swh:1:snp:dc2a5002442a00b1c0eda7c65d04ea7455e166cd
Tip revision: 7ea5bd2b52d0e81eaef3d109b3b12545306f201c authored by Matt Caswell on 10 September 2019, 13:16:54 UTC
Prepare for 1.1.0l release
Prepare for 1.1.0l release
Tip revision: 7ea5bd2
03-custom_verify.conf.in
# -*- mode: perl; -*-
# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
## SSL test configurations
package ssltests;
our @tests = (
# Sanity-check that verification indeed succeeds without the
# restrictive callback.
{
name => "verify-success",
server => { },
client => { },
test => { "ExpectedResult" => "Success" },
},
# Same test as above but with a custom callback that always fails.
{
name => "verify-custom-reject",
server => { },
client => {
extra => {
"VerifyCallback" => "RejectAll",
},
},
test => {
"ExpectedResult" => "ClientFail",
"ExpectedClientAlert" => "HandshakeFailure",
},
},
# Same test as above but with a custom callback that always succeeds.
{
name => "verify-custom-allow",
server => { },
client => {
extra => {
"VerifyCallback" => "AcceptAll",
},
},
test => {
"ExpectedResult" => "Success",
},
},
# Sanity-check that verification indeed succeeds if peer verification
# is not requested.
{
name => "noverify-success",
server => { },
client => {
"VerifyMode" => undef,
"VerifyCAFile" => undef,
},
test => { "ExpectedResult" => "Success" },
},
# Same test as above but with a custom callback that always fails.
# The callback return has no impact on handshake success in this mode.
{
name => "noverify-ignore-custom-reject",
server => { },
client => {
"VerifyMode" => undef,
"VerifyCAFile" => undef,
extra => {
"VerifyCallback" => "RejectAll",
},
},
test => {
"ExpectedResult" => "Success",
},
},
# Same test as above but with a custom callback that always succeeds.
# The callback return has no impact on handshake success in this mode.
{
name => "noverify-accept-custom-allow",
server => { },
client => {
"VerifyMode" => undef,
"VerifyCAFile" => undef,
extra => {
"VerifyCallback" => "AcceptAll",
},
},
test => {
"ExpectedResult" => "Success",
},
},
# Sanity-check that verification indeed fails without the
# permissive callback.
{
name => "verify-fail-no-root",
server => { },
client => {
# Don't set up the client root file.
"VerifyCAFile" => undef,
},
test => {
"ExpectedResult" => "ClientFail",
"ExpectedClientAlert" => "UnknownCA",
},
},
# Same test as above but with a custom callback that always succeeds.
{
name => "verify-custom-success-no-root",
server => { },
client => {
"VerifyCAFile" => undef,
extra => {
"VerifyCallback" => "AcceptAll",
},
},
test => {
"ExpectedResult" => "Success"
},
},
# Same test as above but with a custom callback that always fails.
{
name => "verify-custom-fail-no-root",
server => { },
client => {
"VerifyCAFile" => undef,
extra => {
"VerifyCallback" => "RejectAll",
},
},
test => {
"ExpectedResult" => "ClientFail",
"ExpectedClientAlert" => "HandshakeFailure",
},
},
);
