test/ssl-tests/06-sni-ticket.conf.in

   1 # -*- mode: perl; -*-
   2 # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
   3 #
   4 # Licensed under the OpenSSL license (the "License").  You may not use
   5 # this file except in compliance with the License.  You can obtain a copy
   6 # in the file LICENSE in the source distribution or at
   7 # https://www.openssl.org/source/license.html
   8
   9
  10 ## Test SNI/Session tickets
  11
  12 use strict;
  13 use warnings;
  14
  15 package ssltests;
  16
  17
  18 our @tests = ();
  19
  20 #Note: MaxProtocol is set to TLSv1.2 as session tickets work differently in
  21 #TLSv1.3.
  22 sub generate_tests() {
  23     foreach my $c ("SessionTicket", "-SessionTicket") {
  24         foreach my $s1 ("SessionTicket", "-SessionTicket") {
  25             foreach my $s2 ("SessionTicket", "-SessionTicket") {
  26                 foreach my $n ("server1", "server2") {
  27                     my $result = expected_result($c, $s1, $s2, $n);
  28                     push @tests, {
  29                         "name" => "sni-session-ticket",
  30                         "client" => {
  31                             "Options" => $c,
  32                             "extra" => {
  33                                 "ServerName" => $n,
  34                             },
  35                             "MaxProtocol" => "TLSv1.2"
  36                         },
  37                         "server" => {
  38                             "Options" => $s1,
  39                             "extra" => {
  40                                 # We don't test mismatch here.
  41                                 "ServerNameCallback" => "IgnoreMismatch",
  42                             },
  43                         },
  44                         "server2" => {
  45                             "Options" => $s2,
  46                         },
  47                         "test" => {
  48                             "ExpectedServerName" => $n,
  49                             "ExpectedResult" => "Success",
  50                             "SessionTicketExpected" => $result,
  51                         }
  52                     };
  53                 }
  54             }
  55         }
  56     }
  57 }
  58
  59 # If the client has session tickets disabled, then No support
  60 # If the server initial_ctx has session tickets disabled, then No support
  61 # If SNI is in use, then if the "switched-to" context has session tickets disabled,
  62 #    then No support
  63 sub expected_result {
  64     my ($c, $s1, $s2, $n) = @_;
  65
  66     return "No" if $c eq "-SessionTicket";
  67     return "No" if $s1 eq "-SessionTicket";
  68     return "No" if ($s2 eq "-SessionTicket" && $n eq "server2");
  69
  70     return "Yes";
  71
  72 }
  73
  74 # Add a "Broken" case.
  75 push @tests, {
  76     "name" => "sni-session-ticket",
  77     "client" => {
  78         "MaxProtocol" => "TLSv1.2",
  79         "Options" => "SessionTicket",
  80         "extra" => {
  81             "ServerName" => "server1",
  82         }
  83     },
  84     "server" => {
  85         "Options" => "SessionTicket",
  86         "extra" => {
  87               "BrokenSessionTicket" => "Yes",
  88         },
  89     },
  90     "server2" => {
  91         "Options" => "SessionTicket",
  92     },
  93     "test" => {
  94         "ExpectedResult" => "Success",
  95         "SessionTicketExpected" => "No",
  96     }
  97 };
  98
  99 generate_tests();