diff options
author | Matt Caswell <matt@openssl.org> | 2017-04-26 11:28:20 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-05-04 11:49:19 +0100 |
commit | ae4765396f19f5aa8aeb6565707e8e5ada4f3e6d (patch) | |
tree | d61902144339171ef7476c7e23ac9f1de7dbe37c /test/ssl-tests/23-srp.conf.in | |
parent | 5d62fd7cb2d7e1abc8c9a09cbc05744a7d346775 (diff) |
Add a ciphersuite config sanity check for servers
Ensure that there are ciphersuites enabled for the maximum supported
version we will accept in a ClientHello.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3334)
Diffstat (limited to 'test/ssl-tests/23-srp.conf.in')
-rw-r--r-- | test/ssl-tests/23-srp.conf.in | 154 |
1 files changed, 79 insertions, 75 deletions
diff --git a/test/ssl-tests/23-srp.conf.in b/test/ssl-tests/23-srp.conf.in index b7601fc3e5..dcbd9f4ff9 100644 --- a/test/ssl-tests/23-srp.conf.in +++ b/test/ssl-tests/23-srp.conf.in @@ -15,89 +15,93 @@ package ssltests; our @tests = ( { - name => "srp", - server => { - "CipherString" => "SRP", - extra => { - "SRPUser" => "user", - "SRPPassword" => "password", - }, + name => "srp", + server => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + test => { + "ExpectedResult" => "Success" }, - client => { - "CipherString" => "SRP", - "MaxProtocol" => "TLSv1.2", - extra => { - "SRPUser" => "user", - "SRPPassword" => "password", - }, - }, - test => { - "ExpectedResult" => "Success" - }, }, { - name => "srp-bad-password", - server => { - "CipherString" => "SRP", - extra => { - "SRPUser" => "user", - "SRPPassword" => "password", - }, + name => "srp-bad-password", + server => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "passw0rd", + }, + }, + test => { + # Server fails first with bad client Finished. + "ExpectedResult" => "ServerFail" }, - client => { - "CipherString" => "SRP", - "MaxProtocol" => "TLSv1.2", - extra => { - "SRPUser" => "user", - "SRPPassword" => "passw0rd", - }, - }, - test => { - # Server fails first with bad client Finished. - "ExpectedResult" => "ServerFail" - }, }, { - name => "srp-auth", - server => { - "CipherString" => "aSRP", - extra => { - "SRPUser" => "user", - "SRPPassword" => "password", - }, + name => "srp-auth", + server => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + test => { + "ExpectedResult" => "Success" }, - client => { - "CipherString" => "aSRP", - "MaxProtocol" => "TLSv1.2", - extra => { - "SRPUser" => "user", - "SRPPassword" => "password", - }, - }, - test => { - "ExpectedResult" => "Success" - }, }, { - name => "srp-auth-bad-password", - server => { - "CipherString" => "aSRP", - extra => { - "SRPUser" => "user", - "SRPPassword" => "password", - }, + name => "srp-auth-bad-password", + server => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "passw0rd", + }, + }, + test => { + # Server fails first with bad client Finished. + "ExpectedResult" => "ServerFail" }, - client => { - "CipherString" => "aSRP", - "MaxProtocol" => "TLSv1.2", - extra => { - "SRPUser" => "user", - "SRPPassword" => "passw0rd", - }, - }, - test => { - # Server fails first with bad client Finished. - "ExpectedResult" => "ServerFail" - }, }, -);
\ No newline at end of file +); |