]>
Commit | Line | Data |
---|---|---|
5c753de6 | 1 | # -*- mode: perl; -*- |
33388b44 | 2 | # Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. |
5c753de6 | 3 | # |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
5c753de6 TS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
9 | ||
9362c93e | 10 | ## Test SNI/Session tickets |
5c753de6 TS |
11 | |
12 | use strict; | |
13 | use warnings; | |
14 | ||
15 | package ssltests; | |
16 | ||
17 | ||
18 | our @tests = (); | |
19 | ||
9362c93e MC |
20 | #Note: MaxProtocol is set to TLSv1.2 as session tickets work differently in |
21 | #TLSv1.3. | |
5c753de6 TS |
22 | sub generate_tests() { |
23 | foreach my $c ("SessionTicket", "-SessionTicket") { | |
9362c93e MC |
24 | foreach my $s1 ("SessionTicket", "-SessionTicket") { |
25 | foreach my $s2 ("SessionTicket", "-SessionTicket") { | |
26 | foreach my $n ("server1", "server2") { | |
a84e5c9a TS |
27 | my $ticket_result = expected_result($c, $s1, $s2, $n); |
28 | my $session_id_result = "Yes"; # always, even with a ticket | |
5c753de6 TS |
29 | push @tests, { |
30 | "name" => "sni-session-ticket", | |
31 | "client" => { | |
32 | "Options" => $c, | |
9f48bbac EK |
33 | "extra" => { |
34 | "ServerName" => $n, | |
35 | }, | |
9362c93e | 36 | "MaxProtocol" => "TLSv1.2" |
5c753de6 TS |
37 | }, |
38 | "server" => { | |
39 | "Options" => $s1, | |
9f48bbac EK |
40 | "extra" => { |
41 | # We don't test mismatch here. | |
42 | "ServerNameCallback" => "IgnoreMismatch", | |
43 | }, | |
5c753de6 | 44 | }, |
9362c93e MC |
45 | "server2" => { |
46 | "Options" => $s2, | |
47 | }, | |
5c753de6 | 48 | "test" => { |
d2b23cd2 | 49 | "ExpectedServerName" => $n, |
5c753de6 | 50 | "ExpectedResult" => "Success", |
a84e5c9a TS |
51 | "SessionIdExpected" => $session_id_result, |
52 | "SessionTicketExpected" => $ticket_result, | |
5c753de6 TS |
53 | } |
54 | }; | |
55 | } | |
56 | } | |
57 | } | |
58 | } | |
59 | } | |
60 | ||
61 | # If the client has session tickets disabled, then No support | |
62 | # If the server initial_ctx has session tickets disabled, then No support | |
63 | # If SNI is in use, then if the "switched-to" context has session tickets disabled, | |
64 | # then No support | |
65 | sub expected_result { | |
66 | my ($c, $s1, $s2, $n) = @_; | |
67 | ||
68 | return "No" if $c eq "-SessionTicket"; | |
69 | return "No" if $s1 eq "-SessionTicket"; | |
70 | return "No" if ($s2 eq "-SessionTicket" && $n eq "server2"); | |
71 | ||
72 | return "Yes"; | |
73 | ||
74 | } | |
75 | ||
76 | # Add a "Broken" case. | |
77 | push @tests, { | |
78 | "name" => "sni-session-ticket", | |
79 | "client" => { | |
9362c93e MC |
80 | "MaxProtocol" => "TLSv1.2", |
81 | "Options" => "SessionTicket", | |
9f48bbac EK |
82 | "extra" => { |
83 | "ServerName" => "server1", | |
84 | } | |
5c753de6 TS |
85 | }, |
86 | "server" => { | |
9362c93e | 87 | "Options" => "SessionTicket", |
9f48bbac EK |
88 | "extra" => { |
89 | "BrokenSessionTicket" => "Yes", | |
90 | }, | |
5c753de6 TS |
91 | }, |
92 | "server2" => { | |
9362c93e | 93 | "Options" => "SessionTicket", |
5c753de6 TS |
94 | }, |
95 | "test" => { | |
9362c93e MC |
96 | "ExpectedResult" => "Success", |
97 | "SessionTicketExpected" => "No", | |
5c753de6 TS |
98 | } |
99 | }; | |
100 | ||
101 | generate_tests(); |