed fails without the
115 # permissive callback.
117 name => "verify-fail-no-root",
120 # Don't set up the client root file.
121 "VerifyCAFile" => undef,
124 "ExpectedResult" => "ClientFail",
125 "ExpectedClientAlert" => "UnknownCA",
129 # Same test as above but with a custom callback that always succeeds.
131 name => "verify-custom-success-no-root",
134 "VerifyCAFile" => undef,
136 "VerifyCallback" => "AcceptAll",
140 "ExpectedResult" => "Success"
144 # Same test as above but with a custom callback that always fails.
146 name => "verify-custom-fail-no-root",
149 "VerifyCAFile" => undef,
151 "VerifyCallback" => "RejectAll",
155 "ExpectedResult" => "ClientFail",
156 "ExpectedClientAlert" => "HandshakeFailure",