1*e0c4386eSCy Schubert# Generated with generate_ssl_tests.pl 2*e0c4386eSCy Schubert 3*e0c4386eSCy Schubertnum_tests = 18 4*e0c4386eSCy Schubert 5*e0c4386eSCy Schuberttest-0 = 0-renegotiate-client-no-resume 6*e0c4386eSCy Schuberttest-1 = 1-renegotiate-client-resume 7*e0c4386eSCy Schuberttest-2 = 2-renegotiate-server-no-resume 8*e0c4386eSCy Schuberttest-3 = 3-renegotiate-server-resume 9*e0c4386eSCy Schuberttest-4 = 4-renegotiate-client-auth-require 10*e0c4386eSCy Schuberttest-5 = 5-renegotiate-client-auth-once 11*e0c4386eSCy Schuberttest-6 = 6-renegotiate-client-legacy-connect 12*e0c4386eSCy Schuberttest-7 = 7-renegotiate-aead-to-non-aead 13*e0c4386eSCy Schuberttest-8 = 8-renegotiate-non-aead-to-aead 14*e0c4386eSCy Schuberttest-9 = 9-renegotiate-non-aead-to-non-aead 15*e0c4386eSCy Schuberttest-10 = 10-renegotiate-aead-to-aead 16*e0c4386eSCy Schuberttest-11 = 11-no-renegotiation-server-by-client 17*e0c4386eSCy Schuberttest-12 = 12-no-renegotiation-server-by-server 18*e0c4386eSCy Schuberttest-13 = 13-no-renegotiation-client-by-server 19*e0c4386eSCy Schuberttest-14 = 14-no-renegotiation-client-by-client 20*e0c4386eSCy Schuberttest-15 = 15-no-extms-on-renegotiation 21*e0c4386eSCy Schuberttest-16 = 16-allow-client-renegotiation 22*e0c4386eSCy Schuberttest-17 = 17-no-client-renegotiation 23*e0c4386eSCy Schubert# =========================================================== 24*e0c4386eSCy Schubert 25*e0c4386eSCy Schubert[0-renegotiate-client-no-resume] 26*e0c4386eSCy Schubertssl_conf = 0-renegotiate-client-no-resume-ssl 27*e0c4386eSCy Schubert 28*e0c4386eSCy Schubert[0-renegotiate-client-no-resume-ssl] 29*e0c4386eSCy Schubertserver = 0-renegotiate-client-no-resume-server 30*e0c4386eSCy Schubertclient = 0-renegotiate-client-no-resume-client 31*e0c4386eSCy Schubert 32*e0c4386eSCy Schubert[0-renegotiate-client-no-resume-server] 33*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 34*e0c4386eSCy SchubertCipherString = DEFAULT 35*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 36*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 37*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 38*e0c4386eSCy Schubert 39*e0c4386eSCy Schubert[0-renegotiate-client-no-resume-client] 40*e0c4386eSCy SchubertCipherString = DEFAULT 41*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 42*e0c4386eSCy SchubertVerifyMode = Peer 43*e0c4386eSCy Schubert 44*e0c4386eSCy Schubert[test-0] 45*e0c4386eSCy SchubertExpectedResult = Success 46*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 47*e0c4386eSCy SchubertMethod = TLS 48*e0c4386eSCy SchubertResumptionExpected = No 49*e0c4386eSCy Schubert 50*e0c4386eSCy Schubert 51*e0c4386eSCy Schubert# =========================================================== 52*e0c4386eSCy Schubert 53*e0c4386eSCy Schubert[1-renegotiate-client-resume] 54*e0c4386eSCy Schubertssl_conf = 1-renegotiate-client-resume-ssl 55*e0c4386eSCy Schubert 56*e0c4386eSCy Schubert[1-renegotiate-client-resume-ssl] 57*e0c4386eSCy Schubertserver = 1-renegotiate-client-resume-server 58*e0c4386eSCy Schubertclient = 1-renegotiate-client-resume-client 59*e0c4386eSCy Schubert 60*e0c4386eSCy Schubert[1-renegotiate-client-resume-server] 61*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 62*e0c4386eSCy SchubertCipherString = DEFAULT 63*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 64*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 65*e0c4386eSCy Schubert 66*e0c4386eSCy Schubert[1-renegotiate-client-resume-client] 67*e0c4386eSCy SchubertCipherString = DEFAULT 68*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 69*e0c4386eSCy SchubertVerifyMode = Peer 70*e0c4386eSCy Schubert 71*e0c4386eSCy Schubert[test-1] 72*e0c4386eSCy SchubertExpectedResult = Success 73*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 74*e0c4386eSCy SchubertMethod = TLS 75*e0c4386eSCy SchubertResumptionExpected = Yes 76*e0c4386eSCy Schubert 77*e0c4386eSCy Schubert 78*e0c4386eSCy Schubert# =========================================================== 79*e0c4386eSCy Schubert 80*e0c4386eSCy Schubert[2-renegotiate-server-no-resume] 81*e0c4386eSCy Schubertssl_conf = 2-renegotiate-server-no-resume-ssl 82*e0c4386eSCy Schubert 83*e0c4386eSCy Schubert[2-renegotiate-server-no-resume-ssl] 84*e0c4386eSCy Schubertserver = 2-renegotiate-server-no-resume-server 85*e0c4386eSCy Schubertclient = 2-renegotiate-server-no-resume-client 86*e0c4386eSCy Schubert 87*e0c4386eSCy Schubert[2-renegotiate-server-no-resume-server] 88*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 89*e0c4386eSCy SchubertCipherString = DEFAULT 90*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 91*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 92*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 93*e0c4386eSCy Schubert 94*e0c4386eSCy Schubert[2-renegotiate-server-no-resume-client] 95*e0c4386eSCy SchubertCipherString = DEFAULT 96*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 97*e0c4386eSCy SchubertVerifyMode = Peer 98*e0c4386eSCy Schubert 99*e0c4386eSCy Schubert[test-2] 100*e0c4386eSCy SchubertExpectedResult = Success 101*e0c4386eSCy SchubertHandshakeMode = RenegotiateServer 102*e0c4386eSCy SchubertMethod = TLS 103*e0c4386eSCy SchubertResumptionExpected = No 104*e0c4386eSCy Schubert 105*e0c4386eSCy Schubert 106*e0c4386eSCy Schubert# =========================================================== 107*e0c4386eSCy Schubert 108*e0c4386eSCy Schubert[3-renegotiate-server-resume] 109*e0c4386eSCy Schubertssl_conf = 3-renegotiate-server-resume-ssl 110*e0c4386eSCy Schubert 111*e0c4386eSCy Schubert[3-renegotiate-server-resume-ssl] 112*e0c4386eSCy Schubertserver = 3-renegotiate-server-resume-server 113*e0c4386eSCy Schubertclient = 3-renegotiate-server-resume-client 114*e0c4386eSCy Schubert 115*e0c4386eSCy Schubert[3-renegotiate-server-resume-server] 116*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 117*e0c4386eSCy SchubertCipherString = DEFAULT 118*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 119*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 120*e0c4386eSCy Schubert 121*e0c4386eSCy Schubert[3-renegotiate-server-resume-client] 122*e0c4386eSCy SchubertCipherString = DEFAULT 123*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 124*e0c4386eSCy SchubertVerifyMode = Peer 125*e0c4386eSCy Schubert 126*e0c4386eSCy Schubert[test-3] 127*e0c4386eSCy SchubertExpectedResult = Success 128*e0c4386eSCy SchubertHandshakeMode = RenegotiateServer 129*e0c4386eSCy SchubertMethod = TLS 130*e0c4386eSCy SchubertResumptionExpected = Yes 131*e0c4386eSCy Schubert 132*e0c4386eSCy Schubert 133*e0c4386eSCy Schubert# =========================================================== 134*e0c4386eSCy Schubert 135*e0c4386eSCy Schubert[4-renegotiate-client-auth-require] 136*e0c4386eSCy Schubertssl_conf = 4-renegotiate-client-auth-require-ssl 137*e0c4386eSCy Schubert 138*e0c4386eSCy Schubert[4-renegotiate-client-auth-require-ssl] 139*e0c4386eSCy Schubertserver = 4-renegotiate-client-auth-require-server 140*e0c4386eSCy Schubertclient = 4-renegotiate-client-auth-require-client 141*e0c4386eSCy Schubert 142*e0c4386eSCy Schubert[4-renegotiate-client-auth-require-server] 143*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 144*e0c4386eSCy SchubertCipherString = DEFAULT 145*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 146*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 147*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 148*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 149*e0c4386eSCy SchubertVerifyMode = Require 150*e0c4386eSCy Schubert 151*e0c4386eSCy Schubert[4-renegotiate-client-auth-require-client] 152*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 153*e0c4386eSCy SchubertCipherString = DEFAULT 154*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 155*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 156*e0c4386eSCy SchubertVerifyMode = Peer 157*e0c4386eSCy Schubert 158*e0c4386eSCy Schubert[test-4] 159*e0c4386eSCy SchubertExpectedResult = Success 160*e0c4386eSCy SchubertHandshakeMode = RenegotiateServer 161*e0c4386eSCy SchubertMethod = TLS 162*e0c4386eSCy SchubertResumptionExpected = No 163*e0c4386eSCy Schubert 164*e0c4386eSCy Schubert 165*e0c4386eSCy Schubert# =========================================================== 166*e0c4386eSCy Schubert 167*e0c4386eSCy Schubert[5-renegotiate-client-auth-once] 168*e0c4386eSCy Schubertssl_conf = 5-renegotiate-client-auth-once-ssl 169*e0c4386eSCy Schubert 170*e0c4386eSCy Schubert[5-renegotiate-client-auth-once-ssl] 171*e0c4386eSCy Schubertserver = 5-renegotiate-client-auth-once-server 172*e0c4386eSCy Schubertclient = 5-renegotiate-client-auth-once-client 173*e0c4386eSCy Schubert 174*e0c4386eSCy Schubert[5-renegotiate-client-auth-once-server] 175*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 176*e0c4386eSCy SchubertCipherString = DEFAULT 177*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 178*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 179*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 180*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 181*e0c4386eSCy SchubertVerifyMode = Once 182*e0c4386eSCy Schubert 183*e0c4386eSCy Schubert[5-renegotiate-client-auth-once-client] 184*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 185*e0c4386eSCy SchubertCipherString = DEFAULT 186*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 187*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 188*e0c4386eSCy SchubertVerifyMode = Peer 189*e0c4386eSCy Schubert 190*e0c4386eSCy Schubert[test-5] 191*e0c4386eSCy SchubertExpectedResult = Success 192*e0c4386eSCy SchubertHandshakeMode = RenegotiateServer 193*e0c4386eSCy SchubertMethod = TLS 194*e0c4386eSCy SchubertResumptionExpected = No 195*e0c4386eSCy Schubert 196*e0c4386eSCy Schubert 197*e0c4386eSCy Schubert# =========================================================== 198*e0c4386eSCy Schubert 199*e0c4386eSCy Schubert[6-renegotiate-client-legacy-connect] 200*e0c4386eSCy Schubertssl_conf = 6-renegotiate-client-legacy-connect-ssl 201*e0c4386eSCy Schubert 202*e0c4386eSCy Schubert[6-renegotiate-client-legacy-connect-ssl] 203*e0c4386eSCy Schubertserver = 6-renegotiate-client-legacy-connect-server 204*e0c4386eSCy Schubertclient = 6-renegotiate-client-legacy-connect-client 205*e0c4386eSCy Schubert 206*e0c4386eSCy Schubert[6-renegotiate-client-legacy-connect-server] 207*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 208*e0c4386eSCy SchubertCipherString = DEFAULT 209*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 210*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 211*e0c4386eSCy Schubert 212*e0c4386eSCy Schubert[6-renegotiate-client-legacy-connect-client] 213*e0c4386eSCy SchubertCipherString = DEFAULT 214*e0c4386eSCy SchubertOptions = UnsafeLegacyServerConnect 215*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 216*e0c4386eSCy SchubertVerifyMode = Peer 217*e0c4386eSCy Schubert 218*e0c4386eSCy Schubert[test-6] 219*e0c4386eSCy SchubertExpectedResult = Success 220*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 221*e0c4386eSCy SchubertMethod = TLS 222*e0c4386eSCy SchubertResumptionExpected = Yes 223*e0c4386eSCy Schubert 224*e0c4386eSCy Schubert 225*e0c4386eSCy Schubert# =========================================================== 226*e0c4386eSCy Schubert 227*e0c4386eSCy Schubert[7-renegotiate-aead-to-non-aead] 228*e0c4386eSCy Schubertssl_conf = 7-renegotiate-aead-to-non-aead-ssl 229*e0c4386eSCy Schubert 230*e0c4386eSCy Schubert[7-renegotiate-aead-to-non-aead-ssl] 231*e0c4386eSCy Schubertserver = 7-renegotiate-aead-to-non-aead-server 232*e0c4386eSCy Schubertclient = 7-renegotiate-aead-to-non-aead-client 233*e0c4386eSCy Schubert 234*e0c4386eSCy Schubert[7-renegotiate-aead-to-non-aead-server] 235*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 236*e0c4386eSCy SchubertCipherString = DEFAULT 237*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 238*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 239*e0c4386eSCy Schubert 240*e0c4386eSCy Schubert[7-renegotiate-aead-to-non-aead-client] 241*e0c4386eSCy SchubertCipherString = AES128-GCM-SHA256 242*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 243*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 244*e0c4386eSCy SchubertVerifyMode = Peer 245*e0c4386eSCy Schubert 246*e0c4386eSCy Schubert[test-7] 247*e0c4386eSCy SchubertExpectedResult = Success 248*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 249*e0c4386eSCy SchubertMethod = TLS 250*e0c4386eSCy SchubertResumptionExpected = No 251*e0c4386eSCy Schubertclient = 7-renegotiate-aead-to-non-aead-client-extra 252*e0c4386eSCy Schubert 253*e0c4386eSCy Schubert[7-renegotiate-aead-to-non-aead-client-extra] 254*e0c4386eSCy SchubertRenegotiateCiphers = AES128-SHA 255*e0c4386eSCy Schubert 256*e0c4386eSCy Schubert 257*e0c4386eSCy Schubert# =========================================================== 258*e0c4386eSCy Schubert 259*e0c4386eSCy Schubert[8-renegotiate-non-aead-to-aead] 260*e0c4386eSCy Schubertssl_conf = 8-renegotiate-non-aead-to-aead-ssl 261*e0c4386eSCy Schubert 262*e0c4386eSCy Schubert[8-renegotiate-non-aead-to-aead-ssl] 263*e0c4386eSCy Schubertserver = 8-renegotiate-non-aead-to-aead-server 264*e0c4386eSCy Schubertclient = 8-renegotiate-non-aead-to-aead-client 265*e0c4386eSCy Schubert 266*e0c4386eSCy Schubert[8-renegotiate-non-aead-to-aead-server] 267*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 268*e0c4386eSCy SchubertCipherString = DEFAULT 269*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 270*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 271*e0c4386eSCy Schubert 272*e0c4386eSCy Schubert[8-renegotiate-non-aead-to-aead-client] 273*e0c4386eSCy SchubertCipherString = AES128-SHA 274*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 275*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 276*e0c4386eSCy SchubertVerifyMode = Peer 277*e0c4386eSCy Schubert 278*e0c4386eSCy Schubert[test-8] 279*e0c4386eSCy SchubertExpectedResult = Success 280*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 281*e0c4386eSCy SchubertMethod = TLS 282*e0c4386eSCy SchubertResumptionExpected = No 283*e0c4386eSCy Schubertclient = 8-renegotiate-non-aead-to-aead-client-extra 284*e0c4386eSCy Schubert 285*e0c4386eSCy Schubert[8-renegotiate-non-aead-to-aead-client-extra] 286*e0c4386eSCy SchubertRenegotiateCiphers = AES128-GCM-SHA256 287*e0c4386eSCy Schubert 288*e0c4386eSCy Schubert 289*e0c4386eSCy Schubert# =========================================================== 290*e0c4386eSCy Schubert 291*e0c4386eSCy Schubert[9-renegotiate-non-aead-to-non-aead] 292*e0c4386eSCy Schubertssl_conf = 9-renegotiate-non-aead-to-non-aead-ssl 293*e0c4386eSCy Schubert 294*e0c4386eSCy Schubert[9-renegotiate-non-aead-to-non-aead-ssl] 295*e0c4386eSCy Schubertserver = 9-renegotiate-non-aead-to-non-aead-server 296*e0c4386eSCy Schubertclient = 9-renegotiate-non-aead-to-non-aead-client 297*e0c4386eSCy Schubert 298*e0c4386eSCy Schubert[9-renegotiate-non-aead-to-non-aead-server] 299*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 300*e0c4386eSCy SchubertCipherString = DEFAULT 301*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 302*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 303*e0c4386eSCy Schubert 304*e0c4386eSCy Schubert[9-renegotiate-non-aead-to-non-aead-client] 305*e0c4386eSCy SchubertCipherString = AES128-SHA 306*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 307*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 308*e0c4386eSCy SchubertVerifyMode = Peer 309*e0c4386eSCy Schubert 310*e0c4386eSCy Schubert[test-9] 311*e0c4386eSCy SchubertExpectedResult = Success 312*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 313*e0c4386eSCy SchubertMethod = TLS 314*e0c4386eSCy SchubertResumptionExpected = No 315*e0c4386eSCy Schubertclient = 9-renegotiate-non-aead-to-non-aead-client-extra 316*e0c4386eSCy Schubert 317*e0c4386eSCy Schubert[9-renegotiate-non-aead-to-non-aead-client-extra] 318*e0c4386eSCy SchubertRenegotiateCiphers = AES256-SHA 319*e0c4386eSCy Schubert 320*e0c4386eSCy Schubert 321*e0c4386eSCy Schubert# =========================================================== 322*e0c4386eSCy Schubert 323*e0c4386eSCy Schubert[10-renegotiate-aead-to-aead] 324*e0c4386eSCy Schubertssl_conf = 10-renegotiate-aead-to-aead-ssl 325*e0c4386eSCy Schubert 326*e0c4386eSCy Schubert[10-renegotiate-aead-to-aead-ssl] 327*e0c4386eSCy Schubertserver = 10-renegotiate-aead-to-aead-server 328*e0c4386eSCy Schubertclient = 10-renegotiate-aead-to-aead-client 329*e0c4386eSCy Schubert 330*e0c4386eSCy Schubert[10-renegotiate-aead-to-aead-server] 331*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 332*e0c4386eSCy SchubertCipherString = DEFAULT 333*e0c4386eSCy SchubertOptions = NoResumptionOnRenegotiation 334*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 335*e0c4386eSCy Schubert 336*e0c4386eSCy Schubert[10-renegotiate-aead-to-aead-client] 337*e0c4386eSCy SchubertCipherString = AES128-GCM-SHA256 338*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 339*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 340*e0c4386eSCy SchubertVerifyMode = Peer 341*e0c4386eSCy Schubert 342*e0c4386eSCy Schubert[test-10] 343*e0c4386eSCy SchubertExpectedResult = Success 344*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 345*e0c4386eSCy SchubertMethod = TLS 346*e0c4386eSCy SchubertResumptionExpected = No 347*e0c4386eSCy Schubertclient = 10-renegotiate-aead-to-aead-client-extra 348*e0c4386eSCy Schubert 349*e0c4386eSCy Schubert[10-renegotiate-aead-to-aead-client-extra] 350*e0c4386eSCy SchubertRenegotiateCiphers = AES256-GCM-SHA384 351*e0c4386eSCy Schubert 352*e0c4386eSCy Schubert 353*e0c4386eSCy Schubert# =========================================================== 354*e0c4386eSCy Schubert 355*e0c4386eSCy Schubert[11-no-renegotiation-server-by-client] 356*e0c4386eSCy Schubertssl_conf = 11-no-renegotiation-server-by-client-ssl 357*e0c4386eSCy Schubert 358*e0c4386eSCy Schubert[11-no-renegotiation-server-by-client-ssl] 359*e0c4386eSCy Schubertserver = 11-no-renegotiation-server-by-client-server 360*e0c4386eSCy Schubertclient = 11-no-renegotiation-server-by-client-client 361*e0c4386eSCy Schubert 362*e0c4386eSCy Schubert[11-no-renegotiation-server-by-client-server] 363*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 364*e0c4386eSCy SchubertCipherString = DEFAULT 365*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 366*e0c4386eSCy SchubertOptions = NoRenegotiation 367*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 368*e0c4386eSCy Schubert 369*e0c4386eSCy Schubert[11-no-renegotiation-server-by-client-client] 370*e0c4386eSCy SchubertCipherString = DEFAULT 371*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 372*e0c4386eSCy SchubertVerifyMode = Peer 373*e0c4386eSCy Schubert 374*e0c4386eSCy Schubert[test-11] 375*e0c4386eSCy SchubertExpectedResult = ClientFail 376*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 377*e0c4386eSCy SchubertMethod = TLS 378*e0c4386eSCy SchubertResumptionExpected = No 379*e0c4386eSCy Schubert 380*e0c4386eSCy Schubert 381*e0c4386eSCy Schubert# =========================================================== 382*e0c4386eSCy Schubert 383*e0c4386eSCy Schubert[12-no-renegotiation-server-by-server] 384*e0c4386eSCy Schubertssl_conf = 12-no-renegotiation-server-by-server-ssl 385*e0c4386eSCy Schubert 386*e0c4386eSCy Schubert[12-no-renegotiation-server-by-server-ssl] 387*e0c4386eSCy Schubertserver = 12-no-renegotiation-server-by-server-server 388*e0c4386eSCy Schubertclient = 12-no-renegotiation-server-by-server-client 389*e0c4386eSCy Schubert 390*e0c4386eSCy Schubert[12-no-renegotiation-server-by-server-server] 391*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 392*e0c4386eSCy SchubertCipherString = DEFAULT 393*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 394*e0c4386eSCy SchubertOptions = NoRenegotiation 395*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 396*e0c4386eSCy Schubert 397*e0c4386eSCy Schubert[12-no-renegotiation-server-by-server-client] 398*e0c4386eSCy SchubertCipherString = DEFAULT 399*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 400*e0c4386eSCy SchubertVerifyMode = Peer 401*e0c4386eSCy Schubert 402*e0c4386eSCy Schubert[test-12] 403*e0c4386eSCy SchubertExpectedResult = ServerFail 404*e0c4386eSCy SchubertHandshakeMode = RenegotiateServer 405*e0c4386eSCy SchubertMethod = TLS 406*e0c4386eSCy SchubertResumptionExpected = No 407*e0c4386eSCy Schubert 408*e0c4386eSCy Schubert 409*e0c4386eSCy Schubert# =========================================================== 410*e0c4386eSCy Schubert 411*e0c4386eSCy Schubert[13-no-renegotiation-client-by-server] 412*e0c4386eSCy Schubertssl_conf = 13-no-renegotiation-client-by-server-ssl 413*e0c4386eSCy Schubert 414*e0c4386eSCy Schubert[13-no-renegotiation-client-by-server-ssl] 415*e0c4386eSCy Schubertserver = 13-no-renegotiation-client-by-server-server 416*e0c4386eSCy Schubertclient = 13-no-renegotiation-client-by-server-client 417*e0c4386eSCy Schubert 418*e0c4386eSCy Schubert[13-no-renegotiation-client-by-server-server] 419*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 420*e0c4386eSCy SchubertCipherString = DEFAULT 421*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 422*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 423*e0c4386eSCy Schubert 424*e0c4386eSCy Schubert[13-no-renegotiation-client-by-server-client] 425*e0c4386eSCy SchubertCipherString = DEFAULT 426*e0c4386eSCy SchubertOptions = NoRenegotiation 427*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 428*e0c4386eSCy SchubertVerifyMode = Peer 429*e0c4386eSCy Schubert 430*e0c4386eSCy Schubert[test-13] 431*e0c4386eSCy SchubertExpectedResult = ServerFail 432*e0c4386eSCy SchubertHandshakeMode = RenegotiateServer 433*e0c4386eSCy SchubertMethod = TLS 434*e0c4386eSCy SchubertResumptionExpected = No 435*e0c4386eSCy Schubert 436*e0c4386eSCy Schubert 437*e0c4386eSCy Schubert# =========================================================== 438*e0c4386eSCy Schubert 439*e0c4386eSCy Schubert[14-no-renegotiation-client-by-client] 440*e0c4386eSCy Schubertssl_conf = 14-no-renegotiation-client-by-client-ssl 441*e0c4386eSCy Schubert 442*e0c4386eSCy Schubert[14-no-renegotiation-client-by-client-ssl] 443*e0c4386eSCy Schubertserver = 14-no-renegotiation-client-by-client-server 444*e0c4386eSCy Schubertclient = 14-no-renegotiation-client-by-client-client 445*e0c4386eSCy Schubert 446*e0c4386eSCy Schubert[14-no-renegotiation-client-by-client-server] 447*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 448*e0c4386eSCy SchubertCipherString = DEFAULT 449*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 450*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 451*e0c4386eSCy Schubert 452*e0c4386eSCy Schubert[14-no-renegotiation-client-by-client-client] 453*e0c4386eSCy SchubertCipherString = DEFAULT 454*e0c4386eSCy SchubertOptions = NoRenegotiation 455*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 456*e0c4386eSCy SchubertVerifyMode = Peer 457*e0c4386eSCy Schubert 458*e0c4386eSCy Schubert[test-14] 459*e0c4386eSCy SchubertExpectedResult = ClientFail 460*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 461*e0c4386eSCy SchubertMethod = TLS 462*e0c4386eSCy SchubertResumptionExpected = No 463*e0c4386eSCy Schubert 464*e0c4386eSCy Schubert 465*e0c4386eSCy Schubert# =========================================================== 466*e0c4386eSCy Schubert 467*e0c4386eSCy Schubert[15-no-extms-on-renegotiation] 468*e0c4386eSCy Schubertssl_conf = 15-no-extms-on-renegotiation-ssl 469*e0c4386eSCy Schubert 470*e0c4386eSCy Schubert[15-no-extms-on-renegotiation-ssl] 471*e0c4386eSCy Schubertserver = 15-no-extms-on-renegotiation-server 472*e0c4386eSCy Schubertclient = 15-no-extms-on-renegotiation-client 473*e0c4386eSCy Schubert 474*e0c4386eSCy Schubert[15-no-extms-on-renegotiation-server] 475*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 476*e0c4386eSCy SchubertCipherString = DEFAULT 477*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 478*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 479*e0c4386eSCy Schubert 480*e0c4386eSCy Schubert[15-no-extms-on-renegotiation-client] 481*e0c4386eSCy SchubertCipherString = DEFAULT 482*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 483*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 484*e0c4386eSCy SchubertVerifyMode = Peer 485*e0c4386eSCy Schubert 486*e0c4386eSCy Schubert[test-15] 487*e0c4386eSCy SchubertExpectedResult = ServerFail 488*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 489*e0c4386eSCy SchubertMethod = TLS 490*e0c4386eSCy SchubertResumptionExpected = No 491*e0c4386eSCy Schubertclient = 15-no-extms-on-renegotiation-client-extra 492*e0c4386eSCy Schubert 493*e0c4386eSCy Schubert[15-no-extms-on-renegotiation-client-extra] 494*e0c4386eSCy SchubertRenegotiateNoExtms = Yes 495*e0c4386eSCy Schubert 496*e0c4386eSCy Schubert 497*e0c4386eSCy Schubert# =========================================================== 498*e0c4386eSCy Schubert 499*e0c4386eSCy Schubert[16-allow-client-renegotiation] 500*e0c4386eSCy Schubertssl_conf = 16-allow-client-renegotiation-ssl 501*e0c4386eSCy Schubert 502*e0c4386eSCy Schubert[16-allow-client-renegotiation-ssl] 503*e0c4386eSCy Schubertserver = 16-allow-client-renegotiation-server 504*e0c4386eSCy Schubertclient = 16-allow-client-renegotiation-client 505*e0c4386eSCy Schubert 506*e0c4386eSCy Schubert[16-allow-client-renegotiation-server] 507*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 508*e0c4386eSCy SchubertCipherString = DEFAULT 509*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 510*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 511*e0c4386eSCy Schubert 512*e0c4386eSCy Schubert[16-allow-client-renegotiation-client] 513*e0c4386eSCy SchubertCipherString = DEFAULT 514*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 515*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 516*e0c4386eSCy SchubertVerifyMode = Peer 517*e0c4386eSCy Schubert 518*e0c4386eSCy Schubert[test-16] 519*e0c4386eSCy SchubertExpectedResult = Success 520*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 521*e0c4386eSCy SchubertMethod = TLS 522*e0c4386eSCy SchubertResumptionExpected = Yes 523*e0c4386eSCy Schubert 524*e0c4386eSCy Schubert 525*e0c4386eSCy Schubert# =========================================================== 526*e0c4386eSCy Schubert 527*e0c4386eSCy Schubert[17-no-client-renegotiation] 528*e0c4386eSCy Schubertssl_conf = 17-no-client-renegotiation-ssl 529*e0c4386eSCy Schubert 530*e0c4386eSCy Schubert[17-no-client-renegotiation-ssl] 531*e0c4386eSCy Schubertserver = 17-no-client-renegotiation-server 532*e0c4386eSCy Schubertclient = 17-no-client-renegotiation-client 533*e0c4386eSCy Schubert 534*e0c4386eSCy Schubert[17-no-client-renegotiation-server] 535*e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 536*e0c4386eSCy SchubertCipherString = DEFAULT 537*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 538*e0c4386eSCy SchubertOptions = -ClientRenegotiation 539*e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 540*e0c4386eSCy Schubert 541*e0c4386eSCy Schubert[17-no-client-renegotiation-client] 542*e0c4386eSCy SchubertCipherString = DEFAULT 543*e0c4386eSCy SchubertMaxProtocol = TLSv1.2 544*e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 545*e0c4386eSCy SchubertVerifyMode = Peer 546*e0c4386eSCy Schubert 547*e0c4386eSCy Schubert[test-17] 548*e0c4386eSCy SchubertExpectedResult = ClientFail 549*e0c4386eSCy SchubertExpectedServerAlert = NoRenegotiation 550*e0c4386eSCy SchubertHandshakeMode = RenegotiateClient 551*e0c4386eSCy SchubertMethod = TLS 552*e0c4386eSCy SchubertResumptionExpected = No 553*e0c4386eSCy Schubert 554*e0c4386eSCy Schubert 555