diff options
| author | Emilia Kasper <emilia@openssl.org> | 2016-08-09 16:47:26 +0200 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2016-08-10 14:41:21 +0200 |
| commit | da085d273c6f2a82f3e13dc6482e0f00e0daab5b (patch) | |
| tree | 35c35a7e7b3eed72c8e7cd593d6445d2a3c7a8e0 /test/README.ssltest.md | |
| parent | CT: fix documentation (diff) | |
| download | openssl-da085d273c6f2a82f3e13dc6482e0f00e0daab5b.tar.xz openssl-da085d273c6f2a82f3e13dc6482e0f00e0daab5b.zip | |
SSL tests: port CT tests, add a few more
This commit only ports existing tests, and adds some coverage for
resumption. We don't appear to have any handshake tests that cover SCT
validation success, and this commit doesn't change that.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'test/README.ssltest.md')
| -rw-r--r-- | test/README.ssltest.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/test/README.ssltest.md b/test/README.ssltest.md index 53ee0b433c..d6b020d01a 100644 --- a/test/README.ssltest.md +++ b/test/README.ssltest.md @@ -143,6 +143,11 @@ client => { - server2 - the secondary context - invalid - an unknown context +* CTValidation - Certificate Transparency validation strategy. One of + - None - no validation (default) + - Permissive - SSL_CT_VALIDATION_PERMISSIVE + - Strict - SSL_CT_VALIDATION_STRICT + #### Supported server-side options * ServerNameCallback - the SNI switching callback to use @@ -212,6 +217,10 @@ $ TEST_CERTS_DIR=test/certs util/shlib_wrap.sh test/ssl_test \ test/ssl-tests/01-simple.conf ``` +Some tests also need additional environment variables; for example, Certificate +Transparency tests need a `CTLOG_FILE`. See `test/recipes/80-test_ssl_new.t` for +details. + Note that the test expectations sometimes depend on the Configure settings. For example, the negotiated protocol depends on the set of available (enabled) protocols: a build with `enable-ssl3` has different test expectations than a |