# -*- mode: perl; -*- # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html ## SSL test configurations package ssltests; our @tests = ( # Sanity-check that verification indeed succeeds without the # restrictive callback. { name => "verify-success", server => { }, client => { }, test => { "ExpectedResult" => "Success" }, }, # Same test as above but with a custom callback that always fails. { name => "verify-custom-reject", server => { }, client => { extra => { "VerifyCallback" => "RejectAll", }, }, test => { "ExpectedResult" => "ClientFail", "ExpectedClientAlert" => "HandshakeFailure", }, }, # Same test as above but with a custom callback that always succeeds. { name => "verify-custom-allow", server => { }, client => { extra => { "VerifyCallback" => "AcceptAll", }, }, test => { "ExpectedResult" => "Success", }, }, # Sanity-check that verification indeed succeeds if peer verification # is not requested. { name => "noverify-success", server => { }, client => { "VerifyMode" => undef, "VerifyCAFile" => undef, }, test => { "ExpectedResult" => "Success" }, }, # Same test as above but with a custom callback that always fails. # The callback return has no impact on handshake success in this mode. { name => "noverify-ignore-custom-reject", server => { }, client => { "VerifyMode" => undef, "VerifyCAFile" => undef, extra => { "VerifyCallback" => "RejectAll", }, }, test => { "ExpectedResult" => "Success", }, }, # Same test as above but with a custom callback that always succeeds. # The callback return has no impact on handshake success in this mode. { name => "noverify-accept-custom-allow", server => { }, client => { "VerifyMode" => undef, "VerifyCAFile" => undef, extra => { "VerifyCallback" => "AcceptAll", }, }, test => { "ExpectedResult" => "Success", }, }, # Sanity-check that verification indeed fails without the # permissive callback. { name => "verify-fail-no-root", server => { }, client => { # Don't set up the client root file. "VerifyCAFile" => undef, }, test => { "ExpectedResult" => "ClientFail", "ExpectedClientAlert" => "UnknownCA", }, }, # Same test as above but with a custom callback that always succeeds. { name => "verify-custom-success-no-root", server => { }, client => { "VerifyCAFile" => undef, extra => { "VerifyCallback" => "AcceptAll", }, }, test => { "ExpectedResult" => "Success" }, }, # Same test as above but with a custom callback that always fails. { name => "verify-custom-fail-no-root", server => { }, client => { "VerifyCAFile" => undef, extra => { "VerifyCallback" => "RejectAll", }, }, test => { "ExpectedResult" => "ClientFail", "ExpectedClientAlert" => "HandshakeFailure", }, }, );