Lines Matching +full:send +full:- +full:empty
4 SSL testcases are configured in the `ssl-tests` directory.
12 However, for verification, we also include checked-in configuration outputs
14 `test/ssl-tests/*.cnf` files.
16 For more details, see `ssl-tests/01-simple.cnf.in` for an example.
19 --------------------
26 name => "test-default",
36 * Method - the method to test. One of DTLS or TLS.
38 * HandshakeMode - which handshake flavour to test:
39 - Simple - plain handshake (default)
40 - Resume - test resumption
41 - RenegotiateServer - test server initiated renegotiation
42 - RenegotiateClient - test client initiated renegotiation
48 * ApplicationData - amount of application data bytes to send (integer, defaults
53 * MaxFragmentSize - maximum send fragment size (integer, defaults to 512 in
54 tests - see `SSL_CTX_set_max_send_fragment` for documentation). Applies to
58 four times as large as the maximum fragment, interleaved multi-buffer crypto
63 * ExpectedResult - expected handshake outcome. One of
64 - Success - handshake success
65 - ServerFail - serverside handshake failure
66 - ClientFail - clientside handshake failure
67 - InternalError - some other error
69 * ExpectedClientAlert, ExpectedServerAlert - expected alert. See
76 * ExpectedProtocol - expected negotiated protocol. One of
79 * SessionTicketExpected - whether or not a session ticket is expected
80 - Ignore - do not check for a session ticket (default)
81 - Yes - a session ticket is expected
82 - No - a session ticket is not expected
84 * SessionIdExpected - whether or not a session id is expected
85 - Ignore - do not check for a session id (default)
86 - Yes - a session id is expected
87 - No - a session id is not expected
89 * ResumptionExpected - whether or not resumption is expected (Resume mode only)
90 - Yes - resumed handshake
91 - No - full handshake (default)
93 * ExpectedNPNProtocol, ExpectedALPNProtocol - NPN and ALPN expectations.
95 * ExpectedTmpKeyType - the expected algorithm or curve of server temp key
97 * ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or
100 * ExpectedServerSignHash, ExpectedClientSignHash - the expected
103 * ExpectedServerSignType, ExpectedClientSignType - the expected
106 * ExpectedClientCANames - for client auth list of CA names the server must
107 send. If this is "empty" the list is expected to be empty otherwise it
110 * ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only.
111 If this is "empty" the list is expected to be empty otherwise it is a file
115 ---------------------------------
129 * server2 - this section configures a secondary context that is selected via the
133 * resume_server - this section configures the client to resume its session
137 * resume_client - this section configures the client to resume its session with
155 #### Supported client-side options
157 * ClientVerifyCallback - the client's custom certificate verify callback.
159 - None - no custom callback (default)
160 - AcceptAll - accepts all certificates.
161 - RejectAll - rejects all certificates.
163 * ServerName - the server the client should attempt to connect to. One of
164 - None - do not use SNI (default)
165 - server1 - the initial context
166 - server2 - the secondary context
167 - invalid - an unknown context
169 * CTValidation - Certificate Transparency validation strategy. One of
170 - None - no validation (default)
171 - Permissive - SSL_CT_VALIDATION_PERMISSIVE
172 - Strict - SSL_CT_VALIDATION_STRICT
174 #### Supported server-side options
176 * ServerNameCallback - the SNI switching callback to use
177 - None - no callback (default)
178 - IgnoreMismatch - continue the handshake on SNI mismatch
179 - RejectMismatch - abort the handshake on SNI mismatch
181 * BrokenSessionTicket - a special test case where the session ticket callback
183 - No (default)
184 - Yes
188 * NPNProtocols, ALPNProtocols - NPN and ALPN settings. Server and client
189 protocols can be specified as a comma-separated list, and a callback with the
192 * SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to
213 ---------------------------------
215 1. Add a new test configuration to `test/ssl-tests`, following the examples of
216 existing `*.cnf.in` files (for example, `01-simple.cnf.in`).
223 $ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl \
224 ssl-tests/my.cnf.in default > ssl-tests/my.cnf
227 For all the pre-generated test files you should use the default provider.
229 For example, to generate the test cases in `ssl-tests/01-simple.cnf.in`, do
231 $ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl \
232 ssl-tests/01-simple.cnf.in default > ssl-tests/01-simple.cnf
238 in `test/recipes/80-test_ssl_new.t` and run
244 3. Update the number of tests planned in `test/recipes/80-test_ssl_new.t`. If
246 `test/recipes/80-test_ssl_new.t` for details).
249 ---------------------------------------
254 -----------------------
264 test/ssl-tests/01-simple.cnf default
269 util/wrap.pl test/ssl_test test/ssl-tests/01-simple.cnf default
275 protocols: a build with `enable-ssl3` has different test expectations than a
276 build with `no-ssl3`.
282 of the generated `test/ssl-tests/*.cnf` correspond to expected outputs in with