X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Fssl_test_ctx.h;h=36d73f752c3e4e374c1bf7db2436d8070fa34ea5;hp=73e223a2d59379740a86488191a503d7c698ebc4;hb=72a7a7021fa8bc82a11bc08bac1b0241a92143d0;hpb=e42c4544c88046a01c53a81aeb9d48685d708cf9 diff --git a/test/ssl_test_ctx.h b/test/ssl_test_ctx.h index 73e223a2d5..36d73f752c 100644 --- a/test/ssl_test_ctx.h +++ b/test/ssl_test_ctx.h @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -38,7 +38,10 @@ typedef enum { typedef enum { SSL_TEST_SERVERNAME_CB_NONE = 0, /* Default */ SSL_TEST_SERVERNAME_IGNORE_MISMATCH, - SSL_TEST_SERVERNAME_REJECT_MISMATCH + SSL_TEST_SERVERNAME_REJECT_MISMATCH, + SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH, + SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH, + SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12 } ssl_servername_callback_t; typedef enum { @@ -48,6 +51,17 @@ typedef enum { SSL_TEST_SESSION_TICKET_BROKEN /* Special test */ } ssl_session_ticket_t; +typedef enum { + SSL_TEST_COMPRESSION_NO = 0, /* Default */ + SSL_TEST_COMPRESSION_YES +} ssl_compression_t; + +typedef enum { + SSL_TEST_SESSION_ID_IGNORE = 0, /* Default */ + SSL_TEST_SESSION_ID_YES, + SSL_TEST_SESSION_ID_NO +} ssl_session_id_t; + typedef enum { SSL_TEST_METHOD_TLS = 0, /* Default */ SSL_TEST_METHOD_DTLS @@ -56,7 +70,11 @@ typedef enum { typedef enum { SSL_TEST_HANDSHAKE_SIMPLE = 0, /* Default */ SSL_TEST_HANDSHAKE_RESUME, - SSL_TEST_HANDSHAKE_RENEGOTIATE + SSL_TEST_HANDSHAKE_RENEG_SERVER, + SSL_TEST_HANDSHAKE_RENEG_CLIENT, + SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER, + SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT, + SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH } ssl_handshake_mode_t; typedef enum { @@ -70,6 +88,7 @@ typedef enum { SSL_TEST_CERT_STATUS_GOOD_RESPONSE, SSL_TEST_CERT_STATUS_BAD_RESPONSE } ssl_cert_status_t; + /* * Server/client settings that aren't supported by the SSL CONF library, * such as callbacks. @@ -79,10 +98,18 @@ typedef struct { ssl_verify_callback_t verify_callback; /* One of a number of predefined server names use by the client */ ssl_servername_t servername; + /* Maximum Fragment Length extension mode */ + int max_fragment_len_mode; /* Supported NPN and ALPN protocols. A comma-separated list. */ char *npn_protocols; char *alpn_protocols; ssl_ct_validation_t ct_validation; + /* Ciphersuites to set on a renegotiation */ + char *reneg_ciphers; + char *srp_user; + char *srp_password; + /* PHA enabled */ + int enable_pha; } SSL_TEST_CLIENT_CONF; typedef struct { @@ -95,6 +122,12 @@ typedef struct { int broken_session_ticket; /* Should we send a CertStatus message? */ ssl_cert_status_t cert_status; + /* An SRP user known to the server. */ + char *srp_user; + char *srp_password; + /* Forced PHA */ + int force_pha; + char *session_ticket_app_data; } SSL_TEST_SERVER_CONF; typedef struct { @@ -118,6 +151,8 @@ typedef struct { int app_data_size; /* Maximum send fragment size. */ int max_fragment_size; + /* KeyUpdate type */ + int key_update_type; /* * Extra server/client configurations. Per-handshake. @@ -153,11 +188,41 @@ typedef struct { */ ssl_servername_t expected_servername; ssl_session_ticket_t session_ticket_expected; + int compression_expected; /* The expected NPN/ALPN protocol to negotiate. */ char *expected_npn_protocol; char *expected_alpn_protocol; /* Whether the second handshake is resumed or a full handshake (boolean). */ int resumption_expected; + /* Expected temporary key type */ + int expected_tmp_key_type; + /* Expected server certificate key type */ + int expected_server_cert_type; + /* Expected server signing hash */ + int expected_server_sign_hash; + /* Expected server signature type */ + int expected_server_sign_type; + /* Expected server CA names */ + STACK_OF(X509_NAME) *expected_server_ca_names; + /* Expected client certificate key type */ + int expected_client_cert_type; + /* Expected client signing hash */ + int expected_client_sign_hash; + /* Expected client signature type */ + int expected_client_sign_type; + /* Expected CA names for client auth */ + STACK_OF(X509_NAME) *expected_client_ca_names; + /* Whether to use SCTP for the transport */ + int use_sctp; + /* Enable SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG on client side */ + int enable_client_sctp_label_bug; + /* Enable SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG on server side */ + int enable_server_sctp_label_bug; + /* Whether to expect a session id from the server */ + ssl_session_id_t session_id_expected; + char *expected_cipher; + /* Expected Session Ticket Application Data */ + char *expected_session_ticket_app_data; } SSL_TEST_CTX; const char *ssl_test_result_name(ssl_test_result_t result); @@ -168,10 +233,12 @@ const char *ssl_servername_name(ssl_servername_t server); const char *ssl_servername_callback_name(ssl_servername_callback_t servername_callback); const char *ssl_session_ticket_name(ssl_session_ticket_t server); +const char *ssl_session_id_name(ssl_session_id_t server); const char *ssl_test_method_name(ssl_test_method_t method); const char *ssl_handshake_mode_name(ssl_handshake_mode_t mode); const char *ssl_ct_validation_name(ssl_ct_validation_t mode); const char *ssl_certstatus_name(ssl_cert_status_t cert_status); +const char *ssl_max_fragment_len_name(int MFL_mode); /* * Load the test case context from |conf|.