diff options
| author | Emilia Kasper <emilia@openssl.org> | 2016-06-20 17:20:25 +0200 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2016-06-28 17:26:24 +0200 |
| commit | d2b23cd2b077de8507c49f632e20dfcdb653a35b (patch) | |
| tree | 3a8a980e199c680d7e296468439c6f53d05fa1a0 /test/README.ssltest.md | |
| parent | base64 macro: parenthesize for clarity (diff) | |
| download | openssl-d2b23cd2b077de8507c49f632e20dfcdb653a35b.tar.xz openssl-d2b23cd2b077de8507c49f632e20dfcdb653a35b.zip | |
SSL test framework: port SNI tests
Observe that the old tests were partly ill-defined:
setting sn_server1 but not sn_server2 in ssltest_old.c does not enable
the SNI callback.
Fix this, and also explicitly test both flavours of SNI mismatch (ignore
/ fatal alert). Tests still pass.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/README.ssltest.md')
| -rw-r--r-- | test/README.ssltest.md | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/test/README.ssltest.md b/test/README.ssltest.md index 5797cf6c7d..ea90efcfdc 100644 --- a/test/README.ssltest.md +++ b/test/README.ssltest.md @@ -61,6 +61,7 @@ The test section supports the following options: * ClientVerifyCallback - the client's custom certificate verify callback. Used to test callback behaviour. One of + - None - no custom callback (default) - AcceptAll - accepts all certificates. - RejectAll - rejects all certificates. @@ -70,6 +71,12 @@ The test section supports the following options: - None - do not use SNI (default) - server1 - the initial context - server2 - the secondary context + - invalid - an unknown context + +* ServerNameCallback - the SNI switching callback to use + - None - no callback (default) + - IgnoreMismatch - continue the handshake on SNI mismatch + - RejectMismatch - abort the handshake on SNI mismatch * SessionTicketExpected - whether or not a session ticket is expected - Ignore - do not check for a session ticket (default) |