summaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/ssl-tests/04-client_auth.conf90
-rw-r--r--test/ssl-tests/04-client_auth.conf.in32
2 files changed, 81 insertions, 41 deletions
diff --git a/test/ssl-tests/04-client_auth.conf b/test/ssl-tests/04-client_auth.conf
index 02cba53d5a..04bb2345b9 100644
--- a/test/ssl-tests/04-client_auth.conf
+++ b/test/ssl-tests/04-client_auth.conf
@@ -161,12 +161,14 @@ client = 5-server-auth-TLSv1-client
[5-server-auth-TLSv1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1
[5-server-auth-TLSv1-client]
CipherString = DEFAULT
-Protocol = TLSv1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -186,13 +188,15 @@ client = 6-client-auth-TLSv1-request-client
[6-client-auth-TLSv1-request-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1
VerifyMode = Request
[6-client-auth-TLSv1-request-client]
CipherString = DEFAULT
-Protocol = TLSv1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -212,14 +216,16 @@ client = 7-client-auth-TLSv1-require-fail-client
[7-client-auth-TLSv1-require-fail-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Require
[7-client-auth-TLSv1-require-fail-client]
CipherString = DEFAULT
-Protocol = TLSv1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -240,16 +246,18 @@ client = 8-client-auth-TLSv1-require-client
[8-client-auth-TLSv1-require-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Request
[8-client-auth-TLSv1-require-client]
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
-Protocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -269,15 +277,17 @@ client = 9-client-auth-TLSv1-noroot-client
[9-client-auth-TLSv1-noroot-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1
VerifyMode = Require
[9-client-auth-TLSv1-noroot-client]
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
-Protocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -298,12 +308,14 @@ client = 10-server-auth-TLSv1.1-client
[10-server-auth-TLSv1.1-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.1
[10-server-auth-TLSv1.1-client]
CipherString = DEFAULT
-Protocol = TLSv1.1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -323,13 +335,15 @@ client = 11-client-auth-TLSv1.1-request-client
[11-client-auth-TLSv1.1-request-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.1
VerifyMode = Request
[11-client-auth-TLSv1.1-request-client]
CipherString = DEFAULT
-Protocol = TLSv1.1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -349,14 +363,16 @@ client = 12-client-auth-TLSv1.1-require-fail-client
[12-client-auth-TLSv1.1-require-fail-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Require
[12-client-auth-TLSv1.1-require-fail-client]
CipherString = DEFAULT
-Protocol = TLSv1.1
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -377,16 +393,18 @@ client = 13-client-auth-TLSv1.1-require-client
[13-client-auth-TLSv1.1-require-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Request
[13-client-auth-TLSv1.1-require-client]
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
-Protocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -406,15 +424,17 @@ client = 14-client-auth-TLSv1.1-noroot-client
[14-client-auth-TLSv1.1-noroot-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.1
VerifyMode = Require
[14-client-auth-TLSv1.1-noroot-client]
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
-Protocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -435,12 +455,14 @@ client = 15-server-auth-TLSv1.2-client
[15-server-auth-TLSv1.2-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.2
[15-server-auth-TLSv1.2-client]
CipherString = DEFAULT
-Protocol = TLSv1.2
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -460,13 +482,15 @@ client = 16-client-auth-TLSv1.2-request-client
[16-client-auth-TLSv1.2-request-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.2
VerifyMode = Request
[16-client-auth-TLSv1.2-request-client]
CipherString = DEFAULT
-Protocol = TLSv1.2
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -486,14 +510,16 @@ client = 17-client-auth-TLSv1.2-require-fail-client
[17-client-auth-TLSv1.2-require-fail-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Require
[17-client-auth-TLSv1.2-require-fail-client]
CipherString = DEFAULT
-Protocol = TLSv1.2
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -514,16 +540,18 @@ client = 18-client-auth-TLSv1.2-require-client
[18-client-auth-TLSv1.2-require-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
VerifyMode = Request
[18-client-auth-TLSv1.2-require-client]
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
-Protocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -543,15 +571,17 @@ client = 19-client-auth-TLSv1.2-noroot-client
[19-client-auth-TLSv1.2-noroot-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-Protocol = TLSv1.2
VerifyMode = Require
[19-client-auth-TLSv1.2-noroot-client]
Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
-Protocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
diff --git a/test/ssl-tests/04-client_auth.conf.in b/test/ssl-tests/04-client_auth.conf.in
index 36d13df04d..e1044f9ebc 100644
--- a/test/ssl-tests/04-client_auth.conf.in
+++ b/test/ssl-tests/04-client_auth.conf.in
@@ -31,10 +31,12 @@ sub generate_tests() {
push @tests, {
name => "server-auth-${protocol_name}",
server => {
- "Protocol" => $protocol
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol
},
client => {
- "Protocol" => $protocol
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol
},
test => { "ExpectedResult" => "Success" },
};
@@ -43,11 +45,13 @@ sub generate_tests() {
push @tests, {
name => "client-auth-${protocol_name}-request",
server => {
- "Protocol" => $protocol,
- "VerifyMode" => "Request",
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol,
+ "VerifyMode" => "Request"
},
client => {
- "Protocol" => $protocol
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol
},
test => { "ExpectedResult" => "Success" },
};
@@ -56,12 +60,14 @@ sub generate_tests() {
push @tests, {
name => "client-auth-${protocol_name}-require-fail",
server => {
- "Protocol" => $protocol,
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol,
"VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
"VerifyMode" => "Require",
},
client => {
- "Protocol" => $protocol,
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol
},
test => {
"ExpectedResult" => "ServerFail",
@@ -73,12 +79,14 @@ sub generate_tests() {
push @tests, {
name => "client-auth-${protocol_name}-require",
server => {
- "Protocol" => $protocol,
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol,
"VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
"VerifyMode" => "Request",
},
client => {
- "Protocol" => $protocol,
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol,
"Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
"PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem",
},
@@ -89,11 +97,13 @@ sub generate_tests() {
push @tests, {
name => "client-auth-${protocol_name}-noroot",
server => {
- "Protocol" => $protocol,
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol,
"VerifyMode" => "Require",
},
client => {
- "Protocol" => $protocol,
+ "MinProtocol" => $protocol,
+ "MaxProtocol" => $protocol,
"Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
"PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem",
},
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-05 22:52:43 +0000