SSL tests: port CT tests, add a few more

This commit only ports existing tests, and adds some coverage for
resumption. We don't appear to have any handshake tests that cover SCT
validation success, and this commit doesn't change that.

Reviewed-by: Rich Salz <rsalz@openssl.org>

1 files changed, 10 insertions, 0 deletions

diff --git a/test/ssl_test_ctx_test.c b/test/ssl_test_ctx_test.c
index b7f888a418..479bda4d58 100644
--- a/test/ssl_test_ctx_test.c
+++ b/test/ssl_test_ctx_test.c
@@ -54,6 +54,12 @@ static int SSL_TEST_CLIENT_CONF_equal(SSL_TEST_CLIENT_CONF *client,
     if (!strings_equal("Client ALPNProtocols", client->alpn_protocols,
                        client2->alpn_protocols))
         return 0;
+    if (client->ct_validation != client2->ct_validation) {
+        fprintf(stderr, "CTValidation mismatch: %s vs %s.\n",
+                ssl_ct_validation_name(client->ct_validation),
+                ssl_ct_validation_name(client2->ct_validation));
+        return 0;
+    }
     return 1;
 }
 
@@ -259,6 +265,9 @@ static int test_good_configuration()
     OPENSSL_assert(
         fixture.expected_ctx->resume_extra.server2.alpn_protocols != NULL);
 
+    fixture.expected_ctx->resume_extra.client.ct_validation =
+        SSL_TEST_CT_VALIDATION_STRICT;
+
     EXECUTE_SSL_TEST_CTX_TEST();
 }
 
@@ -275,6 +284,7 @@ static const char *bad_configurations[] = {
     "ssltest_unknown_method",
     "ssltest_unknown_handshake_mode",
     "ssltest_unknown_resumption_expected",
+    "ssltest_unknown_ct_validation",
 };
 
 static int test_bad_configuration(int idx)