]>
Commit | Line | Data |
---|---|---|
a263f320 | 1 | # -*- mode: perl; -*- |
44c8a5e2 RS |
2 | # Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | # | |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
44c8a5e2 RS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
a263f320 EK |
9 | |
10 | ## SSL test configurations | |
11 | ||
12 | package ssltests; | |
13 | ||
14 | our @tests = ( | |
15 | ||
16 | # Sanity-check that verification indeed succeeds without the | |
17 | # restrictive callback. | |
18 | { | |
19 | name => "verify-success", | |
20 | server => { }, | |
21 | client => { }, | |
22 | test => { "ExpectedResult" => "Success" }, | |
23 | }, | |
24 | ||
25 | # Same test as above but with a custom callback that always fails. | |
26 | { | |
27 | name => "verify-custom-reject", | |
28 | server => { }, | |
9f48bbac EK |
29 | client => { |
30 | extra => { | |
31 | "VerifyCallback" => "RejectAll", | |
32 | }, | |
33 | }, | |
a263f320 | 34 | test => { |
a263f320 | 35 | "ExpectedResult" => "ClientFail", |
9f48bbac | 36 | "ExpectedClientAlert" => "HandshakeFailure", |
a263f320 EK |
37 | }, |
38 | }, | |
39 | ||
40 | # Same test as above but with a custom callback that always succeeds. | |
41 | { | |
42 | name => "verify-custom-allow", | |
43 | server => { }, | |
9f48bbac EK |
44 | client => { |
45 | extra => { | |
46 | "VerifyCallback" => "AcceptAll", | |
47 | }, | |
48 | }, | |
a263f320 | 49 | test => { |
a263f320 EK |
50 | "ExpectedResult" => "Success", |
51 | }, | |
52 | }, | |
53 | ||
54 | # Sanity-check that verification indeed succeeds if peer verification | |
55 | # is not requested. | |
56 | { | |
57 | name => "noverify-success", | |
58 | server => { }, | |
59 | client => { | |
60 | "VerifyMode" => undef, | |
61 | "VerifyCAFile" => undef, | |
62 | }, | |
63 | test => { "ExpectedResult" => "Success" }, | |
64 | }, | |
65 | ||
66 | # Same test as above but with a custom callback that always fails. | |
67 | # The callback return has no impact on handshake success in this mode. | |
68 | { | |
69 | name => "noverify-ignore-custom-reject", | |
70 | server => { }, | |
71 | client => { | |
72 | "VerifyMode" => undef, | |
73 | "VerifyCAFile" => undef, | |
9f48bbac EK |
74 | extra => { |
75 | "VerifyCallback" => "RejectAll", | |
76 | }, | |
a263f320 EK |
77 | }, |
78 | test => { | |
a263f320 EK |
79 | "ExpectedResult" => "Success", |
80 | }, | |
81 | }, | |
82 | ||
83 | # Same test as above but with a custom callback that always succeeds. | |
84 | # The callback return has no impact on handshake success in this mode. | |
85 | { | |
86 | name => "noverify-accept-custom-allow", | |
87 | server => { }, | |
88 | client => { | |
89 | "VerifyMode" => undef, | |
90 | "VerifyCAFile" => undef, | |
9f48bbac EK |
91 | extra => { |
92 | "VerifyCallback" => "AcceptAll", | |
93 | }, | |
a263f320 EK |
94 | }, |
95 | test => { | |
a263f320 EK |
96 | "ExpectedResult" => "Success", |
97 | }, | |
98 | }, | |
99 | ||
100 | # Sanity-check that verification indeed fails without the | |
101 | # permissive callback. | |
102 | { | |
103 | name => "verify-fail-no-root", | |
104 | server => { }, | |
105 | client => { | |
106 | # Don't set up the client root file. | |
107 | "VerifyCAFile" => undef, | |
108 | }, | |
109 | test => { | |
110 | "ExpectedResult" => "ClientFail", | |
9f48bbac | 111 | "ExpectedClientAlert" => "UnknownCA", |
a263f320 EK |
112 | }, |
113 | }, | |
114 | ||
115 | # Same test as above but with a custom callback that always succeeds. | |
116 | { | |
117 | name => "verify-custom-success-no-root", | |
118 | server => { }, | |
119 | client => { | |
120 | "VerifyCAFile" => undef, | |
9f48bbac EK |
121 | extra => { |
122 | "VerifyCallback" => "AcceptAll", | |
123 | }, | |
a263f320 EK |
124 | }, |
125 | test => { | |
a263f320 EK |
126 | "ExpectedResult" => "Success" |
127 | }, | |
128 | }, | |
129 | ||
130 | # Same test as above but with a custom callback that always fails. | |
131 | { | |
132 | name => "verify-custom-fail-no-root", | |
133 | server => { }, | |
134 | client => { | |
135 | "VerifyCAFile" => undef, | |
9f48bbac EK |
136 | extra => { |
137 | "VerifyCallback" => "RejectAll", | |
138 | }, | |
a263f320 EK |
139 | }, |
140 | test => { | |
a263f320 | 141 | "ExpectedResult" => "ClientFail", |
9f48bbac | 142 | "ExpectedClientAlert" => "HandshakeFailure", |
a263f320 EK |
143 | }, |
144 | }, | |
a263f320 | 145 | ); |