diff options
author | Benjamin Kaduk <bkaduk@akamai.com> | 2017-01-31 16:06:30 -0600 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2017-02-23 19:40:26 +0100 |
commit | 80de0c5947cf29ef04227714f3cae5c615012449 (patch) | |
tree | 8753246d8ee071bb924e7972631f058f785ba8f9 /test/ssl-tests/05-sni.conf.in | |
parent | 6b1bb98fad044a6f6b1aec9daee95d6cb450210e (diff) | |
download | openssl-80de0c5947cf29ef04227714f3cae5c615012449.tar.gz |
Tests for SSL early callback
Plumb things through in the same place as the SNI callback, since
we recommend that the early callback replace (and supplement) the
SNI callback, and add a few test cases.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2279)
Diffstat (limited to 'test/ssl-tests/05-sni.conf.in')
-rw-r--r-- | test/ssl-tests/05-sni.conf.in | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/test/ssl-tests/05-sni.conf.in b/test/ssl-tests/05-sni.conf.in index 76003e7623..63b295dac8 100644 --- a/test/ssl-tests/05-sni.conf.in +++ b/test/ssl-tests/05-sni.conf.in @@ -13,6 +13,7 @@ use strict; use warnings; package ssltests; +use OpenSSL::Test::Utils; our @tests = ( { @@ -109,4 +110,60 @@ our @tests = ( "ExpectedServerAlert" => "UnrecognizedName" }, }, + { + name => "SNI-bad-early-sni-ignore-mismatch", + server => { + extra => { + "ServerNameCallback" => "EarlyIgnoreMismatch", + }, + }, + client => { + extra => { + "ServerName" => "invalid", + }, + }, + test => { + "ExpectedServerName" => "server1", + "ExpectedResult" => "Success" + }, + }, + { + name => "SNI-bad-early-sni-reject-mismatch", + server => { + extra => { + "ServerNameCallback" => "EarlyRejectMismatch", + }, + }, + client => { + extra => { + "ServerName" => "invalid", + }, + }, + test => { + "ExpectedResult" => "ServerFail", + "ExpectedServerAlert" => "UnrecognizedName" + }, + }, ); + +our @tests_tls_1_1 = ( + { + name => "SNI-early-disable-v12", + server => { + extra => { + "ServerNameCallback" => "EarlyNoV12", + }, + }, + client => { + extra => { + "ServerName" => "server2", + }, + }, + test => { + "ExpectedProtocol" => "TLSv1.1", + "ExpectedServerName" => "server2", + }, + }, +); + +push @tests, @tests_tls_1_1 unless disabled("tls1_1"); |