From aa4d426b4d3527d7e166df1a05058c9a4a0f6683 Mon Sep 17 00:00:00 2001
From: Wojtek Kosior <wk@koszkonutek-tmp.pl.eu.org>
Date: Fri, 30 Apr 2021 00:33:56 +0200
Subject: initial/final commit

---
 openssl-1.1.0h/test/ssl-tests/05-sni.conf | 203 ++++++++++++++++++++++++++++++
 1 file changed, 203 insertions(+)
 create mode 100644 openssl-1.1.0h/test/ssl-tests/05-sni.conf

(limited to 'openssl-1.1.0h/test/ssl-tests/05-sni.conf')

diff --git a/openssl-1.1.0h/test/ssl-tests/05-sni.conf b/openssl-1.1.0h/test/ssl-tests/05-sni.conf
new file mode 100644
index 0000000..e1fb3d9
--- /dev/null
+++ b/openssl-1.1.0h/test/ssl-tests/05-sni.conf
@@ -0,0 +1,203 @@
+# Generated with generate_ssl_tests.pl
+
+num_tests = 6
+
+test-0 = 0-SNI-switch-context
+test-1 = 1-SNI-keep-context
+test-2 = 2-SNI-no-server-support
+test-3 = 3-SNI-no-client-support
+test-4 = 4-SNI-bad-sni-ignore-mismatch
+test-5 = 5-SNI-bad-sni-reject-mismatch
+# ===========================================================
+
+[0-SNI-switch-context]
+ssl_conf = 0-SNI-switch-context-ssl
+
+[0-SNI-switch-context-ssl]
+server = 0-SNI-switch-context-server
+client = 0-SNI-switch-context-client
+server2 = 0-SNI-switch-context-server
+
+[0-SNI-switch-context-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[0-SNI-switch-context-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-0]
+ExpectedResult = Success
+ExpectedServerName = server2
+server = 0-SNI-switch-context-server-extra
+server2 = 0-SNI-switch-context-server-extra
+client = 0-SNI-switch-context-client-extra
+
+[0-SNI-switch-context-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[0-SNI-switch-context-client-extra]
+ServerName = server2
+
+
+# ===========================================================
+
+[1-SNI-keep-context]
+ssl_conf = 1-SNI-keep-context-ssl
+
+[1-SNI-keep-context-ssl]
+server = 1-SNI-keep-context-server
+client = 1-SNI-keep-context-client
+server2 = 1-SNI-keep-context-server
+
+[1-SNI-keep-context-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[1-SNI-keep-context-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-1]
+ExpectedResult = Success
+ExpectedServerName = server1
+server = 1-SNI-keep-context-server-extra
+server2 = 1-SNI-keep-context-server-extra
+client = 1-SNI-keep-context-client-extra
+
+[1-SNI-keep-context-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[1-SNI-keep-context-client-extra]
+ServerName = server1
+
+
+# ===========================================================
+
+[2-SNI-no-server-support]
+ssl_conf = 2-SNI-no-server-support-ssl
+
+[2-SNI-no-server-support-ssl]
+server = 2-SNI-no-server-support-server
+client = 2-SNI-no-server-support-client
+
+[2-SNI-no-server-support-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[2-SNI-no-server-support-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-2]
+ExpectedResult = Success
+client = 2-SNI-no-server-support-client-extra
+
+[2-SNI-no-server-support-client-extra]
+ServerName = server1
+
+
+# ===========================================================
+
+[3-SNI-no-client-support]
+ssl_conf = 3-SNI-no-client-support-ssl
+
+[3-SNI-no-client-support-ssl]
+server = 3-SNI-no-client-support-server
+client = 3-SNI-no-client-support-client
+server2 = 3-SNI-no-client-support-server
+
+[3-SNI-no-client-support-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[3-SNI-no-client-support-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-3]
+ExpectedResult = Success
+ExpectedServerName = server1
+server = 3-SNI-no-client-support-server-extra
+server2 = 3-SNI-no-client-support-server-extra
+
+[3-SNI-no-client-support-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+
+# ===========================================================
+
+[4-SNI-bad-sni-ignore-mismatch]
+ssl_conf = 4-SNI-bad-sni-ignore-mismatch-ssl
+
+[4-SNI-bad-sni-ignore-mismatch-ssl]
+server = 4-SNI-bad-sni-ignore-mismatch-server
+client = 4-SNI-bad-sni-ignore-mismatch-client
+server2 = 4-SNI-bad-sni-ignore-mismatch-server
+
+[4-SNI-bad-sni-ignore-mismatch-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[4-SNI-bad-sni-ignore-mismatch-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-4]
+ExpectedResult = Success
+ExpectedServerName = server1
+server = 4-SNI-bad-sni-ignore-mismatch-server-extra
+server2 = 4-SNI-bad-sni-ignore-mismatch-server-extra
+client = 4-SNI-bad-sni-ignore-mismatch-client-extra
+
+[4-SNI-bad-sni-ignore-mismatch-server-extra]
+ServerNameCallback = IgnoreMismatch
+
+[4-SNI-bad-sni-ignore-mismatch-client-extra]
+ServerName = invalid
+
+
+# ===========================================================
+
+[5-SNI-bad-sni-reject-mismatch]
+ssl_conf = 5-SNI-bad-sni-reject-mismatch-ssl
+
+[5-SNI-bad-sni-reject-mismatch-ssl]
+server = 5-SNI-bad-sni-reject-mismatch-server
+client = 5-SNI-bad-sni-reject-mismatch-client
+server2 = 5-SNI-bad-sni-reject-mismatch-server
+
+[5-SNI-bad-sni-reject-mismatch-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[5-SNI-bad-sni-reject-mismatch-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-5]
+ExpectedResult = ServerFail
+ExpectedServerAlert = UnrecognizedName
+server = 5-SNI-bad-sni-reject-mismatch-server-extra
+server2 = 5-SNI-bad-sni-reject-mismatch-server-extra
+client = 5-SNI-bad-sni-reject-mismatch-client-extra
+
+[5-SNI-bad-sni-reject-mismatch-server-extra]
+ServerNameCallback = RejectMismatch
+
+[5-SNI-bad-sni-reject-mismatch-client-extra]
+ServerName = invalid
+
+
-- 
cgit v1.2.3