test/ssl-tests/05-sni.conf.in

   1 # -*- mode: perl; -*-
   2 # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
   3 #
   4 # Licensed under the OpenSSL license (the "License").  You may not use
   5 # this file except in compliance with the License.  You can obtain a copy
   6 # in the file LICENSE in the source distribution or at
   7 # https://www.openssl.org/source/license.html
   8
   9
  10 ## SSL test configurations
  11
  12 use strict;
  13 use warnings;
  14
  15 package ssltests;
  16 use OpenSSL::Test::Utils;
  17
  18 our @tests = (
  19     {
  20         name => "SNI-switch-context",
  21         server => {
  22             extra => {
  23                 "ServerNameCallback" => "IgnoreMismatch",
  24             },
  25         },
  26         client => {
  27             extra => {
  28                 "ServerName" => "server2",
  29             },
  30         },
  31         test   => {
  32             "ExpectedServerName" => "server2",
  33             "ExpectedResult" => "Success"
  34         },
  35     },
  36     {
  37         name => "SNI-keep-context",
  38         server => {
  39             extra => {
  40                 "ServerNameCallback" => "IgnoreMismatch",
  41             },
  42         },
  43         client => {
  44             extra => {
  45                 "ServerName" => "server1",
  46             },
  47         },
  48         test   => {
  49             "ExpectedServerName" => "server1",
  50             "ExpectedResult" => "Success"
  51         },
  52     },
  53     {
  54         name => "SNI-no-server-support",
  55         server => { },
  56         client => {
  57             extra => {
  58                 "ServerName" => "server1",
  59             },
  60         },
  61         test   => { "ExpectedResult" => "Success" },
  62     },
  63     {
  64         name => "SNI-no-client-support",
  65         server => {
  66             extra => {
  67                 "ServerNameCallback" => "IgnoreMismatch",
  68             },
  69         },
  70         client => { },
  71         test   => {
  72             # We expect that the callback is still called
  73             # to let the application decide whether they tolerate
  74             # missing SNI (as our test callback does).
  75             "ExpectedServerName" => "server1",
  76             "ExpectedResult" => "Success"
  77         },
  78     },
  79     {
  80         name => "SNI-bad-sni-ignore-mismatch",
  81         server => {
  82             extra => {
  83                 "ServerNameCallback" => "IgnoreMismatch",
  84             },
  85         },
  86         client => {
  87             extra => {
  88                 "ServerName" => "invalid",
  89             },
  90         },
  91         test   => {
  92             "ExpectedServerName" => "server1",
  93             "ExpectedResult" => "Success"
  94         },
  95     },
  96     {
  97         name => "SNI-bad-sni-reject-mismatch",
  98         server => {
  99             extra => {
 100                 "ServerNameCallback" => "RejectMismatch",
 101             },
 102         },
 103         client => {
 104             extra => {
 105                 "ServerName" => "invalid",
 106             },
 107         },
 108         test   => {
 109             "ExpectedResult" => "ServerFail",
 110             "ExpectedServerAlert" => "UnrecognizedName"
 111         },
 112     },
 113     {
 114         name => "SNI-bad-clienthello-sni-ignore-mismatch",
 115         server => {
 116             extra => {
 117                 "ServerNameCallback" => "ClientHelloIgnoreMismatch",
 118             },
 119         },
 120         client => {
 121             extra => {
 122                 "ServerName" => "invalid",
 123             },
 124         },
 125         test   => {
 126             "ExpectedServerName" => "server1",
 127             "ExpectedResult" => "Success"
 128         },
 129     },
 130     {
 131         name => "SNI-bad-clienthello-sni-reject-mismatch",
 132         server => {
 133             extra => {
 134                 "ServerNameCallback" => "ClientHelloRejectMismatch",
 135             },
 136         },
 137         client => {
 138             extra => {
 139                 "ServerName" => "invalid",
 140             },
 141         },
 142         test   => {
 143             "ExpectedResult" => "ServerFail",
 144             "ExpectedServerAlert" => "UnrecognizedName"
 145         },
 146     },
 147 );
 148
 149 our @tests_tls_1_1 = (
 150     {
 151         name => "SNI-clienthello-disable-v12",
 152         server => {
 153             extra => {
 154                 "ServerNameCallback" => "ClientHelloNoV12",
 155             },
 156         },
 157         client => {
 158             extra => {
 159                 "ServerName" => "server2",
 160             },
 161         },
 162         test   => {
 163             "ExpectedProtocol" => "TLSv1.1",
 164             "ExpectedServerName" => "server2",
 165         },
 166     },
 167 );
 168
 169 push @tests, @tests_tls_1_1 unless disabled("tls1_1");