1# -*- mode: perl; -*- 2# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. 3# 4# Licensed under the OpenSSL license (the "License"). You may not use 5# this file except in compliance with the License. You can obtain a copy 6# in the file LICENSE in the source distribution or at 7# https://www.openssl.org/source/license.html 8 9 10## SSL test configurations 11 12use strict; 13use warnings; 14 15package ssltests; 16use OpenSSL::Test::Utils; 17 18our @tests = ( 19 { 20 name => "SNI-switch-context", 21 server => { 22 extra => { 23 "ServerNameCallback" => "IgnoreMismatch", 24 }, 25 }, 26 client => { 27 extra => { 28 "ServerName" => "server2", 29 }, 30 }, 31 test => { 32 "ExpectedServerName" => "server2", 33 "ExpectedResult" => "Success" 34 }, 35 }, 36 { 37 name => "SNI-keep-context", 38 server => { 39 extra => { 40 "ServerNameCallback" => "IgnoreMismatch", 41 }, 42 }, 43 client => { 44 extra => { 45 "ServerName" => "server1", 46 }, 47 }, 48 test => { 49 "ExpectedServerName" => "server1", 50 "ExpectedResult" => "Success" 51 }, 52 }, 53 { 54 name => "SNI-no-server-support", 55 server => { }, 56 client => { 57 extra => { 58 "ServerName" => "server1", 59 }, 60 }, 61 test => { "ExpectedResult" => "Success" }, 62 }, 63 { 64 name => "SNI-no-client-support", 65 server => { 66 extra => { 67 "ServerNameCallback" => "IgnoreMismatch", 68 }, 69 }, 70 client => { }, 71 test => { 72 # We expect that the callback is still called 73 # to let the application decide whether they tolerate 74 # missing SNI (as our test callback does). 75 "ExpectedServerName" => "server1", 76 "ExpectedResult" => "Success" 77 }, 78 }, 79 { 80 name => "SNI-bad-sni-ignore-mismatch", 81 server => { 82 extra => { 83 "ServerNameCallback" => "IgnoreMismatch", 84 }, 85 }, 86 client => { 87 extra => { 88 "ServerName" => "invalid", 89 }, 90 }, 91 test => { 92 "ExpectedServerName" => "server1", 93 "ExpectedResult" => "Success" 94 }, 95 }, 96 { 97 name => "SNI-bad-sni-reject-mismatch", 98 server => { 99 extra => { 100 "ServerNameCallback" => "RejectMismatch", 101 }, 102 }, 103 client => { 104 extra => { 105 "ServerName" => "invalid", 106 }, 107 }, 108 test => { 109 "ExpectedResult" => "ServerFail", 110 "ExpectedServerAlert" => "UnrecognizedName" 111 }, 112 }, 113 { 114 name => "SNI-bad-clienthello-sni-ignore-mismatch", 115 server => { 116 extra => { 117 "ServerNameCallback" => "ClientHelloIgnoreMismatch", 118 }, 119 }, 120 client => { 121 extra => { 122 "ServerName" => "invalid", 123 }, 124 }, 125 test => { 126 "ExpectedServerName" => "server1", 127 "ExpectedResult" => "Success" 128 }, 129 }, 130 { 131 name => "SNI-bad-clienthello-sni-reject-mismatch", 132 server => { 133 extra => { 134 "ServerNameCallback" => "ClientHelloRejectMismatch", 135 }, 136 }, 137 client => { 138 extra => { 139 "ServerName" => "invalid", 140 }, 141 }, 142 test => { 143 "ExpectedResult" => "ServerFail", 144 "ExpectedServerAlert" => "UnrecognizedName" 145 }, 146 }, 147); 148 149our @tests_tls_1_1 = ( 150 { 151 name => "SNI-clienthello-disable-v12", 152 server => { 153 extra => { 154 "ServerNameCallback" => "ClientHelloNoV12", 155 }, 156 }, 157 client => { 158 extra => { 159 "ServerName" => "server2", 160 }, 161 }, 162 test => { 163 "ExpectedProtocol" => "TLSv1.1", 164 "ExpectedServerName" => "server2", 165 }, 166 }, 167); 168 169push @tests, @tests_tls_1_1 unless disabled("tls1_1"); 170