projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
engines/dasync: add explaining comments about AES-128-CBC-HMAC-SHA1
[openssl.git] / test / ssl-tests / 06-sni-ticket.conf
diff --git a/test/ssl-tests/06-sni-ticket.conf b/test/ssl-tests/06-sni-ticket.conf
index b3bfda0b91ecc7eb6d8aefaf226f0377bdccae4f..a3a9c78f06a236c5f24a40d2d6956cadcb7ea5d4 100644 (file)
--- a/test/ssl-tests/06-sni-ticket.conf
+++ b/test/ssl-tests/06-sni-ticket.conf
@@ -26,8 +26,8 @@ ssl_conf = 0-sni-session-ticket-ssl
 
 [0-sni-session-ticket-ssl]
 server = 0-sni-session-ticket-server
-server2 = 0-sni-session-ticket-server2
 client = 0-sni-session-ticket-client
+server2 = 0-sni-session-ticket-server2
 
 [0-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -43,14 +43,22 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [0-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-0]
 ExpectedResult = Success
+SessionTicketExpected = No
+server = 0-sni-session-ticket-server-extra
+client = 0-sni-session-ticket-client-extra
+
+[0-sni-session-ticket-server-extra]
+BrokenSessionTicket = Yes
+
+[0-sni-session-ticket-client-extra]
 ServerName = server1
-SessionTicketExpected = Broken
 
 
 # ===========================================================
@@ -60,8 +68,8 @@ ssl_conf = 1-sni-session-ticket-ssl
 
 [1-sni-session-ticket-ssl]
 server = 1-sni-session-ticket-server
-server2 = 1-sni-session-ticket-server2
 client = 1-sni-session-ticket-client
+server2 = 1-sni-session-ticket-server2
 
 [1-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -77,6 +85,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [1-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -84,9 +93,16 @@ VerifyMode = Peer
 [test-1]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = Yes
+server = 1-sni-session-ticket-server-extra
+client = 1-sni-session-ticket-client-extra
+
+[1-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[1-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -96,8 +112,8 @@ ssl_conf = 2-sni-session-ticket-ssl
 
 [2-sni-session-ticket-ssl]
 server = 2-sni-session-ticket-server
-server2 = 2-sni-session-ticket-server2
 client = 2-sni-session-ticket-client
+server2 = 2-sni-session-ticket-server2
 
 [2-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -113,6 +129,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [2-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -120,9 +137,16 @@ VerifyMode = Peer
 [test-2]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = Yes
+server = 2-sni-session-ticket-server-extra
+client = 2-sni-session-ticket-client-extra
+
+[2-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[2-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -132,8 +156,8 @@ ssl_conf = 3-sni-session-ticket-ssl
 
 [3-sni-session-ticket-ssl]
 server = 3-sni-session-ticket-server
-server2 = 3-sni-session-ticket-server2
 client = 3-sni-session-ticket-client
+server2 = 3-sni-session-ticket-server2
 
 [3-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -149,6 +173,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [3-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -156,9 +181,16 @@ VerifyMode = Peer
 [test-3]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = Yes
+server = 3-sni-session-ticket-server-extra
+client = 3-sni-session-ticket-client-extra
+
+[3-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[3-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -168,8 +200,8 @@ ssl_conf = 4-sni-session-ticket-ssl
 
 [4-sni-session-ticket-ssl]
 server = 4-sni-session-ticket-server
-server2 = 4-sni-session-ticket-server2
 client = 4-sni-session-ticket-client
+server2 = 4-sni-session-ticket-server2
 
 [4-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -185,6 +217,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [4-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -192,9 +225,16 @@ VerifyMode = Peer
 [test-4]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 4-sni-session-ticket-server-extra
+client = 4-sni-session-ticket-client-extra
+
+[4-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[4-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -204,8 +244,8 @@ ssl_conf = 5-sni-session-ticket-ssl
 
 [5-sni-session-ticket-ssl]
 server = 5-sni-session-ticket-server
-server2 = 5-sni-session-ticket-server2
 client = 5-sni-session-ticket-client
+server2 = 5-sni-session-ticket-server2
 
 [5-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -221,6 +261,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [5-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -228,9 +269,16 @@ VerifyMode = Peer
 [test-5]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 5-sni-session-ticket-server-extra
+client = 5-sni-session-ticket-client-extra
+
+[5-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[5-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -240,8 +288,8 @@ ssl_conf = 6-sni-session-ticket-ssl
 
 [6-sni-session-ticket-ssl]
 server = 6-sni-session-ticket-server
-server2 = 6-sni-session-ticket-server2
 client = 6-sni-session-ticket-client
+server2 = 6-sni-session-ticket-server2
 
 [6-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -257,6 +305,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [6-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -264,9 +313,16 @@ VerifyMode = Peer
 [test-6]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 6-sni-session-ticket-server-extra
+client = 6-sni-session-ticket-client-extra
+
+[6-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[6-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -276,8 +332,8 @@ ssl_conf = 7-sni-session-ticket-ssl
 
 [7-sni-session-ticket-ssl]
 server = 7-sni-session-ticket-server
-server2 = 7-sni-session-ticket-server2
 client = 7-sni-session-ticket-client
+server2 = 7-sni-session-ticket-server2
 
 [7-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -293,6 +349,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [7-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -300,9 +357,16 @@ VerifyMode = Peer
 [test-7]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 7-sni-session-ticket-server-extra
+client = 7-sni-session-ticket-client-extra
+
+[7-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[7-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -312,8 +376,8 @@ ssl_conf = 8-sni-session-ticket-ssl
 
 [8-sni-session-ticket-ssl]
 server = 8-sni-session-ticket-server
-server2 = 8-sni-session-ticket-server2
 client = 8-sni-session-ticket-client
+server2 = 8-sni-session-ticket-server2
 
 [8-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -329,6 +393,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [8-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -336,9 +401,16 @@ VerifyMode = Peer
 [test-8]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 8-sni-session-ticket-server-extra
+client = 8-sni-session-ticket-client-extra
+
+[8-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[8-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -348,8 +420,8 @@ ssl_conf = 9-sni-session-ticket-ssl
 
 [9-sni-session-ticket-ssl]
 server = 9-sni-session-ticket-server
-server2 = 9-sni-session-ticket-server2
 client = 9-sni-session-ticket-client
+server2 = 9-sni-session-ticket-server2
 
 [9-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -365,6 +437,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [9-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -372,9 +445,16 @@ VerifyMode = Peer
 [test-9]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 9-sni-session-ticket-server-extra
+client = 9-sni-session-ticket-client-extra
+
+[9-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[9-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -384,8 +464,8 @@ ssl_conf = 10-sni-session-ticket-ssl
 
 [10-sni-session-ticket-ssl]
 server = 10-sni-session-ticket-server
-server2 = 10-sni-session-ticket-server2
 client = 10-sni-session-ticket-client
+server2 = 10-sni-session-ticket-server2
 
 [10-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -401,6 +481,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [10-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -408,9 +489,16 @@ VerifyMode = Peer
 [test-10]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 10-sni-session-ticket-server-extra
+client = 10-sni-session-ticket-client-extra
+
+[10-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[10-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -420,8 +508,8 @@ ssl_conf = 11-sni-session-ticket-ssl
 
 [11-sni-session-ticket-ssl]
 server = 11-sni-session-ticket-server
-server2 = 11-sni-session-ticket-server2
 client = 11-sni-session-ticket-client
+server2 = 11-sni-session-ticket-server2
 
 [11-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -437,6 +525,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [11-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -444,9 +533,16 @@ VerifyMode = Peer
 [test-11]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 11-sni-session-ticket-server-extra
+client = 11-sni-session-ticket-client-extra
+
+[11-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[11-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -456,8 +552,8 @@ ssl_conf = 12-sni-session-ticket-ssl
 
 [12-sni-session-ticket-ssl]
 server = 12-sni-session-ticket-server
-server2 = 12-sni-session-ticket-server2
 client = 12-sni-session-ticket-client
+server2 = 12-sni-session-ticket-server2
 
 [12-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -473,6 +569,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [12-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -480,9 +577,16 @@ VerifyMode = Peer
 [test-12]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 12-sni-session-ticket-server-extra
+client = 12-sni-session-ticket-client-extra
+
+[12-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[12-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -492,8 +596,8 @@ ssl_conf = 13-sni-session-ticket-ssl
 
 [13-sni-session-ticket-ssl]
 server = 13-sni-session-ticket-server
-server2 = 13-sni-session-ticket-server2
 client = 13-sni-session-ticket-client
+server2 = 13-sni-session-ticket-server2
 
 [13-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -509,6 +613,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [13-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -516,9 +621,16 @@ VerifyMode = Peer
 [test-13]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 13-sni-session-ticket-server-extra
+client = 13-sni-session-ticket-client-extra
+
+[13-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[13-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -528,8 +640,8 @@ ssl_conf = 14-sni-session-ticket-ssl
 
 [14-sni-session-ticket-ssl]
 server = 14-sni-session-ticket-server
-server2 = 14-sni-session-ticket-server2
 client = 14-sni-session-ticket-client
+server2 = 14-sni-session-ticket-server2
 
 [14-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -545,6 +657,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [14-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -552,9 +665,16 @@ VerifyMode = Peer
 [test-14]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 14-sni-session-ticket-server-extra
+client = 14-sni-session-ticket-client-extra
+
+[14-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[14-sni-session-ticket-client-extra]
+ServerName = server2
 
 
 # ===========================================================
@@ -564,8 +684,8 @@ ssl_conf = 15-sni-session-ticket-ssl
 
 [15-sni-session-ticket-ssl]
 server = 15-sni-session-ticket-server
-server2 = 15-sni-session-ticket-server2
 client = 15-sni-session-ticket-client
+server2 = 15-sni-session-ticket-server2
 
 [15-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -581,6 +701,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [15-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -588,9 +709,16 @@ VerifyMode = Peer
 [test-15]
 ExpectedResult = Success
 ExpectedServerName = server1
-ServerName = server1
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 15-sni-session-ticket-server-extra
+client = 15-sni-session-ticket-client-extra
+
+[15-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[15-sni-session-ticket-client-extra]
+ServerName = server1
 
 
 # ===========================================================
@@ -600,8 +728,8 @@ ssl_conf = 16-sni-session-ticket-ssl
 
 [16-sni-session-ticket-ssl]
 server = 16-sni-session-ticket-server
-server2 = 16-sni-session-ticket-server2
 client = 16-sni-session-ticket-client
+server2 = 16-sni-session-ticket-server2
 
 [16-sni-session-ticket-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
@@ -617,6 +745,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
 [16-sni-session-ticket-client]
 CipherString = DEFAULT
+MaxProtocol = TLSv1.2
 Options = -SessionTicket
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
@@ -624,8 +753,15 @@ VerifyMode = Peer
 [test-16]
 ExpectedResult = Success
 ExpectedServerName = server2
-ServerName = server2
-ServerNameCallback = IgnoreMismatch
+SessionIdExpected = Yes
 SessionTicketExpected = No
+server = 16-sni-session-ticket-server-extra
+client = 16-sni-session-ticket-client-extra
+
+[16-sni-session-ticket-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[16-sni-session-ticket-client-extra]
+ServerName = server2
 
 
Unnamed repository; edit this file 'description' to name the repository.