diff options
| author | Matt Caswell <matt@openssl.org> | 2016-09-27 11:50:43 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-09-28 09:15:07 +0100 |
| commit | fe7dd5534176d1b04be046fcbaad24430c8727e0 (patch) | |
| tree | a52e1f28548a6a15db746046d61b1a4d1fe900ef /test/ssl-tests | |
| parent | 1329b952a675c3c445b73b34bf9f09483fbc759c (diff) | |
Extend the renegotiation tests
Add the ability to test both server initiated and client initiated reneg.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/ssl-tests')
| -rw-r--r-- | test/ssl-tests/17-renegotiate.conf | 104 | ||||
| -rw-r--r-- | test/ssl-tests/17-renegotiate.conf.in | 42 |
2 files changed, 134 insertions, 12 deletions
diff --git a/test/ssl-tests/17-renegotiate.conf b/test/ssl-tests/17-renegotiate.conf index 5ef4b0ac77..c47a9567dd 100644 --- a/test/ssl-tests/17-renegotiate.conf +++ b/test/ssl-tests/17-renegotiate.conf @@ -1,30 +1,114 @@ # Generated with generate_ssl_tests.pl -num_tests = 1 +num_tests = 4 -test-0 = 0-renegotiate +test-0 = 0-renegotiate-client-no-resume +test-1 = 1-renegotiate-client-resume +test-2 = 2-renegotiate-server-no-resume +test-3 = 3-renegotiate-server-resume # =========================================================== -[0-renegotiate] -ssl_conf = 0-renegotiate-ssl +[0-renegotiate-client-no-resume] +ssl_conf = 0-renegotiate-client-no-resume-ssl -[0-renegotiate-ssl] -server = 0-renegotiate-server -client = 0-renegotiate-client +[0-renegotiate-client-no-resume-ssl] +server = 0-renegotiate-client-no-resume-server +client = 0-renegotiate-client-no-resume-client -[0-renegotiate-server] +[0-renegotiate-client-no-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[0-renegotiate-client] +[0-renegotiate-client-no-resume-client] CipherString = DEFAULT VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-0] ExpectedResult = Success -HandshakeMode = Renegotiate +HandshakeMode = RenegotiateClient Method = TLS +ResumptionExpected = No + + +# =========================================================== + +[1-renegotiate-client-resume] +ssl_conf = 1-renegotiate-client-resume-ssl + +[1-renegotiate-client-resume-ssl] +server = 1-renegotiate-client-resume-server +client = 1-renegotiate-client-resume-client + +[1-renegotiate-client-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-renegotiate-client-resume-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success +HandshakeMode = RenegotiateClient +Method = TLS +ResumptionExpected = Yes + + +# =========================================================== + +[2-renegotiate-server-no-resume] +ssl_conf = 2-renegotiate-server-no-resume-ssl + +[2-renegotiate-server-no-resume-ssl] +server = 2-renegotiate-server-no-resume-server +client = 2-renegotiate-server-no-resume-client + +[2-renegotiate-server-no-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = NoResumptionOnRenegotiation +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-renegotiate-server-no-resume-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = Success +HandshakeMode = RenegotiateServer +Method = TLS +ResumptionExpected = No + + +# =========================================================== + +[3-renegotiate-server-resume] +ssl_conf = 3-renegotiate-server-resume-ssl + +[3-renegotiate-server-resume-ssl] +server = 3-renegotiate-server-resume-server +client = 3-renegotiate-server-resume-client + +[3-renegotiate-server-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-renegotiate-server-resume-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success +HandshakeMode = RenegotiateServer +Method = TLS +ResumptionExpected = Yes diff --git a/test/ssl-tests/17-renegotiate.conf.in b/test/ssl-tests/17-renegotiate.conf.in index 6cecd7ed21..a081617724 100644 --- a/test/ssl-tests/17-renegotiate.conf.in +++ b/test/ssl-tests/17-renegotiate.conf.in @@ -17,12 +17,50 @@ package ssltests; our @tests = ( { - name => "renegotiate", + name => "renegotiate-client-no-resume", + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => {}, + test => { + "Method" => "TLS", + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "renegotiate-client-resume", + server => {}, + client => {}, + test => { + "Method" => "TLS", + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "Yes", + "ExpectedResult" => "Success" + } + }, + { + name => "renegotiate-server-no-resume", + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => {}, + test => { + "Method" => "TLS", + "HandshakeMode" => "RenegotiateServer", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "renegotiate-server-resume", server => {}, client => {}, test => { "Method" => "TLS", - "HandshakeMode" => "Renegotiate", + "HandshakeMode" => "RenegotiateServer", + "ResumptionExpected" => "Yes", "ExpectedResult" => "Success" } }, |