diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/ssl-tests/04-client_auth.conf | 90 | ||||
-rw-r--r-- | test/ssl-tests/04-client_auth.conf.in | 32 |
2 files changed, 81 insertions, 41 deletions
diff --git a/test/ssl-tests/04-client_auth.conf b/test/ssl-tests/04-client_auth.conf index 02cba53d5a..04bb2345b9 100644 --- a/test/ssl-tests/04-client_auth.conf +++ b/test/ssl-tests/04-client_auth.conf @@ -161,12 +161,14 @@ client = 5-server-auth-TLSv1-client [5-server-auth-TLSv1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1 [5-server-auth-TLSv1-client] CipherString = DEFAULT -Protocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -186,13 +188,15 @@ client = 6-client-auth-TLSv1-request-client [6-client-auth-TLSv1-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1 VerifyMode = Request [6-client-auth-TLSv1-request-client] CipherString = DEFAULT -Protocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -212,14 +216,16 @@ client = 7-client-auth-TLSv1-require-fail-client [7-client-auth-TLSv1-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [7-client-auth-TLSv1-require-fail-client] CipherString = DEFAULT -Protocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -240,16 +246,18 @@ client = 8-client-auth-TLSv1-require-client [8-client-auth-TLSv1-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [8-client-auth-TLSv1-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem -Protocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -269,15 +277,17 @@ client = 9-client-auth-TLSv1-noroot-client [9-client-auth-TLSv1-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1 VerifyMode = Require [9-client-auth-TLSv1-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem -Protocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -298,12 +308,14 @@ client = 10-server-auth-TLSv1.1-client [10-server-auth-TLSv1.1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.1 [10-server-auth-TLSv1.1-client] CipherString = DEFAULT -Protocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -323,13 +335,15 @@ client = 11-client-auth-TLSv1.1-request-client [11-client-auth-TLSv1.1-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.1 VerifyMode = Request [11-client-auth-TLSv1.1-request-client] CipherString = DEFAULT -Protocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -349,14 +363,16 @@ client = 12-client-auth-TLSv1.1-require-fail-client [12-client-auth-TLSv1.1-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [12-client-auth-TLSv1.1-require-fail-client] CipherString = DEFAULT -Protocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -377,16 +393,18 @@ client = 13-client-auth-TLSv1.1-require-client [13-client-auth-TLSv1.1-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [13-client-auth-TLSv1.1-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem -Protocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -406,15 +424,17 @@ client = 14-client-auth-TLSv1.1-noroot-client [14-client-auth-TLSv1.1-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.1 VerifyMode = Require [14-client-auth-TLSv1.1-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem -Protocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -435,12 +455,14 @@ client = 15-server-auth-TLSv1.2-client [15-server-auth-TLSv1.2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.2 [15-server-auth-TLSv1.2-client] CipherString = DEFAULT -Protocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -460,13 +482,15 @@ client = 16-client-auth-TLSv1.2-request-client [16-client-auth-TLSv1.2-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.2 VerifyMode = Request [16-client-auth-TLSv1.2-request-client] CipherString = DEFAULT -Protocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -486,14 +510,16 @@ client = 17-client-auth-TLSv1.2-require-fail-client [17-client-auth-TLSv1.2-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [17-client-auth-TLSv1.2-require-fail-client] CipherString = DEFAULT -Protocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -514,16 +540,18 @@ client = 18-client-auth-TLSv1.2-require-client [18-client-auth-TLSv1.2-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request [18-client-auth-TLSv1.2-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem -Protocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -543,15 +571,17 @@ client = 19-client-auth-TLSv1.2-noroot-client [19-client-auth-TLSv1.2-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -Protocol = TLSv1.2 VerifyMode = Require [19-client-auth-TLSv1.2-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem -Protocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/test/ssl-tests/04-client_auth.conf.in b/test/ssl-tests/04-client_auth.conf.in index 36d13df04d..e1044f9ebc 100644 --- a/test/ssl-tests/04-client_auth.conf.in +++ b/test/ssl-tests/04-client_auth.conf.in @@ -31,10 +31,12 @@ sub generate_tests() { push @tests, { name => "server-auth-${protocol_name}", server => { - "Protocol" => $protocol + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol }, client => { - "Protocol" => $protocol + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol }, test => { "ExpectedResult" => "Success" }, }; @@ -43,11 +45,13 @@ sub generate_tests() { push @tests, { name => "client-auth-${protocol_name}-request", server => { - "Protocol" => $protocol, - "VerifyMode" => "Request", + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "VerifyMode" => "Request" }, client => { - "Protocol" => $protocol + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol }, test => { "ExpectedResult" => "Success" }, }; @@ -56,12 +60,14 @@ sub generate_tests() { push @tests, { name => "client-auth-${protocol_name}-require-fail", server => { - "Protocol" => $protocol, + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem", "VerifyMode" => "Require", }, client => { - "Protocol" => $protocol, + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol }, test => { "ExpectedResult" => "ServerFail", @@ -73,12 +79,14 @@ sub generate_tests() { push @tests, { name => "client-auth-${protocol_name}-require", server => { - "Protocol" => $protocol, + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, "VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem", "VerifyMode" => "Request", }, client => { - "Protocol" => $protocol, + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, "Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem", "PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem", }, @@ -89,11 +97,13 @@ sub generate_tests() { push @tests, { name => "client-auth-${protocol_name}-noroot", server => { - "Protocol" => $protocol, + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, "VerifyMode" => "Require", }, client => { - "Protocol" => $protocol, + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, "Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem", "PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem", }, |