17-renegotiate.conf.in
# -*- mode: perl; -*-
# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
## Test Renegotiation
use strict;
use warnings;
package ssltests;
my $dir_sep = $^O ne "VMS" ? "/" : "";
our @tests = (
{
name => "renegotiate-client-no-resume",
server => {
"Options" => "NoResumptionOnRenegotiation"
},
client => {},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateClient",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-client-resume",
server => {},
client => {},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateClient",
"ResumptionExpected" => "Yes",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-server-no-resume",
server => {
"Options" => "NoResumptionOnRenegotiation"
},
client => {},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateServer",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-server-resume",
server => {},
client => {},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateServer",
"ResumptionExpected" => "Yes",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-client-auth-require",
server => {
"Options" => "NoResumptionOnRenegotiation",
"MaxProtocol" => "TLSv1.2",
"VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
"VerifyMode" => "Require",
},
client => {
"Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
"PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem"
},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateServer",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-client-auth-once",
server => {
"Options" => "NoResumptionOnRenegotiation",
"MaxProtocol" => "TLSv1.2",
"VerifyCAFile" => "\${ENV::TEST_CERTS_DIR}${dir_sep}root-cert.pem",
"VerifyMode" => "Once",
},
client => {
"Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-client-chain.pem",
"PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}ee-key.pem"
},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateServer",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-aead-to-non-aead",
server => {
"Options" => "NoResumptionOnRenegotiation",
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "AES128-GCM-SHA256",
extra => {
"RenegotiateCiphers" => "AES128-SHA"
}
},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateClient",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-non-aead-to-aead",
server => {
"Options" => "NoResumptionOnRenegotiation",
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "AES128-SHA",
extra => {
"RenegotiateCiphers" => "AES128-GCM-SHA256"
}
},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateClient",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-non-aead-to-non-aead",
server => {
"Options" => "NoResumptionOnRenegotiation",
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "AES128-SHA",
extra => {
"RenegotiateCiphers" => "AES256-SHA"
}
},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateClient",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
{
name => "renegotiate-aead-to-aead",
server => {
"Options" => "NoResumptionOnRenegotiation",
"MaxProtocol" => "TLSv1.2"
},
client => {
"CipherString" => "AES128-GCM-SHA256",
extra => {
"RenegotiateCiphers" => "AES256-GCM-SHA384"
}
},
test => {
"Method" => "TLS",
"HandshakeMode" => "RenegotiateClient",
"ResumptionExpected" => "No",
"ExpectedResult" => "Success"
}
},
);
