Tests for SSL early callback

Plumb things through in the same place as the SNI callback, since we recommend that the early callback replace (and supplement) the SNI callback, and add a few test cases. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2279)
author: Benjamin Kaduk <bkaduk@akamai.com> 2017-01-31 16:06:30 -0600
committer: Richard Levitte <levitte@openssl.org> 2017-02-23 19:40:26 +0100
commit: 80de0c5947cf29ef04227714f3cae5c615012449 (patch)
tree: 8753246d8ee071bb924e7972631f058f785ba8f9 /test/ssl-tests/05-sni.conf.in
parent: 6b1bb98fad044a6f6b1aec9daee95d6cb450210e (diff)
download: openssl-80de0c5947cf29ef04227714f3cae5c615012449.tar.gz
1 files changed, 57 insertions, 0 deletions
diff --git a/test/ssl-tests/05-sni.conf.in b/test/ssl-tests/05-sni.conf.in
index 76003e7623..63b295dac8 100644
--- a/test/ssl-tests/05-sni.conf.in
+++ b/test/ssl-tests/05-sni.conf.in
@@ -13,6 +13,7 @@ use strict;
 use warnings;
 
 package ssltests;
+use OpenSSL::Test::Utils;
 
 our @tests = (
     {
@@ -109,4 +110,60 @@ our @tests = (
             "ExpectedServerAlert" => "UnrecognizedName"
         },
     },
+    {
+        name => "SNI-bad-early-sni-ignore-mismatch",
+        server => {
+            extra => {
+                "ServerNameCallback" => "EarlyIgnoreMismatch",
+            },
+        },
+        client => {
+            extra => {
+                "ServerName" => "invalid",
+            },
+        },
+        test   => {
+            "ExpectedServerName" => "server1",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "SNI-bad-early-sni-reject-mismatch",
+        server => {
+            extra => {
+                "ServerNameCallback" => "EarlyRejectMismatch",
+            },
+        },
+        client => {
+            extra => {
+                "ServerName" => "invalid",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "ServerFail",
+            "ExpectedServerAlert" => "UnrecognizedName"
+        },
+    },
 );
+
+our @tests_tls_1_1 = (
+    {
+        name => "SNI-early-disable-v12",
+        server => {
+            extra => {
+                "ServerNameCallback" => "EarlyNoV12",
+            },
+        },
+        client => {
+            extra => {
+                "ServerName" => "server2",
+            },
+        },
+        test   => {
+            "ExpectedProtocol" => "TLSv1.1",
+            "ExpectedServerName" => "server2",
+        },
+    },
+);
+
+push @tests, @tests_tls_1_1 unless disabled("tls1_1");
author	Benjamin Kaduk <bkaduk@akamai.com>	2017-01-31 16:06:30 -0600
committer	Richard Levitte <levitte@openssl.org>	2017-02-23 19:40:26 +0100
commit	80de0c5947cf29ef04227714f3cae5c615012449 (patch)
tree	8753246d8ee071bb924e7972631f058f785ba8f9 /test/ssl-tests/05-sni.conf.in
parent	6b1bb98fad044a6f6b1aec9daee95d6cb450210e (diff)
download	openssl-80de0c5947cf29ef04227714f3cae5c615012449.tar.gz