test/ssl-tests/06-sni-ticket.conf.in

   1 # -*- mode: perl; -*-
   2 # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
   3 #
   4 # Licensed under the OpenSSL license (the "License").  You may not use
   5 # this file except in compliance with the License.  You can obtain a copy
   6 # in the file LICENSE in the source distribution or at
   7 # https://www.openssl.org/source/license.html
   8
   9
  10 ## Test SNI/Session tickets
  11
  12 use strict;
  13 use warnings;
  14
  15 package ssltests;
  16
  17
  18 our @tests = ();
  19
  20 #Note: MaxProtocol is set to TLSv1.2 as session tickets work differently in
  21 #TLSv1.3.
  22 sub generate_tests() {
  23     foreach my $c ("SessionTicket", "-SessionTicket") {
  24         foreach my $s1 ("SessionTicket", "-SessionTicket") {
  25             foreach my $s2 ("SessionTicket", "-SessionTicket") {
  26                 foreach my $n ("server1", "server2") {
  27                     my $ticket_result = expected_result($c, $s1, $s2, $n);
  28                     my $session_id_result = "Yes"; # always, even with a ticket
  29                     push @tests, {
  30                         "name" => "sni-session-ticket",
  31                         "client" => {
  32                             "Options" => $c,
  33                             "extra" => {
  34                                 "ServerName" => $n,
  35                             },
  36                             "MaxProtocol" => "TLSv1.2"
  37                         },
  38                         "server" => {
  39                             "Options" => $s1,
  40                             "extra" => {
  41                                 # We don't test mismatch here.
  42                                 "ServerNameCallback" => "IgnoreMismatch",
  43                             },
  44                         },
  45                         "server2" => {
  46                             "Options" => $s2,
  47                         },
  48                         "test" => {
  49                             "ExpectedServerName" => $n,
  50                             "ExpectedResult" => "Success",
  51                             "SessionIdExpected" => $session_id_result,
  52                             "SessionTicketExpected" => $ticket_result,
  53                         }
  54                     };
  55                 }
  56             }
  57         }
  58     }
  59 }
  60
  61 # If the client has session tickets disabled, then No support
  62 # If the server initial_ctx has session tickets disabled, then No support
  63 # If SNI is in use, then if the "switched-to" context has session tickets disabled,
  64 #    then No support
  65 sub expected_result {
  66     my ($c, $s1, $s2, $n) = @_;
  67
  68     return "No" if $c eq "-SessionTicket";
  69     return "No" if $s1 eq "-SessionTicket";
  70     return "No" if ($s2 eq "-SessionTicket" && $n eq "server2");
  71
  72     return "Yes";
  73
  74 }
  75
  76 # Add a "Broken" case.
  77 push @tests, {
  78     "name" => "sni-session-ticket",
  79     "client" => {
  80         "MaxProtocol" => "TLSv1.2",
  81         "Options" => "SessionTicket",
  82         "extra" => {
  83             "ServerName" => "server1",
  84         }
  85     },
  86     "server" => {
  87         "Options" => "SessionTicket",
  88         "extra" => {
  89               "BrokenSessionTicket" => "Yes",
  90         },
  91     },
  92     "server2" => {
  93         "Options" => "SessionTicket",
  94     },
  95     "test" => {
  96         "ExpectedResult" => "Success",
  97         "SessionTicketExpected" => "No",
  98     }
  99 };
 100
 101 generate_tests();