summaryrefslogtreecommitdiffstats
path: root/test/ssl-tests/17-renegotiate.cnf.in
diff options
context:
space:
mode:
Diffstat (limited to 'test/ssl-tests/17-renegotiate.cnf.in')
-rw-r--r--test/ssl-tests/17-renegotiate.cnf.in249
1 files changed, 249 insertions, 0 deletions
diff --git a/test/ssl-tests/17-renegotiate.cnf.in b/test/ssl-tests/17-renegotiate.cnf.in
new file mode 100644
index 0000000000..636f9fb081
--- /dev/null
+++ b/test/ssl-tests/17-renegotiate.cnf.in
@@ -0,0 +1,249 @@
+# -*- mode: perl; -*-
+# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+## Test Renegotiation
+
+use strict;
+use warnings;
+
+package ssltests;
+use OpenSSL::Test::Utils;
+
+our @tests = (
+ {
+ name => "renegotiate-client-no-resume",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {},
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-client-resume",
+ server => {
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {},
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "Yes",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-server-no-resume",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {},
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-server-resume",
+ server => {
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {},
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "Yes",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-client-auth-require",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ "MaxProtocol" => "TLSv1.2",
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Require",
+ },
+ client => {
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-client-auth-once",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ "MaxProtocol" => "TLSv1.2",
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Once",
+ },
+ client => {
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ }
+);
+our @tests_tls1_2 = (
+ {
+ name => "renegotiate-aead-to-non-aead",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ },
+ client => {
+ "CipherString" => "AES128-GCM-SHA256",
+ "MaxProtocol" => "TLSv1.2",
+ extra => {
+ "RenegotiateCiphers" => "AES128-SHA"
+ }
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-non-aead-to-aead",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ },
+ client => {
+ "CipherString" => "AES128-SHA",
+ "MaxProtocol" => "TLSv1.2",
+ extra => {
+ "RenegotiateCiphers" => "AES128-GCM-SHA256"
+ }
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-non-aead-to-non-aead",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ },
+ client => {
+ "CipherString" => "AES128-SHA",
+ "MaxProtocol" => "TLSv1.2",
+ extra => {
+ "RenegotiateCiphers" => "AES256-SHA"
+ }
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "renegotiate-aead-to-aead",
+ server => {
+ "Options" => "NoResumptionOnRenegotiation",
+ },
+ client => {
+ "CipherString" => "AES128-GCM-SHA256",
+ "MaxProtocol" => "TLSv1.2",
+ extra => {
+ "RenegotiateCiphers" => "AES256-GCM-SHA384"
+ }
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "Success"
+ }
+ },
+ {
+ name => "no-renegotiation-server-by-client",
+ server => {
+ "Options" => "NoRenegotiation",
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => { },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "ClientFail"
+ }
+ },
+ {
+ name => "no-renegotiation-server-by-server",
+ server => {
+ "Options" => "NoRenegotiation",
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => { },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "ServerFail"
+ }
+ },
+ {
+ name => "no-renegotiation-client-by-server",
+ server => {
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {
+ "Options" => "NoRenegotiation",
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateServer",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "ServerFail"
+ }
+ },
+ {
+ name => "no-renegotiation-client-by-client",
+ server => {
+ "MaxProtocol" => "TLSv1.2"
+ },
+ client => {
+ "Options" => "NoRenegotiation",
+ },
+ test => {
+ "Method" => "TLS",
+ "HandshakeMode" => "RenegotiateClient",
+ "ResumptionExpected" => "No",
+ "ExpectedResult" => "ClientFail"
+ }
+ }
+);
+
+push @tests, @tests_tls1_2 unless disabled("tls1_2");
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 19:03:15 +0100