xref: /freebsd/crypto/openssl/test/ssl-tests/08-npn.cnf (revision a7148ab39c03abd4d1a84997c70bf96f15dd2a09)
1# Generated with generate_ssl_tests.pl
2
3num_tests = 22
4
5test-0 = 0-npn-simple
6test-1 = 1-npn-client-finds-match
7test-2 = 2-npn-client-honours-server-pref
8test-3 = 3-npn-client-first-pref-on-mismatch
9test-4 = 4-npn-no-server-support
10test-5 = 5-npn-no-client-support
11test-6 = 6-npn-empty-client-list
12test-7 = 7-npn-empty-server-list
13test-8 = 8-npn-with-sni-no-context-switch
14test-9 = 9-npn-with-sni-context-switch
15test-10 = 10-npn-selected-sni-server-supports-npn
16test-11 = 11-npn-selected-sni-server-does-not-support-npn
17test-12 = 12-alpn-preferred-over-npn
18test-13 = 13-sni-npn-preferred-over-alpn
19test-14 = 14-npn-simple-resumption
20test-15 = 15-npn-server-switch-resumption
21test-16 = 16-npn-client-switch-resumption
22test-17 = 17-npn-client-first-pref-on-mismatch-resumption
23test-18 = 18-npn-no-server-support-resumption
24test-19 = 19-npn-no-client-support-resumption
25test-20 = 20-alpn-preferred-over-npn-resumption
26test-21 = 21-npn-used-if-alpn-not-supported-resumption
27# ===========================================================
28
29[0-npn-simple]
30ssl_conf = 0-npn-simple-ssl
31
32[0-npn-simple-ssl]
33server = 0-npn-simple-server
34client = 0-npn-simple-client
35
36[0-npn-simple-server]
37Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
38CipherString = DEFAULT
39PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
40
41[0-npn-simple-client]
42CipherString = DEFAULT
43MaxProtocol = TLSv1.2
44VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
45VerifyMode = Peer
46
47[test-0]
48ExpectedNPNProtocol = foo
49server = 0-npn-simple-server-extra
50client = 0-npn-simple-client-extra
51
52[0-npn-simple-server-extra]
53NPNProtocols = foo
54
55[0-npn-simple-client-extra]
56NPNProtocols = foo
57
58
59# ===========================================================
60
61[1-npn-client-finds-match]
62ssl_conf = 1-npn-client-finds-match-ssl
63
64[1-npn-client-finds-match-ssl]
65server = 1-npn-client-finds-match-server
66client = 1-npn-client-finds-match-client
67
68[1-npn-client-finds-match-server]
69Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
70CipherString = DEFAULT
71PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
72
73[1-npn-client-finds-match-client]
74CipherString = DEFAULT
75MaxProtocol = TLSv1.2
76VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
77VerifyMode = Peer
78
79[test-1]
80ExpectedNPNProtocol = bar
81server = 1-npn-client-finds-match-server-extra
82client = 1-npn-client-finds-match-client-extra
83
84[1-npn-client-finds-match-server-extra]
85NPNProtocols = baz,bar
86
87[1-npn-client-finds-match-client-extra]
88NPNProtocols = foo,bar
89
90
91# ===========================================================
92
93[2-npn-client-honours-server-pref]
94ssl_conf = 2-npn-client-honours-server-pref-ssl
95
96[2-npn-client-honours-server-pref-ssl]
97server = 2-npn-client-honours-server-pref-server
98client = 2-npn-client-honours-server-pref-client
99
100[2-npn-client-honours-server-pref-server]
101Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
102CipherString = DEFAULT
103PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
104
105[2-npn-client-honours-server-pref-client]
106CipherString = DEFAULT
107MaxProtocol = TLSv1.2
108VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
109VerifyMode = Peer
110
111[test-2]
112ExpectedNPNProtocol = bar
113server = 2-npn-client-honours-server-pref-server-extra
114client = 2-npn-client-honours-server-pref-client-extra
115
116[2-npn-client-honours-server-pref-server-extra]
117NPNProtocols = bar,foo
118
119[2-npn-client-honours-server-pref-client-extra]
120NPNProtocols = foo,bar
121
122
123# ===========================================================
124
125[3-npn-client-first-pref-on-mismatch]
126ssl_conf = 3-npn-client-first-pref-on-mismatch-ssl
127
128[3-npn-client-first-pref-on-mismatch-ssl]
129server = 3-npn-client-first-pref-on-mismatch-server
130client = 3-npn-client-first-pref-on-mismatch-client
131
132[3-npn-client-first-pref-on-mismatch-server]
133Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
134CipherString = DEFAULT
135PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
136
137[3-npn-client-first-pref-on-mismatch-client]
138CipherString = DEFAULT
139MaxProtocol = TLSv1.2
140VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
141VerifyMode = Peer
142
143[test-3]
144ExpectedNPNProtocol = foo
145server = 3-npn-client-first-pref-on-mismatch-server-extra
146client = 3-npn-client-first-pref-on-mismatch-client-extra
147
148[3-npn-client-first-pref-on-mismatch-server-extra]
149NPNProtocols = baz
150
151[3-npn-client-first-pref-on-mismatch-client-extra]
152NPNProtocols = foo,bar
153
154
155# ===========================================================
156
157[4-npn-no-server-support]
158ssl_conf = 4-npn-no-server-support-ssl
159
160[4-npn-no-server-support-ssl]
161server = 4-npn-no-server-support-server
162client = 4-npn-no-server-support-client
163
164[4-npn-no-server-support-server]
165Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
166CipherString = DEFAULT
167PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
168
169[4-npn-no-server-support-client]
170CipherString = DEFAULT
171MaxProtocol = TLSv1.2
172VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
173VerifyMode = Peer
174
175[test-4]
176client = 4-npn-no-server-support-client-extra
177
178[4-npn-no-server-support-client-extra]
179NPNProtocols = foo
180
181
182# ===========================================================
183
184[5-npn-no-client-support]
185ssl_conf = 5-npn-no-client-support-ssl
186
187[5-npn-no-client-support-ssl]
188server = 5-npn-no-client-support-server
189client = 5-npn-no-client-support-client
190
191[5-npn-no-client-support-server]
192Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
193CipherString = DEFAULT
194PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
195
196[5-npn-no-client-support-client]
197CipherString = DEFAULT
198MaxProtocol = TLSv1.2
199VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
200VerifyMode = Peer
201
202[test-5]
203server = 5-npn-no-client-support-server-extra
204
205[5-npn-no-client-support-server-extra]
206NPNProtocols = foo
207
208
209# ===========================================================
210
211[6-npn-empty-client-list]
212ssl_conf = 6-npn-empty-client-list-ssl
213
214[6-npn-empty-client-list-ssl]
215server = 6-npn-empty-client-list-server
216client = 6-npn-empty-client-list-client
217
218[6-npn-empty-client-list-server]
219Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
220CipherString = DEFAULT
221PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
222
223[6-npn-empty-client-list-client]
224CipherString = DEFAULT
225MaxProtocol = TLSv1.2
226VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
227VerifyMode = Peer
228
229[test-6]
230ExpectedClientAlert = HandshakeFailure
231ExpectedResult = ClientFail
232server = 6-npn-empty-client-list-server-extra
233client = 6-npn-empty-client-list-client-extra
234
235[6-npn-empty-client-list-server-extra]
236NPNProtocols = foo
237
238[6-npn-empty-client-list-client-extra]
239NPNProtocols =
240
241
242# ===========================================================
243
244[7-npn-empty-server-list]
245ssl_conf = 7-npn-empty-server-list-ssl
246
247[7-npn-empty-server-list-ssl]
248server = 7-npn-empty-server-list-server
249client = 7-npn-empty-server-list-client
250
251[7-npn-empty-server-list-server]
252Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
253CipherString = DEFAULT
254PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
255
256[7-npn-empty-server-list-client]
257CipherString = DEFAULT
258MaxProtocol = TLSv1.2
259VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
260VerifyMode = Peer
261
262[test-7]
263ExpectedNPNProtocol = foo
264server = 7-npn-empty-server-list-server-extra
265client = 7-npn-empty-server-list-client-extra
266
267[7-npn-empty-server-list-server-extra]
268NPNProtocols =
269
270[7-npn-empty-server-list-client-extra]
271NPNProtocols = foo
272
273
274# ===========================================================
275
276[8-npn-with-sni-no-context-switch]
277ssl_conf = 8-npn-with-sni-no-context-switch-ssl
278
279[8-npn-with-sni-no-context-switch-ssl]
280server = 8-npn-with-sni-no-context-switch-server
281client = 8-npn-with-sni-no-context-switch-client
282server2 = 8-npn-with-sni-no-context-switch-server2
283
284[8-npn-with-sni-no-context-switch-server]
285Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
286CipherString = DEFAULT
287PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
288
289[8-npn-with-sni-no-context-switch-server2]
290Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
291CipherString = DEFAULT
292PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
293
294[8-npn-with-sni-no-context-switch-client]
295CipherString = DEFAULT
296MaxProtocol = TLSv1.2
297VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
298VerifyMode = Peer
299
300[test-8]
301ExpectedNPNProtocol = foo
302ExpectedServerName = server1
303server = 8-npn-with-sni-no-context-switch-server-extra
304server2 = 8-npn-with-sni-no-context-switch-server2-extra
305client = 8-npn-with-sni-no-context-switch-client-extra
306
307[8-npn-with-sni-no-context-switch-server-extra]
308NPNProtocols = foo
309ServerNameCallback = IgnoreMismatch
310
311[8-npn-with-sni-no-context-switch-server2-extra]
312NPNProtocols = bar
313
314[8-npn-with-sni-no-context-switch-client-extra]
315NPNProtocols = foo,bar
316ServerName = server1
317
318
319# ===========================================================
320
321[9-npn-with-sni-context-switch]
322ssl_conf = 9-npn-with-sni-context-switch-ssl
323
324[9-npn-with-sni-context-switch-ssl]
325server = 9-npn-with-sni-context-switch-server
326client = 9-npn-with-sni-context-switch-client
327server2 = 9-npn-with-sni-context-switch-server2
328
329[9-npn-with-sni-context-switch-server]
330Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
331CipherString = DEFAULT
332PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
333
334[9-npn-with-sni-context-switch-server2]
335Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
336CipherString = DEFAULT
337PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
338
339[9-npn-with-sni-context-switch-client]
340CipherString = DEFAULT
341MaxProtocol = TLSv1.2
342VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
343VerifyMode = Peer
344
345[test-9]
346ExpectedNPNProtocol = bar
347ExpectedServerName = server2
348server = 9-npn-with-sni-context-switch-server-extra
349server2 = 9-npn-with-sni-context-switch-server2-extra
350client = 9-npn-with-sni-context-switch-client-extra
351
352[9-npn-with-sni-context-switch-server-extra]
353NPNProtocols = foo
354ServerNameCallback = IgnoreMismatch
355
356[9-npn-with-sni-context-switch-server2-extra]
357NPNProtocols = bar
358
359[9-npn-with-sni-context-switch-client-extra]
360NPNProtocols = foo,bar
361ServerName = server2
362
363
364# ===========================================================
365
366[10-npn-selected-sni-server-supports-npn]
367ssl_conf = 10-npn-selected-sni-server-supports-npn-ssl
368
369[10-npn-selected-sni-server-supports-npn-ssl]
370server = 10-npn-selected-sni-server-supports-npn-server
371client = 10-npn-selected-sni-server-supports-npn-client
372server2 = 10-npn-selected-sni-server-supports-npn-server2
373
374[10-npn-selected-sni-server-supports-npn-server]
375Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
376CipherString = DEFAULT
377PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
378
379[10-npn-selected-sni-server-supports-npn-server2]
380Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
381CipherString = DEFAULT
382PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
383
384[10-npn-selected-sni-server-supports-npn-client]
385CipherString = DEFAULT
386MaxProtocol = TLSv1.2
387VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
388VerifyMode = Peer
389
390[test-10]
391ExpectedNPNProtocol = bar
392ExpectedServerName = server2
393server = 10-npn-selected-sni-server-supports-npn-server-extra
394server2 = 10-npn-selected-sni-server-supports-npn-server2-extra
395client = 10-npn-selected-sni-server-supports-npn-client-extra
396
397[10-npn-selected-sni-server-supports-npn-server-extra]
398ServerNameCallback = IgnoreMismatch
399
400[10-npn-selected-sni-server-supports-npn-server2-extra]
401NPNProtocols = bar
402
403[10-npn-selected-sni-server-supports-npn-client-extra]
404NPNProtocols = foo,bar
405ServerName = server2
406
407
408# ===========================================================
409
410[11-npn-selected-sni-server-does-not-support-npn]
411ssl_conf = 11-npn-selected-sni-server-does-not-support-npn-ssl
412
413[11-npn-selected-sni-server-does-not-support-npn-ssl]
414server = 11-npn-selected-sni-server-does-not-support-npn-server
415client = 11-npn-selected-sni-server-does-not-support-npn-client
416server2 = 11-npn-selected-sni-server-does-not-support-npn-server2
417
418[11-npn-selected-sni-server-does-not-support-npn-server]
419Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
420CipherString = DEFAULT
421PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
422
423[11-npn-selected-sni-server-does-not-support-npn-server2]
424Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
425CipherString = DEFAULT
426PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
427
428[11-npn-selected-sni-server-does-not-support-npn-client]
429CipherString = DEFAULT
430MaxProtocol = TLSv1.2
431VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
432VerifyMode = Peer
433
434[test-11]
435ExpectedServerName = server2
436server = 11-npn-selected-sni-server-does-not-support-npn-server-extra
437client = 11-npn-selected-sni-server-does-not-support-npn-client-extra
438
439[11-npn-selected-sni-server-does-not-support-npn-server-extra]
440NPNProtocols = bar
441ServerNameCallback = IgnoreMismatch
442
443[11-npn-selected-sni-server-does-not-support-npn-client-extra]
444NPNProtocols = foo,bar
445ServerName = server2
446
447
448# ===========================================================
449
450[12-alpn-preferred-over-npn]
451ssl_conf = 12-alpn-preferred-over-npn-ssl
452
453[12-alpn-preferred-over-npn-ssl]
454server = 12-alpn-preferred-over-npn-server
455client = 12-alpn-preferred-over-npn-client
456
457[12-alpn-preferred-over-npn-server]
458Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
459CipherString = DEFAULT
460PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
461
462[12-alpn-preferred-over-npn-client]
463CipherString = DEFAULT
464MaxProtocol = TLSv1.2
465VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
466VerifyMode = Peer
467
468[test-12]
469ExpectedALPNProtocol = foo
470server = 12-alpn-preferred-over-npn-server-extra
471client = 12-alpn-preferred-over-npn-client-extra
472
473[12-alpn-preferred-over-npn-server-extra]
474ALPNProtocols = foo
475NPNProtocols = bar
476
477[12-alpn-preferred-over-npn-client-extra]
478ALPNProtocols = foo
479NPNProtocols = bar
480
481
482# ===========================================================
483
484[13-sni-npn-preferred-over-alpn]
485ssl_conf = 13-sni-npn-preferred-over-alpn-ssl
486
487[13-sni-npn-preferred-over-alpn-ssl]
488server = 13-sni-npn-preferred-over-alpn-server
489client = 13-sni-npn-preferred-over-alpn-client
490server2 = 13-sni-npn-preferred-over-alpn-server2
491
492[13-sni-npn-preferred-over-alpn-server]
493Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
494CipherString = DEFAULT
495PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
496
497[13-sni-npn-preferred-over-alpn-server2]
498Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
499CipherString = DEFAULT
500PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
501
502[13-sni-npn-preferred-over-alpn-client]
503CipherString = DEFAULT
504MaxProtocol = TLSv1.2
505VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
506VerifyMode = Peer
507
508[test-13]
509ExpectedNPNProtocol = bar
510ExpectedServerName = server2
511server = 13-sni-npn-preferred-over-alpn-server-extra
512server2 = 13-sni-npn-preferred-over-alpn-server2-extra
513client = 13-sni-npn-preferred-over-alpn-client-extra
514
515[13-sni-npn-preferred-over-alpn-server-extra]
516ALPNProtocols = foo
517ServerNameCallback = IgnoreMismatch
518
519[13-sni-npn-preferred-over-alpn-server2-extra]
520NPNProtocols = bar
521
522[13-sni-npn-preferred-over-alpn-client-extra]
523ALPNProtocols = foo
524NPNProtocols = bar
525ServerName = server2
526
527
528# ===========================================================
529
530[14-npn-simple-resumption]
531ssl_conf = 14-npn-simple-resumption-ssl
532
533[14-npn-simple-resumption-ssl]
534server = 14-npn-simple-resumption-server
535client = 14-npn-simple-resumption-client
536resume-server = 14-npn-simple-resumption-server
537resume-client = 14-npn-simple-resumption-client
538
539[14-npn-simple-resumption-server]
540Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
541CipherString = DEFAULT
542PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
543
544[14-npn-simple-resumption-client]
545CipherString = DEFAULT
546MaxProtocol = TLSv1.2
547VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
548VerifyMode = Peer
549
550[test-14]
551ExpectedNPNProtocol = foo
552HandshakeMode = Resume
553ResumptionExpected = Yes
554server = 14-npn-simple-resumption-server-extra
555resume-server = 14-npn-simple-resumption-server-extra
556client = 14-npn-simple-resumption-client-extra
557resume-client = 14-npn-simple-resumption-client-extra
558
559[14-npn-simple-resumption-server-extra]
560NPNProtocols = foo
561
562[14-npn-simple-resumption-client-extra]
563NPNProtocols = foo
564
565
566# ===========================================================
567
568[15-npn-server-switch-resumption]
569ssl_conf = 15-npn-server-switch-resumption-ssl
570
571[15-npn-server-switch-resumption-ssl]
572server = 15-npn-server-switch-resumption-server
573client = 15-npn-server-switch-resumption-client
574resume-server = 15-npn-server-switch-resumption-resume-server
575resume-client = 15-npn-server-switch-resumption-client
576
577[15-npn-server-switch-resumption-server]
578Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
579CipherString = DEFAULT
580PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
581
582[15-npn-server-switch-resumption-resume-server]
583Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
584CipherString = DEFAULT
585PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
586
587[15-npn-server-switch-resumption-client]
588CipherString = DEFAULT
589MaxProtocol = TLSv1.2
590VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
591VerifyMode = Peer
592
593[test-15]
594ExpectedNPNProtocol = baz
595HandshakeMode = Resume
596ResumptionExpected = Yes
597server = 15-npn-server-switch-resumption-server-extra
598resume-server = 15-npn-server-switch-resumption-resume-server-extra
599client = 15-npn-server-switch-resumption-client-extra
600resume-client = 15-npn-server-switch-resumption-client-extra
601
602[15-npn-server-switch-resumption-server-extra]
603NPNProtocols = bar,foo
604
605[15-npn-server-switch-resumption-resume-server-extra]
606NPNProtocols = baz,foo
607
608[15-npn-server-switch-resumption-client-extra]
609NPNProtocols = foo,bar,baz
610
611
612# ===========================================================
613
614[16-npn-client-switch-resumption]
615ssl_conf = 16-npn-client-switch-resumption-ssl
616
617[16-npn-client-switch-resumption-ssl]
618server = 16-npn-client-switch-resumption-server
619client = 16-npn-client-switch-resumption-client
620resume-server = 16-npn-client-switch-resumption-server
621resume-client = 16-npn-client-switch-resumption-resume-client
622
623[16-npn-client-switch-resumption-server]
624Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
625CipherString = DEFAULT
626PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
627
628[16-npn-client-switch-resumption-client]
629CipherString = DEFAULT
630MaxProtocol = TLSv1.2
631VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
632VerifyMode = Peer
633
634[16-npn-client-switch-resumption-resume-client]
635CipherString = DEFAULT
636MaxProtocol = TLSv1.2
637VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
638VerifyMode = Peer
639
640[test-16]
641ExpectedNPNProtocol = bar
642HandshakeMode = Resume
643ResumptionExpected = Yes
644server = 16-npn-client-switch-resumption-server-extra
645resume-server = 16-npn-client-switch-resumption-server-extra
646client = 16-npn-client-switch-resumption-client-extra
647resume-client = 16-npn-client-switch-resumption-resume-client-extra
648
649[16-npn-client-switch-resumption-server-extra]
650NPNProtocols = foo,bar,baz
651
652[16-npn-client-switch-resumption-client-extra]
653NPNProtocols = foo,baz
654
655[16-npn-client-switch-resumption-resume-client-extra]
656NPNProtocols = bar,baz
657
658
659# ===========================================================
660
661[17-npn-client-first-pref-on-mismatch-resumption]
662ssl_conf = 17-npn-client-first-pref-on-mismatch-resumption-ssl
663
664[17-npn-client-first-pref-on-mismatch-resumption-ssl]
665server = 17-npn-client-first-pref-on-mismatch-resumption-server
666client = 17-npn-client-first-pref-on-mismatch-resumption-client
667resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server
668resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client
669
670[17-npn-client-first-pref-on-mismatch-resumption-server]
671Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
672CipherString = DEFAULT
673PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
674
675[17-npn-client-first-pref-on-mismatch-resumption-resume-server]
676Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
677CipherString = DEFAULT
678PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
679
680[17-npn-client-first-pref-on-mismatch-resumption-client]
681CipherString = DEFAULT
682MaxProtocol = TLSv1.2
683VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
684VerifyMode = Peer
685
686[test-17]
687ExpectedNPNProtocol = foo
688HandshakeMode = Resume
689ResumptionExpected = Yes
690server = 17-npn-client-first-pref-on-mismatch-resumption-server-extra
691resume-server = 17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra
692client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra
693resume-client = 17-npn-client-first-pref-on-mismatch-resumption-client-extra
694
695[17-npn-client-first-pref-on-mismatch-resumption-server-extra]
696NPNProtocols = bar
697
698[17-npn-client-first-pref-on-mismatch-resumption-resume-server-extra]
699NPNProtocols = baz
700
701[17-npn-client-first-pref-on-mismatch-resumption-client-extra]
702NPNProtocols = foo,bar
703
704
705# ===========================================================
706
707[18-npn-no-server-support-resumption]
708ssl_conf = 18-npn-no-server-support-resumption-ssl
709
710[18-npn-no-server-support-resumption-ssl]
711server = 18-npn-no-server-support-resumption-server
712client = 18-npn-no-server-support-resumption-client
713resume-server = 18-npn-no-server-support-resumption-resume-server
714resume-client = 18-npn-no-server-support-resumption-client
715
716[18-npn-no-server-support-resumption-server]
717Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
718CipherString = DEFAULT
719PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
720
721[18-npn-no-server-support-resumption-resume-server]
722Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
723CipherString = DEFAULT
724PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
725
726[18-npn-no-server-support-resumption-client]
727CipherString = DEFAULT
728MaxProtocol = TLSv1.2
729VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
730VerifyMode = Peer
731
732[test-18]
733HandshakeMode = Resume
734ResumptionExpected = Yes
735server = 18-npn-no-server-support-resumption-server-extra
736client = 18-npn-no-server-support-resumption-client-extra
737resume-client = 18-npn-no-server-support-resumption-client-extra
738
739[18-npn-no-server-support-resumption-server-extra]
740NPNProtocols = foo
741
742[18-npn-no-server-support-resumption-client-extra]
743NPNProtocols = foo
744
745
746# ===========================================================
747
748[19-npn-no-client-support-resumption]
749ssl_conf = 19-npn-no-client-support-resumption-ssl
750
751[19-npn-no-client-support-resumption-ssl]
752server = 19-npn-no-client-support-resumption-server
753client = 19-npn-no-client-support-resumption-client
754resume-server = 19-npn-no-client-support-resumption-server
755resume-client = 19-npn-no-client-support-resumption-resume-client
756
757[19-npn-no-client-support-resumption-server]
758Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
759CipherString = DEFAULT
760PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
761
762[19-npn-no-client-support-resumption-client]
763CipherString = DEFAULT
764MaxProtocol = TLSv1.2
765VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
766VerifyMode = Peer
767
768[19-npn-no-client-support-resumption-resume-client]
769CipherString = DEFAULT
770MaxProtocol = TLSv1.2
771VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
772VerifyMode = Peer
773
774[test-19]
775HandshakeMode = Resume
776ResumptionExpected = Yes
777server = 19-npn-no-client-support-resumption-server-extra
778resume-server = 19-npn-no-client-support-resumption-server-extra
779client = 19-npn-no-client-support-resumption-client-extra
780
781[19-npn-no-client-support-resumption-server-extra]
782NPNProtocols = foo
783
784[19-npn-no-client-support-resumption-client-extra]
785NPNProtocols = foo
786
787
788# ===========================================================
789
790[20-alpn-preferred-over-npn-resumption]
791ssl_conf = 20-alpn-preferred-over-npn-resumption-ssl
792
793[20-alpn-preferred-over-npn-resumption-ssl]
794server = 20-alpn-preferred-over-npn-resumption-server
795client = 20-alpn-preferred-over-npn-resumption-client
796resume-server = 20-alpn-preferred-over-npn-resumption-resume-server
797resume-client = 20-alpn-preferred-over-npn-resumption-client
798
799[20-alpn-preferred-over-npn-resumption-server]
800Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
801CipherString = DEFAULT
802PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
803
804[20-alpn-preferred-over-npn-resumption-resume-server]
805Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
806CipherString = DEFAULT
807PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
808
809[20-alpn-preferred-over-npn-resumption-client]
810CipherString = DEFAULT
811MaxProtocol = TLSv1.2
812VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
813VerifyMode = Peer
814
815[test-20]
816ExpectedALPNProtocol = foo
817HandshakeMode = Resume
818ResumptionExpected = Yes
819server = 20-alpn-preferred-over-npn-resumption-server-extra
820resume-server = 20-alpn-preferred-over-npn-resumption-resume-server-extra
821client = 20-alpn-preferred-over-npn-resumption-client-extra
822resume-client = 20-alpn-preferred-over-npn-resumption-client-extra
823
824[20-alpn-preferred-over-npn-resumption-server-extra]
825NPNProtocols = bar
826
827[20-alpn-preferred-over-npn-resumption-resume-server-extra]
828ALPNProtocols = foo
829NPNProtocols = baz
830
831[20-alpn-preferred-over-npn-resumption-client-extra]
832ALPNProtocols = foo
833NPNProtocols = bar,baz
834
835
836# ===========================================================
837
838[21-npn-used-if-alpn-not-supported-resumption]
839ssl_conf = 21-npn-used-if-alpn-not-supported-resumption-ssl
840
841[21-npn-used-if-alpn-not-supported-resumption-ssl]
842server = 21-npn-used-if-alpn-not-supported-resumption-server
843client = 21-npn-used-if-alpn-not-supported-resumption-client
844resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server
845resume-client = 21-npn-used-if-alpn-not-supported-resumption-client
846
847[21-npn-used-if-alpn-not-supported-resumption-server]
848Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
849CipherString = DEFAULT
850PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
851
852[21-npn-used-if-alpn-not-supported-resumption-resume-server]
853Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
854CipherString = DEFAULT
855PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
856
857[21-npn-used-if-alpn-not-supported-resumption-client]
858CipherString = DEFAULT
859MaxProtocol = TLSv1.2
860VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
861VerifyMode = Peer
862
863[test-21]
864ExpectedNPNProtocol = baz
865HandshakeMode = Resume
866ResumptionExpected = Yes
867server = 21-npn-used-if-alpn-not-supported-resumption-server-extra
868resume-server = 21-npn-used-if-alpn-not-supported-resumption-resume-server-extra
869client = 21-npn-used-if-alpn-not-supported-resumption-client-extra
870resume-client = 21-npn-used-if-alpn-not-supported-resumption-client-extra
871
872[21-npn-used-if-alpn-not-supported-resumption-server-extra]
873ALPNProtocols = foo
874NPNProtocols = bar
875
876[21-npn-used-if-alpn-not-supported-resumption-resume-server-extra]
877NPNProtocols = baz
878
879[21-npn-used-if-alpn-not-supported-resumption-client-extra]
880ALPNProtocols = foo
881NPNProtocols = bar,baz
882
883
884