1*e0c4386eSCy Schubert# Generated with generate_ssl_tests.pl 2*e0c4386eSCy Schubert 3*e0c4386eSCy Schubertnum_tests = 9 4*e0c4386eSCy Schubert 5*e0c4386eSCy Schuberttest-0 = 0-SNI-switch-context 6*e0c4386eSCy Schuberttest-1 = 1-SNI-keep-context 7*e0c4386eSCy Schuberttest-2 = 2-SNI-no-server-support 8*e0c4386eSCy Schuberttest-3 = 3-SNI-no-client-support 9*e0c4386eSCy Schuberttest-4 = 4-SNI-bad-sni-ignore-mismatch 10*e0c4386eSCy Schuberttest-5 = 5-SNI-bad-sni-reject-mismatch 11*e0c4386eSCy Schuberttest-6 = 6-SNI-bad-clienthello-sni-ignore-mismatch 12*e0c4386eSCy Schuberttest-7 = 7-SNI-bad-clienthello-sni-reject-mismatch 13*e0c4386eSCy Schuberttest-8 = 8-SNI-clienthello-disable-v12 14*e0c4386eSCy Schubert# =========================================================== 15*e0c4386eSCy Schubert 16*e0c4386eSCy Schubert[0-SNI-switch-context] 17*e0c4386eSCy Schubertssl_conf = 0-SNI-switch-context-ssl 18*e0c4386eSCy Schubert 19*e0c4386eSCy Schubert[0-SNI-switch-context-ssl] 20*e0c4386eSCy Schubertserver = 0-SNI-switch-context-server 21*e0c4386eSCy Schubertclient = 0-SNI-switch-context-client 22*e0c4386eSCy Schubertserver2 = 0-SNI-switch-context-server 23*e0c4386eSCy Schubert 24*e0c4386eSCy Schubert[0-SNI-switch-context-server] 25*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 26*e0c4386eSCy SchubertCipherString = DEFAULT 27*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 28*e0c4386eSCy Schubert 29*e0c4386eSCy Schubert[0-SNI-switch-context-client] 30*e0c4386eSCy SchubertCipherString = DEFAULT 31*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 32*e0c4386eSCy SchubertVerifyMode = Peer 33*e0c4386eSCy Schubert 34*e0c4386eSCy Schubert[test-0] 35*e0c4386eSCy SchubertExpectedResult = Success 36*e0c4386eSCy SchubertExpectedServerName = server2 37*e0c4386eSCy Schubertserver = 0-SNI-switch-context-server-extra 38*e0c4386eSCy Schubertserver2 = 0-SNI-switch-context-server-extra 39*e0c4386eSCy Schubertclient = 0-SNI-switch-context-client-extra 40*e0c4386eSCy Schubert 41*e0c4386eSCy Schubert[0-SNI-switch-context-server-extra] 42*e0c4386eSCy SchubertServerNameCallback = IgnoreMismatch 43*e0c4386eSCy Schubert 44*e0c4386eSCy Schubert[0-SNI-switch-context-client-extra] 45*e0c4386eSCy SchubertServerName = server2 46*e0c4386eSCy Schubert 47*e0c4386eSCy Schubert 48*e0c4386eSCy Schubert# =========================================================== 49*e0c4386eSCy Schubert 50*e0c4386eSCy Schubert[1-SNI-keep-context] 51*e0c4386eSCy Schubertssl_conf = 1-SNI-keep-context-ssl 52*e0c4386eSCy Schubert 53*e0c4386eSCy Schubert[1-SNI-keep-context-ssl] 54*e0c4386eSCy Schubertserver = 1-SNI-keep-context-server 55*e0c4386eSCy Schubertclient = 1-SNI-keep-context-client 56*e0c4386eSCy Schubertserver2 = 1-SNI-keep-context-server 57*e0c4386eSCy Schubert 58*e0c4386eSCy Schubert[1-SNI-keep-context-server] 59*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 60*e0c4386eSCy SchubertCipherString = DEFAULT 61*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 62*e0c4386eSCy Schubert 63*e0c4386eSCy Schubert[1-SNI-keep-context-client] 64*e0c4386eSCy SchubertCipherString = DEFAULT 65*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 66*e0c4386eSCy SchubertVerifyMode = Peer 67*e0c4386eSCy Schubert 68*e0c4386eSCy Schubert[test-1] 69*e0c4386eSCy SchubertExpectedResult = Success 70*e0c4386eSCy SchubertExpectedServerName = server1 71*e0c4386eSCy Schubertserver = 1-SNI-keep-context-server-extra 72*e0c4386eSCy Schubertserver2 = 1-SNI-keep-context-server-extra 73*e0c4386eSCy Schubertclient = 1-SNI-keep-context-client-extra 74*e0c4386eSCy Schubert 75*e0c4386eSCy Schubert[1-SNI-keep-context-server-extra] 76*e0c4386eSCy SchubertServerNameCallback = IgnoreMismatch 77*e0c4386eSCy Schubert 78*e0c4386eSCy Schubert[1-SNI-keep-context-client-extra] 79*e0c4386eSCy SchubertServerName = server1 80*e0c4386eSCy Schubert 81*e0c4386eSCy Schubert 82*e0c4386eSCy Schubert# =========================================================== 83*e0c4386eSCy Schubert 84*e0c4386eSCy Schubert[2-SNI-no-server-support] 85*e0c4386eSCy Schubertssl_conf = 2-SNI-no-server-support-ssl 86*e0c4386eSCy Schubert 87*e0c4386eSCy Schubert[2-SNI-no-server-support-ssl] 88*e0c4386eSCy Schubertserver = 2-SNI-no-server-support-server 89*e0c4386eSCy Schubertclient = 2-SNI-no-server-support-client 90*e0c4386eSCy Schubert 91*e0c4386eSCy Schubert[2-SNI-no-server-support-server] 92*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 93*e0c4386eSCy SchubertCipherString = DEFAULT 94*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 95*e0c4386eSCy Schubert 96*e0c4386eSCy Schubert[2-SNI-no-server-support-client] 97*e0c4386eSCy SchubertCipherString = DEFAULT 98*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 99*e0c4386eSCy SchubertVerifyMode = Peer 100*e0c4386eSCy Schubert 101*e0c4386eSCy Schubert[test-2] 102*e0c4386eSCy SchubertExpectedResult = Success 103*e0c4386eSCy Schubertclient = 2-SNI-no-server-support-client-extra 104*e0c4386eSCy Schubert 105*e0c4386eSCy Schubert[2-SNI-no-server-support-client-extra] 106*e0c4386eSCy SchubertServerName = server1 107*e0c4386eSCy Schubert 108*e0c4386eSCy Schubert 109*e0c4386eSCy Schubert# =========================================================== 110*e0c4386eSCy Schubert 111*e0c4386eSCy Schubert[3-SNI-no-client-support] 112*e0c4386eSCy Schubertssl_conf = 3-SNI-no-client-support-ssl 113*e0c4386eSCy Schubert 114*e0c4386eSCy Schubert[3-SNI-no-client-support-ssl] 115*e0c4386eSCy Schubertserver = 3-SNI-no-client-support-server 116*e0c4386eSCy Schubertclient = 3-SNI-no-client-support-client 117*e0c4386eSCy Schubertserver2 = 3-SNI-no-client-support-server 118*e0c4386eSCy Schubert 119*e0c4386eSCy Schubert[3-SNI-no-client-support-server] 120*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 121*e0c4386eSCy SchubertCipherString = DEFAULT 122*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 123*e0c4386eSCy Schubert 124*e0c4386eSCy Schubert[3-SNI-no-client-support-client] 125*e0c4386eSCy SchubertCipherString = DEFAULT 126*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 127*e0c4386eSCy SchubertVerifyMode = Peer 128*e0c4386eSCy Schubert 129*e0c4386eSCy Schubert[test-3] 130*e0c4386eSCy SchubertExpectedResult = Success 131*e0c4386eSCy SchubertExpectedServerName = server1 132*e0c4386eSCy Schubertserver = 3-SNI-no-client-support-server-extra 133*e0c4386eSCy Schubertserver2 = 3-SNI-no-client-support-server-extra 134*e0c4386eSCy Schubert 135*e0c4386eSCy Schubert[3-SNI-no-client-support-server-extra] 136*e0c4386eSCy SchubertServerNameCallback = IgnoreMismatch 137*e0c4386eSCy Schubert 138*e0c4386eSCy Schubert 139*e0c4386eSCy Schubert# =========================================================== 140*e0c4386eSCy Schubert 141*e0c4386eSCy Schubert[4-SNI-bad-sni-ignore-mismatch] 142*e0c4386eSCy Schubertssl_conf = 4-SNI-bad-sni-ignore-mismatch-ssl 143*e0c4386eSCy Schubert 144*e0c4386eSCy Schubert[4-SNI-bad-sni-ignore-mismatch-ssl] 145*e0c4386eSCy Schubertserver = 4-SNI-bad-sni-ignore-mismatch-server 146*e0c4386eSCy Schubertclient = 4-SNI-bad-sni-ignore-mismatch-client 147*e0c4386eSCy Schubertserver2 = 4-SNI-bad-sni-ignore-mismatch-server 148*e0c4386eSCy Schubert 149*e0c4386eSCy Schubert[4-SNI-bad-sni-ignore-mismatch-server] 150*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 151*e0c4386eSCy SchubertCipherString = DEFAULT 152*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 153*e0c4386eSCy Schubert 154*e0c4386eSCy Schubert[4-SNI-bad-sni-ignore-mismatch-client] 155*e0c4386eSCy SchubertCipherString = DEFAULT 156*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 157*e0c4386eSCy SchubertVerifyMode = Peer 158*e0c4386eSCy Schubert 159*e0c4386eSCy Schubert[test-4] 160*e0c4386eSCy SchubertExpectedResult = Success 161*e0c4386eSCy SchubertExpectedServerName = server1 162*e0c4386eSCy Schubertserver = 4-SNI-bad-sni-ignore-mismatch-server-extra 163*e0c4386eSCy Schubertserver2 = 4-SNI-bad-sni-ignore-mismatch-server-extra 164*e0c4386eSCy Schubertclient = 4-SNI-bad-sni-ignore-mismatch-client-extra 165*e0c4386eSCy Schubert 166*e0c4386eSCy Schubert[4-SNI-bad-sni-ignore-mismatch-server-extra] 167*e0c4386eSCy SchubertServerNameCallback = IgnoreMismatch 168*e0c4386eSCy Schubert 169*e0c4386eSCy Schubert[4-SNI-bad-sni-ignore-mismatch-client-extra] 170*e0c4386eSCy SchubertServerName = invalid 171*e0c4386eSCy Schubert 172*e0c4386eSCy Schubert 173*e0c4386eSCy Schubert# =========================================================== 174*e0c4386eSCy Schubert 175*e0c4386eSCy Schubert[5-SNI-bad-sni-reject-mismatch] 176*e0c4386eSCy Schubertssl_conf = 5-SNI-bad-sni-reject-mismatch-ssl 177*e0c4386eSCy Schubert 178*e0c4386eSCy Schubert[5-SNI-bad-sni-reject-mismatch-ssl] 179*e0c4386eSCy Schubertserver = 5-SNI-bad-sni-reject-mismatch-server 180*e0c4386eSCy Schubertclient = 5-SNI-bad-sni-reject-mismatch-client 181*e0c4386eSCy Schubertserver2 = 5-SNI-bad-sni-reject-mismatch-server 182*e0c4386eSCy Schubert 183*e0c4386eSCy Schubert[5-SNI-bad-sni-reject-mismatch-server] 184*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 185*e0c4386eSCy SchubertCipherString = DEFAULT 186*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 187*e0c4386eSCy Schubert 188*e0c4386eSCy Schubert[5-SNI-bad-sni-reject-mismatch-client] 189*e0c4386eSCy SchubertCipherString = DEFAULT 190*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 191*e0c4386eSCy SchubertVerifyMode = Peer 192*e0c4386eSCy Schubert 193*e0c4386eSCy Schubert[test-5] 194*e0c4386eSCy SchubertExpectedResult = ServerFail 195*e0c4386eSCy SchubertExpectedServerAlert = UnrecognizedName 196*e0c4386eSCy Schubertserver = 5-SNI-bad-sni-reject-mismatch-server-extra 197*e0c4386eSCy Schubertserver2 = 5-SNI-bad-sni-reject-mismatch-server-extra 198*e0c4386eSCy Schubertclient = 5-SNI-bad-sni-reject-mismatch-client-extra 199*e0c4386eSCy Schubert 200*e0c4386eSCy Schubert[5-SNI-bad-sni-reject-mismatch-server-extra] 201*e0c4386eSCy SchubertServerNameCallback = RejectMismatch 202*e0c4386eSCy Schubert 203*e0c4386eSCy Schubert[5-SNI-bad-sni-reject-mismatch-client-extra] 204*e0c4386eSCy SchubertServerName = invalid 205*e0c4386eSCy Schubert 206*e0c4386eSCy Schubert 207*e0c4386eSCy Schubert# =========================================================== 208*e0c4386eSCy Schubert 209*e0c4386eSCy Schubert[6-SNI-bad-clienthello-sni-ignore-mismatch] 210*e0c4386eSCy Schubertssl_conf = 6-SNI-bad-clienthello-sni-ignore-mismatch-ssl 211*e0c4386eSCy Schubert 212*e0c4386eSCy Schubert[6-SNI-bad-clienthello-sni-ignore-mismatch-ssl] 213*e0c4386eSCy Schubertserver = 6-SNI-bad-clienthello-sni-ignore-mismatch-server 214*e0c4386eSCy Schubertclient = 6-SNI-bad-clienthello-sni-ignore-mismatch-client 215*e0c4386eSCy Schubertserver2 = 6-SNI-bad-clienthello-sni-ignore-mismatch-server 216*e0c4386eSCy Schubert 217*e0c4386eSCy Schubert[6-SNI-bad-clienthello-sni-ignore-mismatch-server] 218*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 219*e0c4386eSCy SchubertCipherString = DEFAULT 220*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 221*e0c4386eSCy Schubert 222*e0c4386eSCy Schubert[6-SNI-bad-clienthello-sni-ignore-mismatch-client] 223*e0c4386eSCy SchubertCipherString = DEFAULT 224*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 225*e0c4386eSCy SchubertVerifyMode = Peer 226*e0c4386eSCy Schubert 227*e0c4386eSCy Schubert[test-6] 228*e0c4386eSCy SchubertExpectedResult = Success 229*e0c4386eSCy SchubertExpectedServerName = server1 230*e0c4386eSCy Schubertserver = 6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra 231*e0c4386eSCy Schubertserver2 = 6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra 232*e0c4386eSCy Schubertclient = 6-SNI-bad-clienthello-sni-ignore-mismatch-client-extra 233*e0c4386eSCy Schubert 234*e0c4386eSCy Schubert[6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra] 235*e0c4386eSCy SchubertServerNameCallback = ClientHelloIgnoreMismatch 236*e0c4386eSCy Schubert 237*e0c4386eSCy Schubert[6-SNI-bad-clienthello-sni-ignore-mismatch-client-extra] 238*e0c4386eSCy SchubertServerName = invalid 239*e0c4386eSCy Schubert 240*e0c4386eSCy Schubert 241*e0c4386eSCy Schubert# =========================================================== 242*e0c4386eSCy Schubert 243*e0c4386eSCy Schubert[7-SNI-bad-clienthello-sni-reject-mismatch] 244*e0c4386eSCy Schubertssl_conf = 7-SNI-bad-clienthello-sni-reject-mismatch-ssl 245*e0c4386eSCy Schubert 246*e0c4386eSCy Schubert[7-SNI-bad-clienthello-sni-reject-mismatch-ssl] 247*e0c4386eSCy Schubertserver = 7-SNI-bad-clienthello-sni-reject-mismatch-server 248*e0c4386eSCy Schubertclient = 7-SNI-bad-clienthello-sni-reject-mismatch-client 249*e0c4386eSCy Schubertserver2 = 7-SNI-bad-clienthello-sni-reject-mismatch-server 250*e0c4386eSCy Schubert 251*e0c4386eSCy Schubert[7-SNI-bad-clienthello-sni-reject-mismatch-server] 252*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 253*e0c4386eSCy SchubertCipherString = DEFAULT 254*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 255*e0c4386eSCy Schubert 256*e0c4386eSCy Schubert[7-SNI-bad-clienthello-sni-reject-mismatch-client] 257*e0c4386eSCy SchubertCipherString = DEFAULT 258*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 259*e0c4386eSCy SchubertVerifyMode = Peer 260*e0c4386eSCy Schubert 261*e0c4386eSCy Schubert[test-7] 262*e0c4386eSCy SchubertExpectedResult = ServerFail 263*e0c4386eSCy SchubertExpectedServerAlert = UnrecognizedName 264*e0c4386eSCy Schubertserver = 7-SNI-bad-clienthello-sni-reject-mismatch-server-extra 265*e0c4386eSCy Schubertserver2 = 7-SNI-bad-clienthello-sni-reject-mismatch-server-extra 266*e0c4386eSCy Schubertclient = 7-SNI-bad-clienthello-sni-reject-mismatch-client-extra 267*e0c4386eSCy Schubert 268*e0c4386eSCy Schubert[7-SNI-bad-clienthello-sni-reject-mismatch-server-extra] 269*e0c4386eSCy SchubertServerNameCallback = ClientHelloRejectMismatch 270*e0c4386eSCy Schubert 271*e0c4386eSCy Schubert[7-SNI-bad-clienthello-sni-reject-mismatch-client-extra] 272*e0c4386eSCy SchubertServerName = invalid 273*e0c4386eSCy Schubert 274*e0c4386eSCy Schubert 275*e0c4386eSCy Schubert# =========================================================== 276*e0c4386eSCy Schubert 277*e0c4386eSCy Schubert[8-SNI-clienthello-disable-v12] 278*e0c4386eSCy Schubertssl_conf = 8-SNI-clienthello-disable-v12-ssl 279*e0c4386eSCy Schubert 280*e0c4386eSCy Schubert[8-SNI-clienthello-disable-v12-ssl] 281*e0c4386eSCy Schubertserver = 8-SNI-clienthello-disable-v12-server 282*e0c4386eSCy Schubertclient = 8-SNI-clienthello-disable-v12-client 283*e0c4386eSCy Schubertserver2 = 8-SNI-clienthello-disable-v12-server 284*e0c4386eSCy Schubert 285*e0c4386eSCy Schubert[8-SNI-clienthello-disable-v12-server] 286*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 287*e0c4386eSCy SchubertCipherString = DEFAULT:@SECLEVEL=0 288*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 289*e0c4386eSCy Schubert 290*e0c4386eSCy Schubert[8-SNI-clienthello-disable-v12-client] 291*e0c4386eSCy SchubertCipherString = DEFAULT:@SECLEVEL=0 292*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 293*e0c4386eSCy SchubertVerifyMode = Peer 294*e0c4386eSCy Schubert 295*e0c4386eSCy Schubert[test-8] 296*e0c4386eSCy SchubertExpectedProtocol = TLSv1.1 297*e0c4386eSCy SchubertExpectedServerName = server2 298*e0c4386eSCy Schubertserver = 8-SNI-clienthello-disable-v12-server-extra 299*e0c4386eSCy Schubertserver2 = 8-SNI-clienthello-disable-v12-server-extra 300*e0c4386eSCy Schubertclient = 8-SNI-clienthello-disable-v12-client-extra 301*e0c4386eSCy Schubert 302*e0c4386eSCy Schubert[8-SNI-clienthello-disable-v12-server-extra] 303*e0c4386eSCy SchubertServerNameCallback = ClientHelloNoV12 304*e0c4386eSCy Schubert 305*e0c4386eSCy Schubert[8-SNI-clienthello-disable-v12-client-extra] 306*e0c4386eSCy SchubertServerName = server2 307*e0c4386eSCy Schubert 308*e0c4386eSCy Schubert 309