xref: /freebsd/crypto/openssl/test/ssl-tests/08-npn.cnf.in (revision ac77b2621508c6a50ab01d07fe8d43795d908f05)
1# -*- mode: perl; -*-
2# Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10## Test NPN. Note that NPN is only supported up to TLSv1.2
11
12use strict;
13use warnings;
14
15package ssltests;
16
17our @tests = (
18    {
19        name => "npn-simple",
20        server => {
21            extra => {
22                "NPNProtocols" => "foo",
23            },
24        },
25        client => {
26            extra => {
27                "NPNProtocols" => "foo",
28            },
29            "MaxProtocol" => "TLSv1.2"
30        },
31        test => {
32            "ExpectedNPNProtocol" => "foo",
33        },
34    },
35    {
36        name => "npn-client-finds-match",
37        server => {
38            extra => {
39                "NPNProtocols" => "baz,bar",
40            },
41        },
42        client => {
43            extra => {
44                "NPNProtocols" => "foo,bar",
45            },
46            "MaxProtocol" => "TLSv1.2"
47        },
48        test => {
49            "ExpectedNPNProtocol" => "bar",
50        },
51    },
52    {
53        name => "npn-client-honours-server-pref",
54        server => {
55            extra => {
56                "NPNProtocols" => "bar,foo",
57            },
58        },
59        client => {
60            extra => {
61                "NPNProtocols" => "foo,bar",
62            },
63            "MaxProtocol" => "TLSv1.2"
64        },
65        test => {
66            "ExpectedNPNProtocol" => "bar",
67        },
68    },
69    {
70        name => "npn-client-first-pref-on-mismatch",
71        server => {
72            extra => {
73                "NPNProtocols" => "baz",
74            },
75        },
76        client => {
77            extra => {
78                "NPNProtocols" => "foo,bar",
79            },
80            "MaxProtocol" => "TLSv1.2"
81        },
82        test => {
83            "ExpectedNPNProtocol" => "foo",
84        },
85    },
86    {
87        name => "npn-no-server-support",
88        server => {},
89        client => {
90            extra => {
91                "NPNProtocols" => "foo",
92            },
93            "MaxProtocol" => "TLSv1.2"
94        },
95        test => {
96            "ExpectedNPNProtocol" => undef,
97        },
98    },
99    {
100        name => "npn-no-client-support",
101        server => {
102            extra => {
103                "NPNProtocols" => "foo",
104            },
105        },
106        client => {
107            "MaxProtocol" => "TLSv1.2"
108        },
109        test => {
110            "ExpectedNPNProtocol" => undef,
111        },
112    },
113    {
114        name => "npn-empty-client-list",
115        server => {
116            extra => {
117                "NPNProtocols" => "foo",
118            },
119        },
120        client => {
121            extra => {
122                "NPNProtocols" => "",
123            },
124            "MaxProtocol" => "TLSv1.2"
125        },
126        test => {
127            "ExpectedResult" => "ClientFail",
128            "ExpectedClientAlert" => "HandshakeFailure"
129        },
130    },
131    {
132        name => "npn-empty-server-list",
133        server => {
134            extra => {
135                "NPNProtocols" => "",
136            },
137        },
138        client => {
139            extra => {
140                "NPNProtocols" => "foo",
141            },
142            "MaxProtocol" => "TLSv1.2"
143        },
144        test => {
145            "ExpectedNPNProtocol" => "foo"
146        },
147    },
148    {
149        name => "npn-with-sni-no-context-switch",
150        server => {
151            extra => {
152                "NPNProtocols" => "foo",
153                "ServerNameCallback" => "IgnoreMismatch",
154            },
155        },
156        server2 => {
157            extra => {
158                "NPNProtocols" => "bar",
159            },
160        },
161        client => {
162            extra => {
163                "NPNProtocols" => "foo,bar",
164                "ServerName" => "server1",
165            },
166            "MaxProtocol" => "TLSv1.2"
167        },
168        test => {
169            "ExpectedServerName" => "server1",
170            "ExpectedNPNProtocol" => "foo",
171        },
172    },
173    {
174        name => "npn-with-sni-context-switch",
175        server => {
176            extra => {
177                "NPNProtocols" => "foo",
178                "ServerNameCallback" => "IgnoreMismatch",
179            },
180        },
181        server2 => {
182            extra => {
183                "NPNProtocols" => "bar",
184            },
185        },
186        client => {
187            extra => {
188                "NPNProtocols" => "foo,bar",
189                "ServerName" => "server2",
190            },
191            "MaxProtocol" => "TLSv1.2"
192        },
193        test => {
194            "ExpectedServerName" => "server2",
195            "ExpectedNPNProtocol" => "bar",
196        },
197    },
198    {
199        name => "npn-selected-sni-server-supports-npn",
200        server => {
201            extra => {
202                "ServerNameCallback" => "IgnoreMismatch",
203            },
204        },
205        server2 => {
206            extra => {
207                "NPNProtocols" => "bar",
208            },
209        },
210        client => {
211            extra => {
212                "NPNProtocols" => "foo,bar",
213                "ServerName" => "server2",
214            },
215            "MaxProtocol" => "TLSv1.2"
216        },
217        test => {
218            "ExpectedServerName" => "server2",
219            "ExpectedNPNProtocol" => "bar",
220        },
221    },
222    {
223        name => "npn-selected-sni-server-does-not-support-npn",
224        server => {
225            extra => {
226                "NPNProtocols" => "bar",
227                "ServerNameCallback" => "IgnoreMismatch",
228            },
229        },
230        server2 => { },
231        client => {
232            extra => {
233                "NPNProtocols" => "foo,bar",
234                "ServerName" => "server2",
235            },
236            "MaxProtocol" => "TLSv1.2"
237        },
238        test => {
239             "ExpectedServerName" => "server2",
240             "ExpectedNPNProtocol" => undef,
241        },
242    },
243    {
244        name => "alpn-preferred-over-npn",
245        server => {
246            extra => {
247                "ALPNProtocols" => "foo",
248                "NPNProtocols" => "bar",
249            },
250        },
251        client => {
252            extra => {
253                "ALPNProtocols" => "foo",
254                "NPNProtocols" => "bar",
255            },
256            "MaxProtocol" => "TLSv1.2"
257        },
258        test => {
259            "ExpectedALPNProtocol" => "foo",
260            "ExpectedNPNProtocol" => undef,
261        },
262    },
263    {
264        name => "sni-npn-preferred-over-alpn",
265        server => {
266            extra => {
267                "ServerNameCallback" => "IgnoreMismatch",
268                "ALPNProtocols" => "foo",
269            },
270        },
271        server2 => {
272            extra => {
273                "NPNProtocols" => "bar",
274            },
275        },
276        client => {
277            extra => {
278                "ServerName" => "server2",
279                "ALPNProtocols" => "foo",
280                "NPNProtocols" => "bar",
281            },
282            "MaxProtocol" => "TLSv1.2"
283        },
284        test => {
285            "ExpectedALPNProtocol" => undef,
286            "ExpectedNPNProtocol" => "bar",
287            "ExpectedServerName" => "server2",
288        },
289    },
290    {
291        name => "npn-simple-resumption",
292        server => {
293            extra => {
294                "NPNProtocols" => "foo",
295            },
296        },
297        client => {
298            extra => {
299                "NPNProtocols" => "foo",
300            },
301            "MaxProtocol" => "TLSv1.2"
302        },
303        test => {
304            "HandshakeMode" => "Resume",
305            "ResumptionExpected" => "Yes",
306            "ExpectedNPNProtocol" => "foo",
307        },
308    },
309    {
310        name => "npn-server-switch-resumption",
311        server => {
312            extra => {
313                "NPNProtocols" => "bar,foo",
314            },
315        },
316        resume_server => {
317            extra => {
318                "NPNProtocols" => "baz,foo",
319            },
320        },
321        client => {
322            extra => {
323                "NPNProtocols" => "foo,bar,baz",
324            },
325            "MaxProtocol" => "TLSv1.2"
326        },
327        test => {
328            "HandshakeMode" => "Resume",
329            "ResumptionExpected" => "Yes",
330            "ExpectedNPNProtocol" => "baz",
331        },
332    },
333    {
334        name => "npn-client-switch-resumption",
335        server => {
336            extra => {
337                "NPNProtocols" => "foo,bar,baz",
338            },
339        },
340        client => {
341            extra => {
342                "NPNProtocols" => "foo,baz",
343            },
344            "MaxProtocol" => "TLSv1.2"
345        },
346        resume_client => {
347            extra => {
348                "NPNProtocols" => "bar,baz",
349            },
350            "MaxProtocol" => "TLSv1.2"
351        },
352        test => {
353            "HandshakeMode" => "Resume",
354            "ResumptionExpected" => "Yes",
355            "ExpectedNPNProtocol" => "bar",
356        },
357    },
358    {
359        name => "npn-client-first-pref-on-mismatch-resumption",
360        server => {
361            extra => {
362                "NPNProtocols" => "bar",
363            },
364        },
365        resume_server => {
366            extra => {
367                "NPNProtocols" => "baz",
368            },
369        },
370        client => {
371            extra => {
372                "NPNProtocols" => "foo,bar",
373            },
374            "MaxProtocol" => "TLSv1.2"
375        },
376        test => {
377            "HandshakeMode" => "Resume",
378            "ResumptionExpected" => "Yes",
379            "ExpectedNPNProtocol" => "foo",
380        },
381    },
382    {
383        name => "npn-no-server-support-resumption",
384        server => {
385            extra => {
386                "NPNProtocols" => "foo",
387            },
388        },
389        resume_server => { },
390        client => {
391            extra => {
392                "NPNProtocols" => "foo",
393            },
394            "MaxProtocol" => "TLSv1.2"
395        },
396        test => {
397            "HandshakeMode" => "Resume",
398            "ResumptionExpected" => "Yes",
399            "ExpectedNPNProtocol" => undef,
400        },
401    },
402    {
403        name => "npn-no-client-support-resumption",
404        server => {
405            extra => {
406                "NPNProtocols" => "foo",
407            },
408        },
409        client => {
410            extra => {
411                "NPNProtocols" => "foo",
412            },
413            "MaxProtocol" => "TLSv1.2"
414        },
415        resume_client => {
416            "MaxProtocol" => "TLSv1.2"
417        },
418        test => {
419            "HandshakeMode" => "Resume",
420            "ResumptionExpected" => "Yes",
421            "ExpectedNPNProtocol" => undef,
422        },
423    },
424    {
425        name => "alpn-preferred-over-npn-resumption",
426        server => {
427            extra => {
428                "NPNProtocols" => "bar",
429            },
430        },
431        resume_server => {
432            extra => {
433                "ALPNProtocols" => "foo",
434                "NPNProtocols" => "baz",
435            },
436        },
437        client => {
438            extra => {
439                "ALPNProtocols" => "foo",
440                "NPNProtocols" => "bar,baz",
441            },
442            "MaxProtocol" => "TLSv1.2"
443        },
444        test => {
445            "HandshakeMode" => "Resume",
446            "ResumptionExpected" => "Yes",
447            "ExpectedALPNProtocol" => "foo",
448            "ExpectedNPNProtocol" => undef,
449        },
450    },
451    {
452        name => "npn-used-if-alpn-not-supported-resumption",
453        server => {
454            extra => {
455                "ALPNProtocols" => "foo",
456                "NPNProtocols" => "bar",
457            },
458        },
459        resume_server => {
460            extra => {
461                "NPNProtocols" => "baz",
462            },
463        },
464        client => {
465            extra => {
466                "ALPNProtocols" => "foo",
467                "NPNProtocols" => "bar,baz",
468            },
469            "MaxProtocol" => "TLSv1.2"
470        },
471        test => {
472            "HandshakeMode" => "Resume",
473            "ResumptionExpected" => "Yes",
474            "ExpectedALPNProtocol" => undef,
475            "ExpectedNPNProtocol" => "baz",
476        },
477    },
478);
479