1 1.1 christos # -*- mode: perl; -*- 2 1.1 christos # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos # 4 1.1 christos # Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.1 christos # this file except in compliance with the License. You can obtain a copy 6 1.1 christos # in the file LICENSE in the source distribution or at 7 1.1 christos # https://www.openssl.org/source/license.html 8 1.1 christos 9 1.1 christos 10 1.1 christos ## SSL test configurations 11 1.1 christos 12 1.1 christos package ssltests; 13 1.1 christos 14 1.1 christos our @tests = ( 15 1.1 christos 16 1.1 christos # Sanity-check that verification indeed succeeds without the 17 1.1 christos # restrictive callback. 18 1.1 christos { 19 1.1 christos name => "verify-success", 20 1.1 christos server => { }, 21 1.1 christos client => { }, 22 1.1 christos test => { "ExpectedResult" => "Success" }, 23 1.1 christos }, 24 1.1 christos 25 1.1 christos # Same test as above but with a custom callback that always fails. 26 1.1 christos { 27 1.1 christos name => "verify-custom-reject", 28 1.1 christos server => { }, 29 1.1 christos client => { 30 1.1 christos extra => { 31 1.1 christos "VerifyCallback" => "RejectAll", 32 1.1 christos }, 33 1.1 christos }, 34 1.1 christos test => { 35 1.1 christos "ExpectedResult" => "ClientFail", 36 1.1 christos "ExpectedClientAlert" => "HandshakeFailure", 37 1.1 christos }, 38 1.1 christos }, 39 1.1 christos 40 1.1 christos # Same test as above but with a custom callback that always succeeds. 41 1.1 christos { 42 1.1 christos name => "verify-custom-allow", 43 1.1 christos server => { }, 44 1.1 christos client => { 45 1.1 christos extra => { 46 1.1 christos "VerifyCallback" => "AcceptAll", 47 1.1 christos }, 48 1.1 christos }, 49 1.1 christos test => { 50 1.1 christos "ExpectedResult" => "Success", 51 1.1 christos }, 52 1.1 christos }, 53 1.1 christos 54 1.1 christos # Same test as above but with a custom callback that requests retry once. 55 1.1 christos { 56 1.1 christos name => "verify-custom-retry", 57 1.1 christos server => { }, 58 1.1 christos client => { 59 1.1 christos extra => { 60 1.1 christos "VerifyCallback" => "RetryOnce", 61 1.1 christos }, 62 1.1 christos }, 63 1.1 christos test => { 64 1.1 christos "ExpectedResult" => "Success", 65 1.1 christos }, 66 1.1 christos }, 67 1.1 christos 68 1.1 christos # Sanity-check that verification indeed succeeds if peer verification 69 1.1 christos # is not requested. 70 1.1 christos { 71 1.1 christos name => "noverify-success", 72 1.1 christos server => { }, 73 1.1 christos client => { 74 1.1 christos "VerifyMode" => undef, 75 1.1 christos "VerifyCAFile" => undef, 76 1.1 christos }, 77 1.1 christos test => { "ExpectedResult" => "Success" }, 78 1.1 christos }, 79 1.1 christos 80 1.1 christos # Same test as above but with a custom callback that always fails. 81 1.1 christos # The callback return has no impact on handshake success in this mode. 82 1.1 christos { 83 1.1 christos name => "noverify-ignore-custom-reject", 84 1.1 christos server => { }, 85 1.1 christos client => { 86 1.1 christos "VerifyMode" => undef, 87 1.1 christos "VerifyCAFile" => undef, 88 1.1 christos extra => { 89 1.1 christos "VerifyCallback" => "RejectAll", 90 1.1 christos }, 91 1.1 christos }, 92 1.1 christos test => { 93 1.1 christos "ExpectedResult" => "Success", 94 1.1 christos }, 95 1.1 christos }, 96 1.1 christos 97 1.1 christos # Same test as above but with a custom callback that always succeeds. 98 1.1 christos # The callback return has no impact on handshake success in this mode. 99 1.1 christos { 100 1.1 christos name => "noverify-accept-custom-allow", 101 1.1 christos server => { }, 102 1.1 christos client => { 103 1.1 christos "VerifyMode" => undef, 104 1.1 christos "VerifyCAFile" => undef, 105 1.1 christos extra => { 106 1.1 christos "VerifyCallback" => "AcceptAll", 107 1.1 christos }, 108 1.1 christos }, 109 1.1 christos test => { 110 1.1 christos "ExpectedResult" => "Success", 111 1.1 christos }, 112 1.1 christos }, 113 1.1 christos 114 1.1 christos # Sanity-check that verification indeed fails without the 115 1.1 christos # permissive callback. 116 1.1 christos { 117 1.1 christos name => "verify-fail-no-root", 118 1.1 christos server => { }, 119 1.1 christos client => { 120 1.1 christos # Don't set up the client root file. 121 1.1 christos "VerifyCAFile" => undef, 122 1.1 christos }, 123 1.1 christos test => { 124 1.1 christos "ExpectedResult" => "ClientFail", 125 1.1 christos "ExpectedClientAlert" => "UnknownCA", 126 1.1 christos }, 127 1.1 christos }, 128 1.1 christos 129 1.1 christos # Same test as above but with a custom callback that always succeeds. 130 1.1 christos { 131 1.1 christos name => "verify-custom-success-no-root", 132 1.1 christos server => { }, 133 1.1 christos client => { 134 1.1 christos "VerifyCAFile" => undef, 135 1.1 christos extra => { 136 1.1 christos "VerifyCallback" => "AcceptAll", 137 1.1 christos }, 138 1.1 christos }, 139 1.1 christos test => { 140 1.1 christos "ExpectedResult" => "Success" 141 1.1 christos }, 142 1.1 christos }, 143 1.1 christos 144 1.1 christos # Same test as above but with a custom callback that always fails. 145 1.1 christos { 146 1.1 christos name => "verify-custom-fail-no-root", 147 1.1 christos server => { }, 148 1.1 christos client => { 149 1.1 christos "VerifyCAFile" => undef, 150 1.1 christos extra => { 151 1.1 christos "VerifyCallback" => "RejectAll", 152 1.1 christos }, 153 1.1 christos }, 154 1.1 christos test => { 155 1.1 christos "ExpectedResult" => "ClientFail", 156 1.1 christos "ExpectedClientAlert" => "HandshakeFailure", 157 1.1 christos }, 158 1.1 christos }, 159 1.1 christos ); 160
Indexes created Sat Feb 28 05:31:39 UTC 2026